Prosím o kontrolu logu

[ivomatej]

Dobrý den,

AVG mi nahlásilo vir, pomocí programu jsem ho mazal, ale soubor se i se složkou znovu sám vytvoří tady - C:\ProgramData\EutgUdko\BigavWumta.ssk

níže je log, prosím o jeho kontrolu. Velice děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by MS (administrator) on MARTIN on 18-06-2015 16:28:40
Running from C:\Users\MS\Desktop
Loaded Profiles: Prodejna & MartinS & MS & Administrator (Available Profiles: Prodejna & MartinS & MS & Administrator)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\MS\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2510784 2015-05-14] ()
HKLM\...\Run: [SoundMan] => C:\Windows\SOUNDMAN.EXE [604704 2009-03-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2013\avgui.exe [4411952 2014-11-04] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-562732343-2827483506-1812098311-1006\...\Run: [EutgUdko] => regsvr32.exe "C:\ProgramData\EutgUdko\BigavWumta.ssk"
Startup: C:\Users\MartinS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\MS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Prodejna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-01-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\MS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-562732343-2827483506-1812098311-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com?cid={5E457132-FC ... 2011-09-05 10:01:37&v=18.3.0.885&pid=avg&sg=0&sap=hp
SearchScopes: HKU\S-1-5-21-562732343-2827483506-1812098311-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2015-01-07] (Oracle Corporation)
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-14] (AVG Secure Search)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-07] (Oracle Corporation)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-14] (AVG Secure Search)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll [2015-05-14] (AVG Secure Search)
Tcpip\..\Interfaces\{4B43AB45-AC9D-463B-916E-FA0714E4CF1F}: [NameServer] 10.0.0.138,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\MS\AppData\Roaming\Mozilla\Firefox\Profiles\bm8y8f39.default
FF DefaultSearchEngine: Ask Search
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask Search
FF Homepage: hxxp://www.search.ask.com/?tpid=ORJ-ST-SPE&o=A ... psv=&pt=tb
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-10] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-07] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\MS\AppData\Roaming\Mozilla\Firefox\Profiles\bm8y8f39.default\searchplugins\askcom.xml [2013-02-12]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-05-14]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2014-01-28]
FF Extension: AVG Security Toolbar - C:\Users\MS\AppData\Roaming\Mozilla\Firefox\Profiles\bm8y8f39.default\Extensions\avg@toolbar [2014-11-24]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.5.0.909
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.5.0.909 [2015-05-14]

Chrome:
=======
CHR Profile: C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-27]
CHR Extension: (Google Docs) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-27]
CHR Extension: (Google Drive) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-27]
CHR Extension: (YouTube) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-27]
CHR Extension: (Google Search) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-27]
CHR Extension: (Google Sheets) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-27]
CHR Extension: (AVG Security Toolbar) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-04-27]
CHR Extension: (Google Wallet) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-27]
CHR Extension: (Gmail) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-27]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-28]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4942384 2014-10-17] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2012-02-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2012-02-08] (Hewlett-Packard) [File not signed]
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
R2 vToolbarUpdater18.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-14] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172064 2009-03-10] (Realtek Semiconductor Corp.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [172856 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182584 2014-10-17] (AVG Technologies CZ, s.r.o.)
R3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [99840 2014-03-14] (Gemalto)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [140800 2014-09-03] (Prolific Technology Inc.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-18 16:28 - 2015-06-18 16:29 - 00013505 _____ C:\Users\MS\Desktop\FRST.txt
2015-06-18 16:28 - 2015-06-18 16:28 - 00000000 ____D C:\FRST
2015-06-18 16:27 - 2015-06-18 16:27 - 00112640 _____ (forum.viry.cz) C:\Users\MS\Desktop\FRSTLauncher.exe
2015-06-18 16:26 - 2015-06-18 16:26 - 00112640 _____ (forum.viry.cz) C:\Users\MS\Downloads\Nepotvrzeno 869253.crdownload
2015-06-18 16:25 - 2015-06-18 16:25 - 01148416 _____ (Farbar) C:\Users\MS\Desktop\FRST.exe
2015-06-18 16:23 - 2015-06-18 16:23 - 00112107 _____ (forum.viry.cz) C:\Users\MS\Downloads\Nepotvrzeno 82593.crdownload
2015-06-17 09:13 - 2015-06-17 09:13 - 00005433 _____ C:\Users\MS\Downloads\BB146329_35041291_20150617_091252.zip
2015-06-16 10:06 - 2015-06-18 09:59 - 00000000 ____D C:\ProgramData\EutgUdko
2015-06-16 09:34 - 2015-06-16 09:35 - 00000000 ____D C:\Users\MS\AppData\Local\GWX
2015-06-10 00:58 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 00:58 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 00:58 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 00:58 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 00:58 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 00:58 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 00:58 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 00:58 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 00:58 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 00:58 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 00:58 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 00:58 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 00:58 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 00:58 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 00:58 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 00:58 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 00:58 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 00:58 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 00:58 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 00:58 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 00:58 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 00:58 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 00:58 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 00:58 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 00:58 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 00:58 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 00:58 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 00:58 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 00:58 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 00:58 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 00:58 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 00:58 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 00:58 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 00:58 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 00:58 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 00:58 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 00:58 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 00:58 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 00:58 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 00:58 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 00:58 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 00:58 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 00:58 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 00:58 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 00:58 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 00:58 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 00:58 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 00:57 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 00:57 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 00:57 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 00:57 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 00:57 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 00:57 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 00:57 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 00:57 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 00:57 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 00:57 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 00:57 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 00:57 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 00:57 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 00:57 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 00:57 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 00:57 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 00:57 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-04 10:05 - 2015-06-04 10:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-06-04 10:05 - 2015-06-04 10:05 - 00002017 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-06-02 15:05 - 2015-06-17 08:49 - 00000560 _____ C:\Windows\setupact.log
2015-06-02 15:05 - 2015-06-04 10:07 - 00002282 _____ C:\Windows\PFRO.log
2015-06-02 15:05 - 2015-06-02 15:05 - 00000000 _____ C:\Windows\setuperr.log
2015-06-02 10:50 - 2015-06-02 10:50 - 00003619 _____ C:\Users\MS\Downloads\BB146329_35041291_20150602_105000.zip
2015-05-28 15:18 - 2015-06-16 10:05 - 00000000 ____D C:\ProgramData\EutgUdko2
2015-05-27 11:10 - 2015-05-27 11:10 - 00005069 _____ C:\Users\MS\Downloads\BB146329_35041291_20150527_110905.zip
2015-05-27 10:39 - 2015-05-27 10:39 - 00090112 _____ C:\Users\MS\Desktop\Objednávka Uhl SF 27.5..xls
2015-05-22 11:16 - 2015-05-22 12:32 - 1282618208 _____ C:\Users\MS\Downloads\Novinky--Babovřesky-3-CZ-dabing.avi
2015-05-20 08:48 - 2015-05-20 08:48 - 00090112 _____ C:\Users\MS\Desktop\Objednávka Uhl SF 20.5..xls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-18 16:26 - 2011-06-20 14:33 - 01592443 _____ C:\Windows\WindowsUpdate.log
2015-06-18 16:15 - 2012-12-03 11:39 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-18 15:58 - 2014-11-24 12:02 - 00193354 _____ C:\Users\MS\Desktop\naklady a prijmy SF2.xlsx
2015-06-18 15:46 - 2013-03-04 09:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-18 15:39 - 2014-12-30 09:35 - 00002450 _____ C:\Users\Public\Desktop\Ekonomický systém POHODA SQL 2015 (síťový klient) Standard.lnk
2015-06-18 14:49 - 2014-11-24 12:02 - 00000000 ____D C:\Users\MS\Desktop\Reklamace
2015-06-18 14:06 - 2013-03-25 15:25 - 00000000 ____D C:\Program Files\Intime
2015-06-18 09:40 - 2011-09-05 09:56 - 00000000 ____D C:\ProgramData\MFAData
2015-06-18 09:11 - 2009-07-14 06:34 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-18 09:11 - 2009-07-14 06:34 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-18 00:15 - 2012-12-03 11:39 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-17 08:50 - 2013-06-04 10:00 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-06-17 08:50 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-16 13:00 - 2014-11-24 12:04 - 00002292 ____H C:\Users\MS\Documents\Default.rdp
2015-06-11 11:56 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-10 11:46 - 2012-08-27 08:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-10 11:46 - 2011-06-20 15:45 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-10 04:14 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-06-10 03:42 - 2000-03-15 05:32 - 01593078 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-10 03:36 - 2009-07-14 06:33 - 01698784 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 03:34 - 2014-12-10 04:25 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 03:34 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 03:17 - 2000-03-15 05:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 03:13 - 2013-07-18 03:05 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 03:13 - 2009-07-14 04:04 - 00000478 _____ C:\Windows\win.ini
2015-06-10 03:01 - 2011-06-21 03:01 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-08 12:59 - 2015-04-27 09:39 - 00000000 ____D C:\Users\MS\AppData\Roaming\Adobe
2015-06-04 12:10 - 2015-04-27 09:45 - 00000000 ____D C:\Users\MS\AppData\Local\Adobe
2015-06-04 10:05 - 2000-03-15 05:51 - 00000000 ____D C:\Program Files\Adobe
2015-06-04 10:05 - 2000-03-15 05:50 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-06-04 10:04 - 2000-03-15 05:53 - 00000000 ____D C:\ProgramData\Adobe
2015-06-02 15:55 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-06-02 13:46 - 2012-10-16 11:13 - 00008196 ____H C:\Users\Public\.DS_Store
2015-06-02 13:45 - 2012-10-16 11:13 - 00008196 ____H C:\Users\Public\Documents\.DS_Store
2015-06-01 14:32 - 2014-11-24 12:02 - 00000000 ____D C:\Users\MS\Desktop\Reklamacni vyjadreni
2015-05-21 03:00 - 2015-04-05 03:01 - 00000000 ___SD C:\Windows\system32\GWX

==================== Files in the root of some directories =======

2013-05-21 10:37 - 2014-06-23 11:36 - 0003728 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2014-11-24 12:01 - 2011-06-20 15:31 - 0003073 _____ () C:\Users\MS\AppData\Roaming\DownloadManagerFiles.xml
2014-11-24 12:01 - 2015-04-27 08:59 - 0009320 _____ () C:\Users\MS\AppData\Roaming\Hodnoty oddělené čárkami (DOS).EML
2014-06-05 12:35 - 2014-06-05 12:35 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\MartinS\AppData\Local\Temp\APNSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{C6A20F44-784F-496C-A3D2-F1249A6C9788}.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\Users\MS\AppData\Roaming\Hodnoty oddělené čárkami (DOS).EML:OECustomProperty
AlternateDataStreams: C:\Users\Prodejna\AppData\Roaming\Hodnoty oddělené čárkami (DOS).EML:OECustomProperty
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0079.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0079.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0081.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0081.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0083.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0083.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0084.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0084.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0087.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0087.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0088.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0088.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0104 copy.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0104 copy.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\Umbro PNG:AFP_AfpInfo

==================== Security Center ==================

AV: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\MS\Desktop" je 668 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[ivomatej]

děkuji, soubor scanuji

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by MS at 2015-06-18 16:29:44
Running from C:\Users\MS\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-562732343-2827483506-1812098311-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-562732343-2827483506-1812098311-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-562732343-2827483506-1812098311-1002 - Limited - Enabled)
MartinS (S-1-5-21-562732343-2827483506-1812098311-1005 - Administrator - Enabled) => C:\Users\TEMP.MARTIN
MS (S-1-5-21-562732343-2827483506-1812098311-1006 - Administrator - Enabled) => C:\Users\MS
Prodejna (S-1-5-21-562732343-2827483506-1812098311-1000 - Administrator - Enabled) => C:\Users\TEMP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 13.1.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Ask Toolbar Updater (HKU\.DEFAULT\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.36191 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKU\S-1-5-21-562732343-2827483506-1812098311-1005\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.36191 - Ask.com) <==== ATTENTION
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3495 - AVG Technologies CZ, s.r.o.)
AVG 2013 (Version: 13.0.3495 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2013 (Version: 13.0.4365 - AVG Technologies CZ, s.r.o.) Hidden
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.5.0.909 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.0.588 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 15.1.588 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - CZ (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.1.0.588 - Corel Corporation)
Crypta v1.3 (HKLM\...\Crypta v1.3) (Version: - )
ČSOB BusinessBanking 24 (HKLM\...\{16BEE578-3396-416E-B9D9-ADF118EA3D70}) (Version: - )
GemPcCCID (HKLM\...\{8BD3AFAF-636E-4516-A7E8-D57CCDBE28B8}) (Version: 2.0.3 - Gemalto)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
I.CA SecureStore 2.29.4 (HKLM\...\{313FF7F5-9193-4C71-A874-75B1A7673E69}) (Version: 2.29.4 - První certifikační autorita, a.s.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox 27.0 (x86 cs) (HKLM\...\Mozilla Firefox 27.0 (x86 cs)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySql Connector (HKLM\...\{CA26F9B1-B924-44DD-AB79-A52007EEDD35}) (Version: 6.2.4 - My Sql)
Razer DeathAdder(TM) Mouse (HKLM\...\{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}) (Version: 3.02 - Razer USA Ltd.)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.37 - Realtek Semiconductor Corp.)
SopCast 3.8.2 (HKLM\...\SopCast) (Version: 3.8.2 - www.sopcast.com)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA SQL Klient CZ Standard (HKLM\...\{C9C1962B-8535-463D-8A1A-A615EAF716D7}) (Version: 10900.79 - STORMWARE)
StreamTorrent 1.0 (HKLM\...\StreamTorrent 1.0) (Version: - )
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
TightVNC 2.0.4 (HKLM\...\TightVNC) (Version: 2.0.4 - GlavSoft LLC.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WGuardBDE (HKLM\...\{D378E8FB-A4D4-46B6-AD3F-ED046B90CFA0}) (Version: 1.00.0000 - Grandtec)
WinRAR 4.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Základní software zařízení HP Photosmart 5510d series (HKLM\...\{065B379D-4BEC-46C8-AB23-E145FCF6B612}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

03-06-2015 03:00:12 Windows Update
03-06-2015 14:45:25 Removed Adobe Reader XI - Czech.
10-06-2015 03:00:35 Windows Update
17-06-2015 17:20:46 Naplánovaný kontrolní bod

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2012-08-27 10:28 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0902230F-2B6A-4A3E-98BE-501EED7435E3} - System32\Tasks\{C4174407-5D80-4CBE-A7AE-E11CEB6229BF} => pcalua.exe -a C:\Users\Prodejna\Desktop\install_icq7.exe -d C:\Users\Prodejna\Desktop
Task: {28F99351-391C-45B8-92F1-E2D48B5057DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {44C02F5C-A45E-4212-B2AB-051E2D49B5CC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {4B1BCBE8-3DA6-4088-83DC-E8394B12A185} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {4BE399A4-8B00-41F4-8CCE-0ACAB0199C36} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {54256236-23A8-4EE5-A754-05773F4C3A2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10] (Adobe Systems Incorporated)
Task: {68AD98E6-ACB9-4491-8F3F-8B47ED26C377} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {68B555A4-B1EE-4763-ACB6-EC339BCB2CE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-03] (Google Inc.)
Task: {7A0613B2-61AE-4756-8B5D-B1A4664355C2} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {7C8FDC34-F6B2-473D-9C0B-DD526BBFACC7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {80B1604E-E34A-483E-97FA-1F512519D7CD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {A213D7DA-1A39-4422-8C0D-6AE2A7479FDB} - System32\Tasks\{07E21788-2279-4231-A32A-E3E849C39A7C} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {B68FCBC0-E52A-4F8B-84C3-CDD254ECECD6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-03] (Google Inc.)
Task: {F15A4831-8A7D-40B2-AD68-40AE989FA2F7} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{C6A20F44-784F-496C-A3D2-F1249A6C9788}.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{C6A20F44-784F-496C-A3D2-F1249A6C9788}.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-10-09 12:41 - 2013-10-09 12:41 - 00163840 _____ () C:\Windows\system32\SecureStoreCsp.dll
2013-10-12 12:42 - 2013-10-12 12:42 - 00496640 _____ () C:\Windows\system32\SecureStoreCore.dll
2013-10-09 12:42 - 2013-10-09 12:42 - 00193536 _____ () C:\Windows\system32\SecureStoreCspRes.dll
2013-05-02 14:11 - 2012-09-18 15:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll
2013-05-02 14:16 - 2012-09-18 15:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2015-05-14 13:56 - 2015-05-14 13:55 - 00166848 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
2015-05-14 13:56 - 2015-05-14 13:55 - 00526784 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\log4cplusU.dll
2011-06-20 15:55 - 2011-03-02 12:40 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2011-09-05 10:01 - 2015-05-14 13:55 - 02510784 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2015-04-27 10:39 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\MS\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-04-27 10:39 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\MS\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-04-27 15:40 - 2014-01-28 08:54 - 03583600 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\MS\AppData\Roaming\Hodnoty oddělené čárkami (DOS).EML:OECustomProperty
AlternateDataStreams: C:\Users\Prodejna\AppData\Roaming\Hodnoty oddělené čárkami (DOS).EML:OECustomProperty
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0079.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0079.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0081.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0081.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0083.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0083.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0084.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0084.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0087.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0087.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0088.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0088.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0104 copy.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0104 copy.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\Umbro PNG:AFP_AfpInfo

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-562732343-2827483506-1812098311-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-562732343-2827483506-1812098311-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\MS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-562732343-2827483506-1812098311-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138 - 8.8.8.8

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{76CFBBEF-3A6E-4370-AB85-1586C2B2ABB2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{31316E87-2442-4BBD-97DE-58629A12F05F}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{69826512-1CFF-4296-ADF3-6D86941BE1C0}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{DE9555D0-9921-4918-9D94-673E702BB350}] => (Allow) C:\Program Files\TightVNC\vncviewer.exe
FirewallRules: [{98615506-0131-4BC7-9703-8876969BCBE8}] => (Allow) C:\Program Files\TightVNC\vncviewer.exe
FirewallRules: [TCP Query User{7BAF57E3-3A60-466A-BD60-DE456CD024E3}C:\program files\icq7.7\icq.exe] => (Allow) C:\program files\icq7.7\icq.exe
FirewallRules: [UDP Query User{60F23AA3-6185-475F-9251-151810E63EBE}C:\program files\icq7.7\icq.exe] => (Allow) C:\program files\icq7.7\icq.exe
FirewallRules: [{F7E6886B-FACD-4D35-B458-DD57E1CCD3A4}] => (Allow) C:\Users\Prodejna\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7A8826DB-5152-4FED-9F9A-05FDA358BA67}] => (Allow) C:\Users\Prodejna\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0B7AEE2D-51CA-4507-AECA-1827FB812970}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{C3FFDEB6-52C5-4312-8A73-F253B8990B49}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [{3CB97DA1-772A-4764-855E-A7616204C8EF}] => (Block) C:\program files\sopcast\sopcast.exe
FirewallRules: [{76DDBD00-ACB8-47F6-AEB5-43F121AE75E5}] => (Block) C:\program files\sopcast\sopcast.exe
FirewallRules: [{DB35AE26-984B-459D-88C5-CAD2B718B951}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{E253BA15-1458-47F0-BC4C-6E6175DDE4F4}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [TCP Query User{568C6AD0-DA27-4434-8868-5ECECBC0D6A8}C:\users\prodejna\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\prodejna\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{50984ED6-1640-44F9-9F4E-65BFAEA3FD15}C:\users\prodejna\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\prodejna\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{CF94790A-372E-4AA2-8F33-DEFDC6AE76BF}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\DeviceSetup.exe
FirewallRules: [{D07B8D2D-633E-46E7-B6D9-6B20F7C8BAAC}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{F8963B76-D06C-4A8E-BB81-AF8DFEC02AD8}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{71E08FFF-880D-4118-B604-61C03A302BC8}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{C91347C8-F55F-48FB-8824-CEC8DD208579}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{10B1B809-42D9-4358-AB28-F81E4E7C22C3}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{6487C91E-24E3-4B5C-A487-577797D09BE5}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{2B8A5262-F696-4008-AB29-F041BA948722}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{1E2460BB-A44B-4526-B628-70C7D61443AB}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{F5C4613C-C3E7-4981-9C29-5CF4035D6278}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C16B813A-0A63-44D9-AB92-391A8E7B29DB}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C9CEB956-2C61-48F1-9B81-B8FAEC286E86}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Myš kompatibilní s portem PS/2
Description: Myš kompatibilní s portem PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/18/2015 03:16:41 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:53:00 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:48:39 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:48:33 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:48:27 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:48:21 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:48:16 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:48:09 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 01:24:29 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 01:23:51 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:


System errors:
=============
Error: (06/17/2015 08:51:14 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (06/17/2015 08:51:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)

Error: (06/16/2015 09:37:13 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Search přestala během spouštění reagovat.

Error: (06/16/2015 09:34:58 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {DD522ACC-F821-461A-A407-50B198B896DC}

Error: (06/16/2015 09:32:22 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (06/16/2015 09:32:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)

Error: (06/16/2015 09:31:12 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
%%5

Error: (06/15/2015 08:48:02 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (06/15/2015 08:47:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)

Error: (06/12/2015 05:11:22 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
%%5


Microsoft Office:
=========================

[ivomatej]

https://www.virustotal.com/cs/file/05b2 ... 434638750/

[ivomatej]

http://uloz.to/xGXCbSuS/eutgudko-zip

fixlog:

Fix result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by MS at 2015-06-19 09:05:25 Run:1
Running from C:\Users\MS\Desktop
Loaded Profiles: Prodejna & MartinS & MS & Administrator (Available Profiles: Prodejna & MartinS & MS & Administrator)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-562732343-2827483506-1812098311-1006\...\Run: [EutgUdko] => regsvr32.exe "C:\ProgramData\EutgUdko\BigavWumta.ssk"
C:\ProgramData\EutgUdko

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-562732343-2827483506-1812098311-1006\Software\Microsoft\Windows\CurrentVersion\Run\\EutgUdko => value removed successfully.
C:\ProgramData\EutgUdko => moved successfully.
EmptyTemp: => 1.3 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 09:10:38 ====


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by MS (administrator) on MARTIN on 19-06-2015 09:14:27
Running from C:\Users\MS\Desktop
Loaded Profiles: Prodejna & MartinS & MS & Administrator (Available Profiles: Prodejna & MartinS & MS & Administrator)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Realtek Semiconductor Corp.) C:\Windows\SOUNDMAN.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2510784 2015-05-14] ()
HKLM\...\Run: [SoundMan] => C:\Windows\SOUNDMAN.EXE [604704 2009-03-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2013\avgui.exe [4411952 2014-11-04] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-562732343-2827483506-1812098311-1006\...\Run: [EutgUdko] => regsvr32.exe "C:\ProgramData\EutgUdko\BigavWumta.ssk"
Startup: C:\Users\MartinS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-24]
ShortcutTarget: Dropbox.lnk -> C:\Users\MS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Prodejna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-01-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\MS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-562732343-2827483506-1812098311-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com?cid={5E457132-FC ... 2011-09-05 10:01:37&v=18.3.0.885&pid=avg&sg=0&sap=hp
SearchScopes: HKU\S-1-5-21-562732343-2827483506-1812098311-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2015-01-07] (Oracle Corporation)
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-14] (AVG Secure Search)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2015-01-07] (Oracle Corporation)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll [2015-05-14] (AVG Secure Search)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll [2015-05-14] (AVG Secure Search)
Tcpip\..\Interfaces\{4B43AB45-AC9D-463B-916E-FA0714E4CF1F}: [NameServer] 10.0.0.138,8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\MS\AppData\Roaming\Mozilla\Firefox\Profiles\bm8y8f39.default
FF DefaultSearchEngine: Ask Search
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask Search
FF Homepage: about:home
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-10] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2015-01-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2015-01-07] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\MS\AppData\Roaming\Mozilla\Firefox\Profiles\bm8y8f39.default\searchplugins\askcom.xml [2013-02-12]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-05-14]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml [2014-01-28]
FF Extension: AVG Security Toolbar - C:\Users\MS\AppData\Roaming\Mozilla\Firefox\Profiles\bm8y8f39.default\Extensions\avg@toolbar [2014-11-24]
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.5.0.909
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.5.0.909 [2015-05-14]

Chrome:
=======
CHR Profile: C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-27]
CHR Extension: (Google Docs) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-27]
CHR Extension: (Google Drive) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-27]
CHR Extension: (YouTube) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-27]
CHR Extension: (Google Search) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-27]
CHR Extension: (Google Sheets) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-27]
CHR Extension: (AVG Security Toolbar) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-04-27]
CHR Extension: (Google Wallet) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-27]
CHR Extension: (Gmail) - C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-27]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-28]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4942384 2014-10-17] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [45568 2012-02-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [55808 2012-02-08] (Hewlett-Packard) [File not signed]
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [828944 2011-08-03] (GlavSoft LLC.)
R2 vToolbarUpdater18.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-14] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ALCXWDM; C:\Windows\System32\drivers\RTKVAC.SYS [4172064 2009-03-10] (Realtek Semiconductor Corp.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [172856 2014-11-04] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [182584 2014-10-17] (AVG Technologies CZ, s.r.o.)
R3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [99840 2014-03-14] (Gemalto)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 Ser2plx86; C:\Windows\System32\DRIVERS\ser2pl.sys [140800 2014-09-03] (Prolific Technology Inc.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-19 09:14 - 2015-06-19 09:17 - 00013233 _____ C:\Users\MS\Desktop\FRST.txt
2015-06-19 09:06 - 2015-06-19 09:06 - 00000000 ____D C:\ProgramData\EutgUdko
2015-06-18 16:28 - 2015-06-19 09:14 - 00000000 ____D C:\FRST
2015-06-18 16:27 - 2015-06-18 16:27 - 00112640 _____ C:\Users\MS\Desktop\FRSTLauncher.exe
2015-06-18 16:26 - 2015-06-18 16:26 - 00112640 _____ (forum.viry.cz) C:\Users\MS\Downloads\Nepotvrzeno 869253.crdownload
2015-06-18 16:25 - 2015-06-18 16:25 - 01148416 _____ (Farbar) C:\Users\MS\Desktop\FRST.exe
2015-06-18 16:23 - 2015-06-18 16:23 - 00112107 _____ (forum.viry.cz) C:\Users\MS\Downloads\Nepotvrzeno 82593.crdownload
2015-06-17 09:13 - 2015-06-17 09:13 - 00005433 _____ C:\Users\MS\Downloads\BB146329_35041291_20150617_091252.zip
2015-06-16 09:34 - 2015-06-16 09:35 - 00000000 ____D C:\Users\MS\AppData\Local\GWX
2015-06-10 00:58 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 00:58 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 00:58 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 00:58 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 00:58 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 00:58 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 00:58 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 00:58 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 00:58 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 00:58 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 00:58 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 00:58 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 00:58 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 00:58 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 00:58 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 00:58 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 00:58 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 00:58 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 00:58 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 00:58 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 00:58 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 00:58 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 00:58 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 00:58 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 00:58 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 00:58 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 00:58 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 00:58 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 00:58 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 00:58 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 00:58 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 00:58 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 00:58 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 00:58 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 00:58 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 00:58 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 00:58 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 00:58 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 00:58 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 00:58 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 00:58 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 00:58 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 00:58 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 00:58 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 00:58 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 00:58 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 00:58 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 00:58 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 00:57 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-06-10 00:57 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 00:57 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 00:57 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 00:57 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 00:57 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 00:57 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 00:57 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 00:57 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 00:57 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 00:57 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 00:57 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 00:57 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 00:57 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 00:57 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 00:57 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 00:57 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 00:57 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 00:57 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-04 10:05 - 2015-06-04 10:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-06-04 10:05 - 2015-06-04 10:05 - 00002017 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-06-02 15:05 - 2015-06-19 09:11 - 00003516 _____ C:\Windows\PFRO.log
2015-06-02 15:05 - 2015-06-19 09:11 - 00000616 _____ C:\Windows\setupact.log
2015-06-02 15:05 - 2015-06-02 15:05 - 00000000 _____ C:\Windows\setuperr.log
2015-06-02 10:50 - 2015-06-02 10:50 - 00003619 _____ C:\Users\MS\Downloads\BB146329_35041291_20150602_105000.zip
2015-05-28 15:18 - 2015-06-16 10:05 - 00000000 ____D C:\ProgramData\EutgUdko2
2015-05-27 11:10 - 2015-05-27 11:10 - 00005069 _____ C:\Users\MS\Downloads\BB146329_35041291_20150527_110905.zip
2015-05-27 10:39 - 2015-05-27 10:39 - 00090112 _____ C:\Users\MS\Desktop\Objednávka Uhl SF 27.5..xls
2015-05-22 11:16 - 2015-05-22 12:32 - 1282618208 _____ C:\Users\MS\Downloads\Novinky--Babovřesky-3-CZ-dabing.avi
2015-05-20 08:48 - 2015-05-20 08:48 - 00090112 _____ C:\Users\MS\Desktop\Objednávka Uhl SF 20.5..xls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-19 09:16 - 2011-09-05 09:56 - 00000000 ____D C:\ProgramData\MFAData
2015-06-19 09:15 - 2012-12-03 11:39 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-19 09:11 - 2013-06-04 10:00 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-06-19 09:11 - 2012-12-03 11:39 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-19 09:11 - 2011-06-20 14:33 - 01643422 _____ C:\Windows\WindowsUpdate.log
2015-06-19 09:11 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-19 08:46 - 2013-03-04 09:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-19 08:14 - 2009-07-14 06:34 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-19 08:14 - 2009-07-14 06:34 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-18 15:58 - 2014-11-24 12:02 - 00193354 _____ C:\Users\MS\Desktop\naklady a prijmy SF2.xlsx
2015-06-18 15:39 - 2014-12-30 09:35 - 00002450 _____ C:\Users\Public\Desktop\Ekonomický systém POHODA SQL 2015 (síťový klient) Standard.lnk
2015-06-18 14:49 - 2014-11-24 12:02 - 00000000 ____D C:\Users\MS\Desktop\Reklamace
2015-06-18 14:06 - 2013-03-25 15:25 - 00000000 ____D C:\Program Files\Intime
2015-06-16 13:00 - 2014-11-24 12:04 - 00002292 ____H C:\Users\MS\Documents\Default.rdp
2015-06-11 11:56 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-10 11:46 - 2012-08-27 08:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-10 11:46 - 2011-06-20 15:45 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-10 04:14 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-06-10 03:42 - 2000-03-15 05:32 - 01593078 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-10 03:36 - 2009-07-14 06:33 - 01698784 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 03:34 - 2014-12-10 04:25 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 03:34 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 03:17 - 2000-03-15 05:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 03:13 - 2013-07-18 03:05 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 03:13 - 2009-07-14 04:04 - 00000478 _____ C:\Windows\win.ini
2015-06-10 03:01 - 2011-06-21 03:01 - 136900096 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-08 12:59 - 2015-04-27 09:39 - 00000000 ____D C:\Users\MS\AppData\Roaming\Adobe
2015-06-04 12:10 - 2015-04-27 09:45 - 00000000 ____D C:\Users\MS\AppData\Local\Adobe
2015-06-04 10:05 - 2000-03-15 05:51 - 00000000 ____D C:\Program Files\Adobe
2015-06-04 10:05 - 2000-03-15 05:50 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-06-04 10:04 - 2000-03-15 05:53 - 00000000 ____D C:\ProgramData\Adobe
2015-06-02 15:55 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-06-02 13:46 - 2012-10-16 11:13 - 00008196 ____H C:\Users\Public\.DS_Store
2015-06-02 13:45 - 2012-10-16 11:13 - 00008196 ____H C:\Users\Public\Documents\.DS_Store
2015-06-01 14:32 - 2014-11-24 12:02 - 00000000 ____D C:\Users\MS\Desktop\Reklamacni vyjadreni
2015-05-21 03:00 - 2015-04-05 03:01 - 00000000 ___SD C:\Windows\system32\GWX

==================== Files in the root of some directories =======

2013-05-21 10:37 - 2014-06-23 11:36 - 0003728 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2014-11-24 12:01 - 2011-06-20 15:31 - 0003073 _____ () C:\Users\MS\AppData\Roaming\DownloadManagerFiles.xml
2014-11-24 12:01 - 2015-04-27 08:59 - 0009320 _____ () C:\Users\MS\AppData\Roaming\Hodnoty oddělené čárkami (DOS).EML
2014-06-05 12:35 - 2014-06-05 12:35 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-15 18:34

==================== End of log ============================



Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by MS at 2015-06-19 09:19:04
Running from C:\Users\MS\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-562732343-2827483506-1812098311-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-562732343-2827483506-1812098311-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-562732343-2827483506-1812098311-1002 - Limited - Enabled)
MartinS (S-1-5-21-562732343-2827483506-1812098311-1005 - Administrator - Enabled) => C:\Users\TEMP.MARTIN
MS (S-1-5-21-562732343-2827483506-1812098311-1006 - Administrator - Enabled) => C:\Users\MS
Prodejna (S-1-5-21-562732343-2827483506-1812098311-1000 - Administrator - Enabled) => C:\Users\TEMP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 13.1.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Ask Toolbar Updater (HKU\.DEFAULT\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.36191 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (HKU\S-1-5-21-562732343-2827483506-1812098311-1005\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.36191 - Ask.com) <==== ATTENTION
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3495 - AVG Technologies CZ, s.r.o.)
AVG 2013 (Version: 13.0.3495 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2013 (Version: 13.0.4365 - AVG Technologies CZ, s.r.o.) Hidden
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.5.0.909 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.0.588 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 15.1.588 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - CZ (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (Version: 15.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.1.0.588 - Corel Corporation)
Crypta v1.3 (HKLM\...\Crypta v1.3) (Version: - )
ČSOB BusinessBanking 24 (HKLM\...\{16BEE578-3396-416E-B9D9-ADF118EA3D70}) (Version: - )
GemPcCCID (HKLM\...\{8BD3AFAF-636E-4516-A7E8-D57CCDBE28B8}) (Version: 2.0.3 - Gemalto)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
I.CA SecureStore 2.29.4 (HKLM\...\{313FF7F5-9193-4C71-A874-75B1A7673E69}) (Version: 2.29.4 - První certifikační autorita, a.s.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox 27.0 (x86 cs) (HKLM\...\Mozilla Firefox 27.0 (x86 cs)) (Version: 27.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySql Connector (HKLM\...\{CA26F9B1-B924-44DD-AB79-A52007EEDD35}) (Version: 6.2.4 - My Sql)
Razer DeathAdder(TM) Mouse (HKLM\...\{EB1B8449-CD8F-485B-ADB6-02FBCFE180D3}) (Version: 3.02 - Razer USA Ltd.)
Realtek AC'97 Audio (HKLM\...\{FB08F381-6533-4108-B7DD-039E11FBC27E}) (Version: 5.37 - Realtek Semiconductor Corp.)
SopCast 3.8.2 (HKLM\...\SopCast) (Version: 3.8.2 - www.sopcast.com)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA SQL Klient CZ Standard (HKLM\...\{C9C1962B-8535-463D-8A1A-A615EAF716D7}) (Version: 10900.79 - STORMWARE)
StreamTorrent 1.0 (HKLM\...\StreamTorrent 1.0) (Version: - )
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
TightVNC 2.0.4 (HKLM\...\TightVNC) (Version: 2.0.4 - GlavSoft LLC.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WGuardBDE (HKLM\...\{D378E8FB-A4D4-46B6-AD3F-ED046B90CFA0}) (Version: 1.00.0000 - Grandtec)
WinRAR 4.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Základní software zařízení HP Photosmart 5510d series (HKLM\...\{065B379D-4BEC-46C8-AB23-E145FCF6B612}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

03-06-2015 03:00:12 Windows Update
03-06-2015 14:45:25 Removed Adobe Reader XI - Czech.
10-06-2015 03:00:35 Windows Update
17-06-2015 17:20:46 Naplánovaný kontrolní bod
19-06-2015 09:05:29 Restore Point Created by FRST

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2012-08-27 10:28 - 00000826 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0902230F-2B6A-4A3E-98BE-501EED7435E3} - System32\Tasks\{C4174407-5D80-4CBE-A7AE-E11CEB6229BF} => pcalua.exe -a C:\Users\Prodejna\Desktop\install_icq7.exe -d C:\Users\Prodejna\Desktop
Task: {28F99351-391C-45B8-92F1-E2D48B5057DE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {44C02F5C-A45E-4212-B2AB-051E2D49B5CC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {4BE399A4-8B00-41F4-8CCE-0ACAB0199C36} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {54256236-23A8-4EE5-A754-05773F4C3A2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10] (Adobe Systems Incorporated)
Task: {68B555A4-B1EE-4763-ACB6-EC339BCB2CE2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-03] (Google Inc.)
Task: {6E886975-76AB-40C8-87A6-563A294BF802} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {7A0613B2-61AE-4756-8B5D-B1A4664355C2} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {80B1604E-E34A-483E-97FA-1F512519D7CD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {943897CE-7A57-4C8E-9D06-F9B667DF01CF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {A213D7DA-1A39-4422-8C0D-6AE2A7479FDB} - System32\Tasks\{07E21788-2279-4231-A32A-E3E849C39A7C} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {B5A35BC8-9B0D-4059-8B58-B2E005334BBD} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {B68FCBC0-E52A-4F8B-84C3-CDD254ECECD6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-03] (Google Inc.)
Task: {F15A4831-8A7D-40B2-AD68-40AE989FA2F7} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{C6A20F44-784F-496C-A3D2-F1249A6C9788}.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{C6A20F44-784F-496C-A3D2-F1249A6C9788}.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2013-10-09 12:41 - 2013-10-09 12:41 - 00163840 _____ () C:\Windows\system32\SecureStoreCsp.dll
2013-10-12 12:42 - 2013-10-12 12:42 - 00496640 _____ () C:\Windows\system32\SecureStoreCore.dll
2013-10-09 12:42 - 2013-10-09 12:42 - 00193536 _____ () C:\Windows\system32\SecureStoreCspRes.dll
2013-05-02 14:11 - 2012-09-18 15:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll
2013-05-02 14:16 - 2012-09-18 15:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2015-05-14 13:56 - 2015-05-14 13:55 - 00166848 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
2015-05-14 13:56 - 2015-05-14 13:55 - 00526784 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\log4cplusU.dll
2011-06-20 15:55 - 2011-03-02 12:40 - 00140288 _____ () C:\Program Files\WinRAR\rarext.dll
2011-09-05 10:01 - 2015-05-14 13:55 - 02510784 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2015-04-27 10:39 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\MS\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2015-04-27 10:39 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\MS\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\MS\AppData\Roaming\Hodnoty oddělené čárkami (DOS).EML:OECustomProperty
AlternateDataStreams: C:\Users\Prodejna\AppData\Roaming\Hodnoty oddělené čárkami (DOS).EML:OECustomProperty
AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\.DS_Store:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0079.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0079.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0081.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0081.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0083.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0083.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0084.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0084.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0087.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0087.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0088.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0088.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\DSC_0104 copy.jpg:AFP_AfpInfo
AlternateDataStreams: C:\Users\Public\Documents\DSC_0104 copy.jpg:AFP_Resource
AlternateDataStreams: C:\Users\Public\Documents\Umbro PNG:AFP_AfpInfo

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-562732343-2827483506-1812098311-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-562732343-2827483506-1812098311-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\MS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-562732343-2827483506-1812098311-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138 - 8.8.8.8

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{76CFBBEF-3A6E-4370-AB85-1586C2B2ABB2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{31316E87-2442-4BBD-97DE-58629A12F05F}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{69826512-1CFF-4296-ADF3-6D86941BE1C0}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe
FirewallRules: [{DE9555D0-9921-4918-9D94-673E702BB350}] => (Allow) C:\Program Files\TightVNC\vncviewer.exe
FirewallRules: [{98615506-0131-4BC7-9703-8876969BCBE8}] => (Allow) C:\Program Files\TightVNC\vncviewer.exe
FirewallRules: [TCP Query User{7BAF57E3-3A60-466A-BD60-DE456CD024E3}C:\program files\icq7.7\icq.exe] => (Allow) C:\program files\icq7.7\icq.exe
FirewallRules: [UDP Query User{60F23AA3-6185-475F-9251-151810E63EBE}C:\program files\icq7.7\icq.exe] => (Allow) C:\program files\icq7.7\icq.exe
FirewallRules: [{F7E6886B-FACD-4D35-B458-DD57E1CCD3A4}] => (Allow) C:\Users\Prodejna\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7A8826DB-5152-4FED-9F9A-05FDA358BA67}] => (Allow) C:\Users\Prodejna\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0B7AEE2D-51CA-4507-AECA-1827FB812970}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [UDP Query User{C3FFDEB6-52C5-4312-8A73-F253B8990B49}C:\program files\sopcast\sopcast.exe] => (Allow) C:\program files\sopcast\sopcast.exe
FirewallRules: [{3CB97DA1-772A-4764-855E-A7616204C8EF}] => (Block) C:\program files\sopcast\sopcast.exe
FirewallRules: [{76DDBD00-ACB8-47F6-AEB5-43F121AE75E5}] => (Block) C:\program files\sopcast\sopcast.exe
FirewallRules: [{DB35AE26-984B-459D-88C5-CAD2B718B951}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{E253BA15-1458-47F0-BC4C-6E6175DDE4F4}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [TCP Query User{568C6AD0-DA27-4434-8868-5ECECBC0D6A8}C:\users\prodejna\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\prodejna\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{50984ED6-1640-44F9-9F4E-65BFAEA3FD15}C:\users\prodejna\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\prodejna\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{CF94790A-372E-4AA2-8F33-DEFDC6AE76BF}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\DeviceSetup.exe
FirewallRules: [{D07B8D2D-633E-46E7-B6D9-6B20F7C8BAAC}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{F8963B76-D06C-4A8E-BB81-AF8DFEC02AD8}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{71E08FFF-880D-4118-B604-61C03A302BC8}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{C91347C8-F55F-48FB-8824-CEC8DD208579}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{10B1B809-42D9-4358-AB28-F81E4E7C22C3}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{6487C91E-24E3-4B5C-A487-577797D09BE5}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{2B8A5262-F696-4008-AB29-F041BA948722}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{1E2460BB-A44B-4526-B628-70C7D61443AB}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{F5C4613C-C3E7-4981-9C29-5CF4035D6278}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C16B813A-0A63-44D9-AB92-391A8E7B29DB}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{C9CEB956-2C61-48F1-9B81-B8FAEC286E86}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Myš kompatibilní s portem PS/2
Description: Myš kompatibilní s portem PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/19/2015 09:05:29 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-562732343-2827483506-1812098311-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {4bcd8777-2a4c-41cd-a4d4-6110e405e67b}

Error: (06/19/2015 09:05:27 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-562732343-2827483506-1812098311-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {4bcd8777-2a4c-41cd-a4d4-6110e405e67b}

Error: (06/19/2015 09:05:27 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {66ed72d7-044b-482f-b5e0-e4e1ff771506}

Error: (06/18/2015 03:16:41 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:53:00 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:48:39 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:48:33 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:48:27 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:48:21 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:

Error: (06/18/2015 02:48:16 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description:


System errors:
=============
Error: (06/19/2015 09:12:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
cdrom

Error: (06/19/2015 09:12:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: specifické pro aplikaciMístníSpuštění{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (pomocí LRPC)

Error: (06/19/2015 09:05:57 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (06/19/2015 09:05:28 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Protexis Licensing V2 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/19/2015 09:05:28 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba TeamViewer 9 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 2000 milisekund: Restartovat službu.

Error: (06/19/2015 09:05:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba TightVNC Server byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (06/19/2015 09:05:27 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba vToolbarUpdater18.5.0 byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (06/19/2015 09:05:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (06/19/2015 09:05:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (06/19/2015 09:05:27 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


Microsoft Office:
=========================
Error: (04/20/2014 03:05:15 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 843140 seconds with 22020 seconds of active time. This session ended with a crash.

Error: (01/15/2014 06:52:24 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 144814 seconds with 5100 seconds of active time. This session ended with a crash.

Error: (11/25/2013 09:29:28 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 153 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/15/2011 09:26:01 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/15/2011 09:25:28 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 25 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/15/2011 09:22:43 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 29 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/15/2011 09:18:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/15/2011 09:15:54 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/15/2011 09:05:28 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 81 seconds with 0 seconds of active time. This session ended with a crash.

Error: (08/11/2011 01:13:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 46 seconds with 0 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2012-01-18 18:19:19.905
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-01-03 19:52:15.058
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-01-03 19:44:07.421
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-01-03 19:26:44.109
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-01-03 19:15:54.233
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-01-03 18:50:05.778
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2012-01-03 18:36:34.277
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2011-12-14 19:47:04.792
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2011-12-14 19:26:45.460
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.

Date: 2011-12-14 18:58:31.676
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) D CPU 3.40GHz
Percentage of memory in use: 57%
Total physical RAM: 3319.31 MB
Available physical RAM: 1402.61 MB
Total Pagefile: 6636.93 MB
Available Pagefile: 4823.49 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:149.05 GB) (Free:35.31 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 7D826B35)
Partition 1: (Active) - (Size=149.1 GB) - (Type=07 NTFS)

==================== End of log ============================



děkuji za kontrolu

[ivomatej]

Tak už se mi to povedlo všechno provést. Přikládám soubory. Děkuji za kontrolu.

[ivomatej]

Extras

[ivomatej]

Export Examination

[ivomatej]

Po prvním spuštění se seknul počítač, tak jsem ho natvrdo vypnul. Kouknul jsem do C:\_OTL a byly tam složky s virem. Celou složku jsem smazal a spustil OTL znovu podle návodu. Tady je log:

All processes killed
========== PROCESSES ==========
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-562732343-2827483506-1812098311-1006\Software\Microsoft\Windows\CurrentVersion\Run\\EutgUdko not found.
File move failed. C:\Windows\System32\regsvr32.exe scheduled to be moved on reboot.
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\EutgUdko not found.
========== FILES ==========
File\Folder C:\ProgramData\EutgUdko not found.
File\Folder C:\ProgramData\EutgUdko2 not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: MartinS
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 287245555 bytes
->Google Chrome cache emptied: 460477277 bytes
->Flash cache emptied: 3790545 bytes

User: MS
->Temp folder emptied: 2323229 bytes
->Temporary Internet Files folder emptied: 1978150 bytes
->Java cache emptied: 587783 bytes
->FireFox cache emptied: 178952942 bytes
->Google Chrome cache emptied: 69560214 bytes
->Flash cache emptied: 626 bytes

User: Prodejna
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 3926102 bytes
->FireFox cache emptied: 384213392 bytes
->Google Chrome cache emptied: 448671928 bytes
->Flash cache emptied: 3781044 bytes

User: Public

User: TEMP
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 197813 bytes

User: TEMP.MARTIN
->Temp folder emptied: 7008 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 197612 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9187473 bytes
RecycleBin emptied: 1524946 bytes

Total Files Cleaned = 1 771,00 mb


[EMPTYFLASH]

User: Administrator

User: All Users

User: Default

User: Default User

User: MartinS
->Flash cache emptied: 0 bytes

User: MS
->Flash cache emptied: 0 bytes

User: Prodejna
->Flash cache emptied: 0 bytes

User: Public

User: TEMP

User: TEMP.MARTIN

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: Administrator

User: All Users

User: Default

User: Default User

User: MartinS
->Java cache emptied: 0 bytes

User: MS
->Java cache emptied: 0 bytes

User: Prodejna
->Java cache emptied: 0 bytes

User: Public

User: TEMP
->Java cache emptied: 0 bytes

User: TEMP.MARTIN
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06232015_165625

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\regsvr32.exe scheduled to be moved on reboot.
File move failed. C:\Windows\temp\avg_secure_search.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

[ivomatej]

OTL logfile created on: 23.6.2015 17:10:38 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\MS\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17843)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

3,24 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 55,96% Memory free
6,48 Gb Paging File | 5,19 Gb Available in Paging File | 80,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,05 Gb Total Space | 38,87 Gb Free Space | 26,08% Space Free | Partition Type: NTFS

Computer Name: MARTIN | User Name: MS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 7 Days

========== Processes (SafeList) ==========

PRC - [2015.06.22 14:58:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MS\Desktop\OTL.exe
PRC - [2015.06.20 07:46:07 | 000,813,896 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2015.05.14 13:55:44 | 002,510,784 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2015.05.14 13:55:44 | 001,812,416 | ---- | M] (AVG Secure Search) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
PRC - [2015.05.14 13:55:44 | 000,166,848 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
PRC - [2015.05.09 05:12:59 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2015.04.09 08:46:59 | 005,261,584 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2015.04.09 08:46:58 | 014,453,520 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe
PRC - [2015.04.09 08:13:37 | 000,229,648 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\tv_w32.exe
PRC - [2015.03.07 00:22:00 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014.11.04 01:31:08 | 004,411,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2014.10.17 16:35:20 | 004,942,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2014.05.22 00:36:08 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013.11.20 02:54:20 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013.07.10 01:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2013.07.04 15:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2011.08.03 15:23:54 | 000,828,944 | ---- | M] (GlavSoft LLC.) -- C:\Program Files\TightVNC\tvnserver.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.03.10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.03.10 14:03:26 | 000,604,704 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE


========== Modules (All) ==========

MOD - [2015.06.22 14:58:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MS\Desktop\OTL.exe
MOD - [2015.06.20 07:46:07 | 000,813,896 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
MOD - [2015.06.20 07:46:03 | 001,663,304 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\43.0.2357.130\ffmpegsumo.dll
MOD - [2015.06.20 07:46:01 | 000,133,960 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\43.0.2357.130\chrome_elf.dll
MOD - [2015.06.20 07:46:00 | 039,033,672 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\43.0.2357.130\chrome_child.dll
MOD - [2015.06.20 07:45:59 | 031,533,896 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\43.0.2357.130\chrome.dll
MOD - [2015.06.20 05:47:03 | 003,466,856 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Google\Chrome\Application\43.0.2357.130\d3dcompiler_47.dll
MOD - [2015.06.02 21:35:47 | 000,235,216 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\sqmapi.dll
MOD - [2015.05.27 16:08:34 | 019,607,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll
MOD - [2015.05.25 20:04:08 | 001,307,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdll.dll
MOD - [2015.05.25 20:01:41 | 000,100,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2015.05.25 20:01:41 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srclient.dll
MOD - [2015.05.25 20:01:39 | 000,248,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schannel.dll
MOD - [2015.05.25 20:01:39 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2015.05.25 20:01:39 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll
MOD - [2015.05.25 20:01:35 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
MOD - [2015.05.25 20:01:21 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credssp.dll
MOD - [2015.05.25 20:01:17 | 000,641,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\advapi32.dll
MOD - [2015.05.23 05:10:47 | 002,278,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll
MOD - [2015.05.23 05:05:06 | 000,664,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
MOD - [2015.05.23 04:47:31 | 004,305,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
MOD - [2015.05.23 04:28:25 | 012,829,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll
MOD - [2015.05.23 04:20:35 | 001,950,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll
MOD - [2015.05.23 04:16:42 | 001,309,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll
MOD - [2015.05.23 04:11:38 | 000,285,696 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\ieproxy.dll
MOD - [2015.05.14 13:55:44 | 002,510,784 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2015.05.14 13:55:44 | 000,526,784 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\log4cplusU.dll
MOD - [2015.05.14 13:55:44 | 000,516,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\18.5.0\avgdttbx.dll
MOD - [2015.05.14 13:55:44 | 000,153,024 | ---- | M] (AVG Technologies) -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\SiteSafety.dll
MOD - [2015.05.09 05:13:42 | 000,868,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll
MOD - [2015.05.09 05:13:42 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2015.04.28 03:02:04 | 000,632,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
MOD - [2015.04.24 19:56:58 | 000,530,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
MOD - [2015.04.24 19:54:13 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
MOD - [2015.04.20 04:56:29 | 001,250,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
MOD - [2015.04.20 04:52:09 | 001,625,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18834_none_72d38c5186679d48\GdiPlus.dll
MOD - [2015.04.09 08:46:58 | 014,453,520 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe
MOD - [2015.04.09 08:13:36 | 000,246,544 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\tv_w32.dll
MOD - [2015.03.10 05:08:26 | 001,237,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3.dll
MOD - [2015.03.05 06:06:01 | 000,305,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gdi32.dll
MOD - [2015.03.04 06:10:53 | 000,295,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apphelp.dll
MOD - [2015.02.20 06:13:52 | 000,026,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\lpk.dll
MOD - [2015.02.20 06:13:46 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll
MOD - [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shell32.dll
MOD - [2015.02.03 05:12:48 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wintrust.dll
MOD - [2015.02.03 05:12:42 | 001,230,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2015.02.03 05:12:29 | 001,329,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
MOD - [2015.02.03 05:12:14 | 001,174,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\crypt32.dll
MOD - [2015.02.03 05:12:14 | 001,005,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptui.dll
MOD - [2015.02.03 05:12:14 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptnet.dll
MOD - [2015.02.03 05:12:14 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptsp.dll
MOD - [2015.02.03 05:12:12 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AudioSes.dll
MOD - [2015.01.17 04:30:42 | 000,828,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msctf.dll
MOD - [2014.11.26 05:32:05 | 000,571,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleaut32.dll
MOD - [2014.11.04 01:31:08 | 004,411,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
MOD - [2014.11.04 01:30:50 | 001,029,680 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcfgx.dll
MOD - [2014.10.14 03:50:41 | 002,363,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msi.dll
MOD - [2014.07.17 03:40:03 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winsta.dll
MOD - [2014.07.14 03:42:02 | 000,654,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpcrt4.dll
MOD - [2014.06.24 04:59:49 | 001,987,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
MOD - [2014.06.18 03:52:09 | 000,348,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
MOD - [2014.06.09 12:55:48 | 000,894,000 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgntopensslx.dll
MOD - [2014.06.03 11:29:40 | 001,805,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
MOD - [2014.04.25 04:06:17 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\usp10.dll
MOD - [2014.04.11 23:08:08 | 000,516,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2014.03.26 16:27:50 | 001,389,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml6.dll
MOD - [2014.03.20 15:51:32 | 002,854,960 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgkrnlapix.dll
MOD - [2014.02.10 13:44:24 | 004,592,128 | ---- | M] () -- C:\Users\MS\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libGLESv2.dll
MOD - [2014.02.10 13:44:24 | 000,112,128 | ---- | M] () -- C:\Users\MS\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libEGL.dll
MOD - [2014.01.29 04:06:47 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wer.dll
MOD - [2013.11.26 10:16:50 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
MOD - [2013.11.19 18:12:33 | 000,182,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
MOD - [2013.11.15 10:56:24 | 000,653,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
MOD - [2013.11.15 10:56:24 | 000,569,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
MOD - [2013.11.06 12:41:56 | 000,026,160 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgapps.dll
MOD - [2013.10.19 03:36:59 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imagehlp.dll
MOD - [2013.10.12 04:01:25 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FWPUCLNT.DLL
MOD - [2013.10.04 03:56:25 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\credui.dll
MOD - [2013.09.08 04:03:58 | 000,231,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mswsock.dll
MOD - [2013.07.26 03:55:59 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shdocvw.dll
MOD - [2013.07.26 01:33:10 | 000,455,216 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcommx.dll
MOD - [2013.07.04 13:51:04 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davclnt.dll
MOD - [2013.06.27 01:54:06 | 000,848,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgsysx.dll
MOD - [2013.05.07 03:03:00 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
MOD - [2013.05.07 03:03:00 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
MOD - [2013.05.07 03:03:00 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
MOD - [2013.05.07 03:03:00 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
MOD - [2013.05.07 03:03:00 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
MOD - [2013.05.07 03:03:00 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
MOD - [2013.05.07 03:02:59 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
MOD - [2013.05.07 03:02:59 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
MOD - [2013.05.07 03:02:59 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
MOD - [2013.05.07 03:02:59 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll
MOD - [2013.05.07 03:02:59 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
MOD - [2013.05.07 03:02:59 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
MOD - [2013.05.07 03:02:59 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
MOD - [2013.05.07 03:02:59 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
MOD - [2013.04.26 01:30:32 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
MOD - [2013.03.29 02:54:56 | 001,799,216 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avguires.dll
MOD - [2013.03.14 03:16:28 | 000,409,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgdecider.dll
MOD - [2013.02.19 04:01:18 | 000,309,808 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avglogx.dll
MOD - [2013.02.19 04:01:18 | 000,174,640 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avglngx.dll
MOD - [2013.02.19 04:01:12 | 000,273,968 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidpmx.dll
MOD - [2013.02.19 04:00:56 | 000,279,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgclitx.dll
MOD - [2012.12.07 14:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wpc.dll
MOD - [2012.12.07 14:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gameux.dll
MOD - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
MOD - [2012.10.16 09:39:52 | 000,561,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\AppPatch\AcLayers.dll
MOD - [2012.10.09 19:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc6.dll
MOD - [2012.10.03 18:42:26 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nlaapi.dll
MOD - [2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netapi32.dll
MOD - [2012.01.04 10:58:41 | 000,442,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntshrui.dll
MOD - [2011.12.30 07:27:56 | 000,478,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
MOD - [2011.12.16 09:52:58 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcrt.dll
MOD - [2011.11.17 07:35:02 | 000,314,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
MOD - [2011.08.27 06:26:27 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\oleacc.dll
MOD - [2011.08.03 15:23:54 | 000,828,944 | ---- | M] (GlavSoft LLC.) -- C:\Program Files\TightVNC\tvnserver.exe
MOD - [2011.06.16 06:33:18 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\xmllite.dll
MOD - [2011.06.11 02:58:52 | 004,422,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc100u.dll
MOD - [2011.06.11 02:58:52 | 000,773,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr100.dll
MOD - [2011.06.11 02:58:52 | 000,421,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp100.dll
MOD - [2011.06.11 01:58:52 | 000,055,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc100enu.dll
MOD - [2011.05.04 06:34:43 | 001,549,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
MOD - [2011.05.04 06:32:02 | 000,666,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
MOD - [2011.05.04 06:28:31 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchProtocolHost.exe
MOD - [2011.05.04 06:28:31 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SearchFilterHost.exe
MOD - [2011.05.03 06:30:02 | 000,741,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcomm.dll
MOD - [2011.03.11 07:33:09 | 001,699,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\esent.dll
MOD - [2011.03.03 07:38:01 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dnsapi.dll
MOD - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
MOD - [2010.11.20 14:21:39 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
MOD - [2010.11.20 14:21:39 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wtsapi32.dll
MOD - [2010.11.20 14:21:38 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ws2_32.dll
MOD - [2010.11.20 14:21:38 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WPDShServiceObj.dll
MOD - [2010.11.20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll
MOD - [2010.11.20 14:21:36 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wldap32.dll
MOD - [2010.11.20 14:21:36 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winmm.dll
MOD - [2010.11.20 14:21:36 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wkscli.dll
MOD - [2010.11.20 14:21:35 | 001,063,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\werconcpl.dll
MOD - [2010.11.20 14:21:34 | 001,128,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vssapi.dll
MOD - [2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\user32.dll
MOD - [2010.11.20 14:21:33 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\userenv.dll
MOD - [2010.11.20 14:21:28 | 000,505,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
MOD - [2010.11.20 14:21:27 | 002,146,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SyncCenter.dll
MOD - [2010.11.20 14:21:27 | 000,380,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sxs.dll
MOD - [2010.11.20 14:21:27 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
MOD - [2010.11.20 14:21:26 | 000,228,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\stobject.dll
MOD - [2010.11.20 14:21:26 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srvcli.dll
MOD - [2010.11.20 14:21:25 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srchadmin.dll
MOD - [2010.11.20 14:21:24 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\spp.dll
MOD - [2010.11.20 14:21:23 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SndVolSSO.dll
MOD - [2010.11.20 14:21:19 | 000,350,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shlwapi.dll
MOD - [2010.11.20 14:21:15 | 000,108,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\shacct.dll
MOD - [2010.11.20 14:21:14 | 001,667,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setupapi.dll
MOD - [2010.11.20 14:21:04 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2010.11.20 14:21:03 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\riched20.dll
MOD - [2010.11.20 14:21:03 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RpcRtRemote.dll
MOD - [2010.11.20 14:21:00 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QUTIL.DLL
MOD - [2010.11.20 14:20:57 | 000,988,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\propsys.dll
MOD - [2010.11.20 14:20:57 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\QAGENT.DLL
MOD - [2010.11.20 14:20:57 | 000,165,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\provsvc.dll
MOD - [2010.11.20 14:20:56 | 000,395,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\prnfldr.dll
MOD - [2010.11.20 14:20:55 | 001,750,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnidui.dll
MOD - [2010.11.20 14:20:55 | 000,547,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceApi.dll
MOD - [2010.11.20 14:20:49 | 001,414,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ole32.dll
MOD - [2010.11.20 14:20:49 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\olepro32.dll
MOD - [2010.11.20 14:20:46 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntlanman.dll
MOD - [2010.11.20 14:20:29 | 002,494,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netshell.dll
MOD - [2010.11.20 14:20:29 | 001,661,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\networkexplorer.dll
MOD - [2010.11.20 14:20:29 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2010.11.20 14:19:55 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvfw32.dll
MOD - [2010.11.20 14:19:54 | 000,167,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msutb.dll
MOD - [2010.11.20 14:19:47 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msftedit.dll
MOD - [2010.11.20 14:19:46 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msdmo.dll
MOD - [2010.11.20 14:19:45 | 000,481,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscms.dll
MOD - [2010.11.20 14:19:45 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msasn1.dll
MOD - [2010.11.20 14:19:39 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MMDevAPI.dll
MOD - [2010.11.20 14:19:32 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mapi32.dll
MOD - [2010.11.20 14:19:23 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IPHLPAPI.DLL
MOD - [2010.11.20 14:19:22 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imm32.dll
MOD - [2010.11.20 14:19:21 | 000,392,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imapi2.dll
MOD - [2010.11.20 14:19:10 | 000,312,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgcpl.dll
MOD - [2010.11.20 14:19:10 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hgprint.dll
MOD - [2010.11.20 14:19:10 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\HotStartUserAgent.dll
MOD - [2010.11.20 14:19:03 | 000,206,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\framedynos.dll
MOD - [2010.11.20 14:19:01 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
MOD - [2010.11.20 14:18:36 | 000,399,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DXP.dll
MOD - [2010.11.20 14:18:35 | 001,371,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmcore.dll
MOD - [2010.11.20 14:18:35 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmredir.dll
MOD - [2010.11.20 14:18:27 | 000,854,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dbghelp.dll
MOD - [2010.11.20 14:18:25 | 001,828,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d9.dll
MOD - [2010.11.20 14:18:25 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscui.dll
MOD - [2010.11.20 14:18:25 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscobj.dll
MOD - [2010.11.20 14:18:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscapi.dll
MOD - [2010.11.20 14:18:25 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cscdll.dll
MOD - [2010.11.20 14:18:23 | 000,485,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\comdlg32.dll
MOD - [2010.11.20 14:18:12 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
MOD - [2010.11.20 14:18:06 | 000,740,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\batmeter.dll
MOD - [2010.11.20 14:18:01 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ActionCenter.dll
MOD - [2010.11.20 14:18:01 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\actxprxy.dll
MOD - [2010.11.20 14:18:01 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\activeds.dll
MOD - [2010.11.20 14:17:47 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskeng.exe
MOD - [2010.11.20 14:16:50 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bthprops.cpl
MOD - [2010.11.20 14:16:50 | 000,320,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winspool.drv
MOD - [2010.11.20 14:16:50 | 000,172,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wdmaud.drv
MOD - [2010.11.05 03:58:19 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mscoree.dll
MOD - [2009.09.23 20:30:48 | 000,252,952 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe
MOD - [2009.09.23 20:30:48 | 000,173,592 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe
MOD - [2009.09.23 20:30:48 | 000,150,552 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe
MOD - [2009.09.23 20:30:48 | 000,141,848 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxtray.exe
MOD - [2009.09.23 20:18:08 | 003,829,760 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
MOD - [2009.09.23 20:14:54 | 000,536,576 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igdumdx32.dll
MOD - [2009.09.23 19:52:10 | 000,282,624 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc
MOD - [2009.09.23 19:49:24 | 000,051,712 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll
MOD - [2009.09.23 19:49:04 | 000,094,208 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hccutils.dll
MOD - [2009.09.23 19:49:00 | 000,218,112 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxdev.dll
MOD - [2009.09.23 19:48:52 | 005,702,656 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxress.dll
MOD - [2009.07.14 03:17:54 | 000,249,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcryptprimitives.dll
MOD - [2009.07.14 03:17:54 | 000,242,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rsaenh.dll
MOD - [2009.07.14 03:16:21 | 000,284,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WWanAPI.dll
MOD - [2009.07.14 03:16:21 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wwapi.dll
MOD - [2009.07.14 03:16:20 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscinterop.dll
MOD - [2009.07.14 03:16:20 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wshqos.dll
MOD - [2009.07.14 03:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wship6.dll
MOD - [2009.07.14 03:16:20 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WSHTCPIP.DLL
MOD - [2009.07.14 03:16:19 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanapi.dll
MOD - [2009.07.14 03:16:19 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winrnr.dll
MOD - [2009.07.14 03:16:19 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\winnsi.dll
MOD - [2009.07.14 03:16:19 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wlanutil.dll
MOD - [2009.07.14 03:16:18 | 000,262,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtapi.dll
MOD - [2009.07.14 03:16:18 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wercplsupport.dll
MOD - [2009.07.14 03:16:17 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uxtheme.dll
MOD - [2009.07.14 03:16:17 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vsstrace.dll
MOD - [2009.07.14 03:16:17 | 000,021,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\version.dll
MOD - [2009.07.14 03:16:16 | 000,239,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\uDWM.dll
MOD - [2009.07.14 03:16:16 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\TSChannel.dll
MOD - [2009.07.14 03:16:15 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Syncreg.dll
MOD - [2009.07.14 03:16:15 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\slc.dll
MOD - [2009.07.14 03:16:13 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samlib.dll
MOD - [2009.07.14 03:16:13 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SensApi.dll
MOD - [2009.07.14 03:16:12 | 000,159,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PortableDeviceTypes.dll
MOD - [2009.07.14 03:16:12 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\powrprof.dll
MOD - [2009.07.14 03:16:12 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\PlaySndSrv.dll
MOD - [2009.07.14 03:16:12 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pnrpnsp.dll
MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 03:16:12 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rasadhlp.dll
MOD - [2009.07.14 03:16:12 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\psapi.dll
MOD - [2009.07.14 03:16:11 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntmarta.dll
MOD - [2009.07.14 03:16:11 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntdsapi.dll
MOD - [2009.07.14 03:16:11 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\npmproxy.dll
MOD - [2009.07.14 03:16:11 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\nsi.dll
MOD - [2009.07.14 03:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netprofm.dll
MOD - [2009.07.14 03:16:02 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\NapiNSP.dll
MOD - [2009.07.14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mssprxy.dll
MOD - [2009.07.14 03:15:47 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msshooks.dll
MOD - [2009.07.14 03:15:46 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msoert2.dll
MOD - [2009.07.14 03:15:44 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimtf.dll
MOD - [2009.07.14 03:15:44 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msiltcfg.dll
MOD - [2009.07.14 03:15:44 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msidle.dll
MOD - [2009.07.14 03:15:44 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msimg32.dll
MOD - [2009.07.14 03:15:43 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsCtfMonitor.dll
MOD - [2009.07.14 03:15:42 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.dll
MOD - [2009.07.14 03:15:41 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mpr.dll
MOD - [2009.07.14 03:15:40 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mlang.dll
MOD - [2009.07.14 03:15:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\midimap.dll
MOD - [2009.07.14 03:15:37 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Magnification.dll
MOD - [2009.07.14 03:15:36 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\linkinfo.dll
MOD - [2009.07.14 03:15:35 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ksuser.dll
MOD - [2009.07.14 03:15:27 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IconCodecService.dll
MOD - [2009.07.14 03:15:24 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hcproviders.dll
MOD - [2009.07.14 03:15:24 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\hid.dll
MOD - [2009.07.14 03:15:22 | 000,848,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSST.dll
MOD - [2009.07.14 03:15:22 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\gpapi.dll
MOD - [2009.07.14 03:15:21 | 000,227,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSAPI.dll
MOD - [2009.07.14 03:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\es.dll
MOD - [2009.07.14 03:15:14 | 000,189,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
MOD - [2009.07.14 03:15:14 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehSSO.dll
MOD - [2009.07.14 03:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll
MOD - [2009.07.14 03:15:13 | 000,453,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsound.dll
MOD - [2009.07.14 03:15:13 | 000,181,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\duser.dll
MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 03:15:13 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dsrole.dll
MOD - [2009.07.14 03:15:13 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\drprov.dll
MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 03:15:11 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dhcpcsvc.dll
MOD - [2009.07.14 03:15:11 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devrtl.dll
MOD - [2009.07.14 03:15:11 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dimsjob.dll
MOD - [2009.07.14 03:15:10 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ddraw.dll
MOD - [2009.07.14 03:15:10 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devenum.dll
MOD - [2009.07.14 03:15:08 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\davhlpr.dll
MOD - [2009.07.14 03:15:08 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d8thk.dll
MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 03:15:03 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\clbcatq.dll
MOD - [2009.07.14 03:14:59 | 000,080,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\bcrypt.dll
MOD - [2009.07.14 03:14:58 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avrt.dll
MOD - [2009.07.14 03:14:57 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\atl.dll
MOD - [2009.07.14 03:14:57 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\avicap32.dll
MOD - [2009.07.14 03:14:53 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\AltTab.dll
MOD - [2009.07.14 03:14:52 | 000,202,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\adsldpc.dll
MOD - [2009.07.14 03:14:31 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rundll32.exe
MOD - [2009.07.14 03:14:27 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\notepad.exe
MOD - [2009.07.14 03:14:19 | 000,092,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwm.exe
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx
MOD - [2009.07.14 03:14:09 | 001,140,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wscui.cpl
MOD - [2009.07.14 03:14:08 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msacm32.drv
MOD - [2009.07.14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\normaliz.dll
MOD - [2009.07.14 03:06:08 | 000,084,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
MOD - [2009.07.14 03:05:30 | 000,925,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\FXSRESM.dll
MOD - [2009.03.10 14:03:26 | 000,604,704 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SOUNDMAN.EXE
MOD - [2009.02.26 16:45:38 | 000,043,392 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL


========== Services (SafeList) ==========

SRV - [2015.06.10 11:46:13 | 000,268,464 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.05.25 20:01:45 | 000,853,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2015.05.23 05:05:18 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2015.05.14 13:55:44 | 001,812,416 | ---- | M] (AVG Secure Search) [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe -- (vToolbarUpdater18.5.0)
SRV - [2015.04.09 08:46:59 | 005,261,584 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2015.03.07 00:22:00 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.10.17 16:35:20 | 004,942,384 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014.01.28 08:54:10 | 000,118,896 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.11.20 02:54:20 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013.05.27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2011.08.03 15:23:54 | 000,828,944 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\Program Files\TightVNC\tvnserver.exe -- (tvnserver)
SRV - [2011.06.27 16:10:25 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010.03.10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - [2014.11.04 01:30:04 | 000,172,856 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2014.10.17 16:34:46 | 000,182,584 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2014.09.03 06:49:36 | 000,140,800 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2plx86)
DRV - [2014.03.14 13:22:10 | 000,099,840 | ---- | M] (Gemalto) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GemCCID.sys -- (GemCCID)
DRV - [2013.11.25 02:48:36 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013.10.23 02:05:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2013.10.23 02:05:10 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013.10.02 02:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2013.07.20 01:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013.07.20 01:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013.07.01 01:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.10.01 00:16:40 | 000,010,240 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VKbms.sys -- (VKbms)
DRV - [2009.07.14 02:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.03.18 18:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.03.10 13:46:34 | 004,172,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTKVAC.SYS -- (ALCXWDM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-562732343-2827483506-1812098311-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://isearch.avg.com?cid={5E457132-FC ... 2011-09-05 10:01:37&v=18.3.0.885&pid=avg&sg=0&sap=hp
IE - HKU\S-1-5-21-562732343-2827483506-1812098311-1000\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKU\S-1-5-21-562732343-2827483506-1812098311-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-562732343-2827483506-1812098311-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-562732343-2827483506-1812098311-1006\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-562732343-2827483506-1812098311-1006\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-562732343-2827483506-1812098311-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-562732343-2827483506-1812098311-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: avg%40toolbar:10.0.0.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_188.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\18.5.0.909\ [2015.05.14 13:56:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2014.11.24 12:01:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MS\AppData\Roaming\Mozilla\Extensions
[2015.06.18 16:13:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MS\AppData\Roaming\Mozilla\Firefox\Profiles\bm8y8f39.default\extensions
[2014.11.24 12:01:27 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Users\MS\AppData\Roaming\Mozilla\Firefox\Profiles\bm8y8f39.default\extensions\avg@toolbar
[2013.02.12 12:56:52 | 000,002,308 | ---- | M] () -- C:\Users\MS\AppData\Roaming\Mozilla\Firefox\Profiles\bm8y8f39.default\searchplugins\askcom.xml
[2015.04.27 15:40:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2015.04.27 15:40:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - Extension: No name found = C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
CHR - Extension: No name found = C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\18.1.0.443_0\
CHR - Extension: No name found = C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
CHR - Extension: No name found = C:\Users\MS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\

O1 HOSTS File: ([2012.08.27 10:28:57 | 000,000,826 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.5.0.909\AVG Secure Search_toolbar.dll (AVG Secure Search)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [SoundMan] C:\Windows\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [tvncontrol] C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-562732343-2827483506-1812098311-1005..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\MartinS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\MS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Prodejna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\MS\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-562732343-2827483506-1812098311-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-562732343-2827483506-1812098311-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-562732343-2827483506-1812098311-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 11.25.2)
O16 - DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Java Plug-in 1.8.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06F3D385-5BBD-4831-AC05-969E7BDCEB17}: DhcpNameServer = 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B43AB45-AC9D-463B-916E-FA0714E4CF1F}: NameServer = 10.0.0.138,8.8.8.8
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll (AVG Secure Search)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 7 Days ==========

[2015.06.23 13:25:45 | 000,000,000 | ---D | C] -- C:\_OTL
[2015.06.22 17:12:10 | 000,000,000 | ---D | C] -- C:\Users\MS\Desktop\odstranovani viru - nemazat
[2015.06.22 14:58:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\MS\Desktop\OTL.exe
[2015.06.18 16:28:09 | 000,000,000 | ---D | C] -- C:\FRST

========== Files - Modified Within 7 Days ==========

[2015.06.23 17:15:01 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.06.23 17:05:59 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.06.23 17:05:58 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2015.06.23 17:04:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.06.23 16:46:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.06.23 14:35:06 | 000,018,912 | ---- | M] () -- C:\Users\MS\Desktop\ppl236.pdf
[2015.06.23 14:34:30 | 000,000,497 | ---- | M] () -- C:\Users\MS\Desktop\23.6.666.csv
[2015.06.23 14:10:33 | 000,002,294 | -H-- | M] () -- C:\Users\MS\Documents\Default.rdp
[2015.06.23 13:57:37 | 000,000,398 | ---- | M] () -- C:\Users\MS\Desktop\23.6.int.csv
[2015.06.23 13:45:12 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.06.23 13:45:12 | 000,020,704 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.06.23 13:21:57 | 000,002,201 | ---- | M] () -- C:\Users\MS\Desktop\Google Chrome.lnk
[2015.06.23 13:02:48 | 000,305,299 | ---- | M] () -- C:\Users\MS\Desktop\posta236.pdf
[2015.06.23 13:00:54 | 000,001,392 | ---- | M] () -- C:\Users\MS\Desktop\23.6..csv
[2015.06.22 15:19:10 | 000,141,600 | ---- | M] () -- C:\Users\MS\Desktop\podaci_arch 2.pdf
[2015.06.22 15:18:21 | 000,040,733 | ---- | M] () -- C:\Users\MS\Desktop\formular čp.pdf
[2015.06.22 15:13:21 | 000,000,090 | ---- | M] () -- C:\Users\MS\Desktop\ČP2 22.6.csv
[2015.06.22 14:58:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\MS\Desktop\OTL.exe
[2015.06.22 14:40:41 | 000,024,891 | ---- | M] () -- C:\Users\MS\Desktop\ppl - balik.pdf
[2015.06.22 14:39:25 | 000,030,824 | ---- | M] () -- C:\Users\MS\Desktop\ppl štítky.pdf
[2015.06.22 14:38:35 | 000,001,508 | ---- | M] () -- C:\Users\MS\Desktop\PPL 22.6.csv
[2015.06.22 13:55:32 | 000,000,485 | ---- | M] () -- C:\Users\MS\Desktop\INT 22.6.csv
[2015.06.22 13:27:49 | 000,148,348 | ---- | M] () -- C:\Users\MS\Desktop\podaci_arch130914001.pdf
[2015.06.22 13:24:19 | 000,434,152 | ---- | M] () -- C:\Users\MS\Desktop\formular.pdf
[2015.06.22 13:20:30 | 000,001,737 | ---- | M] () -- C:\Users\MS\Desktop\ČP 22.6.csv
[2015.06.19 14:03:39 | 000,000,543 | ---- | M] () -- C:\Users\MS\Desktop\PPL 19.6.csv
[2015.06.19 13:38:53 | 000,000,446 | ---- | M] () -- C:\Users\MS\Desktop\INT 19.6.csv
[2015.06.19 13:09:06 | 000,000,449 | ---- | M] () -- C:\Users\MS\Desktop\ČP 19.6.csv
[2015.06.18 15:39:28 | 000,002,450 | ---- | M] () -- C:\Users\Public\Desktop\Ekonomický systém POHODA SQL 2015 (síťový klient) Standard.lnk

========== Files Created - No Company Name ==========

[2015.06.23 14:35:16 | 000,018,912 | ---- | C] () -- C:\Users\MS\Desktop\ppl236.pdf
[2015.06.23 14:12:48 | 000,000,497 | ---- | C] () -- C:\Users\MS\Desktop\23.6.666.csv
[2015.06.23 13:54:11 | 000,000,398 | ---- | C] () -- C:\Users\MS\Desktop\23.6.int.csv
[2015.06.23 13:03:19 | 000,305,299 | ---- | C] () -- C:\Users\MS\Desktop\posta236.pdf
[2015.06.23 12:59:09 | 000,001,392 | ---- | C] () -- C:\Users\MS\Desktop\23.6..csv
[2015.06.22 15:19:18 | 000,141,600 | ---- | C] () -- C:\Users\MS\Desktop\podaci_arch 2.pdf
[2015.06.22 15:18:31 | 000,040,733 | ---- | C] () -- C:\Users\MS\Desktop\formular čp.pdf
[2015.06.22 15:13:05 | 000,000,090 | ---- | C] () -- C:\Users\MS\Desktop\ČP2 22.6.csv
[2015.06.22 14:40:46 | 000,024,891 | ---- | C] () -- C:\Users\MS\Desktop\ppl - balik.pdf
[2015.06.22 14:39:37 | 000,030,824 | ---- | C] () -- C:\Users\MS\Desktop\ppl štítky.pdf
[2015.06.22 14:36:39 | 000,001,508 | ---- | C] () -- C:\Users\MS\Desktop\PPL 22.6.csv
[2015.06.22 13:52:00 | 000,000,485 | ---- | C] () -- C:\Users\MS\Desktop\INT 22.6.csv
[2015.06.22 13:27:55 | 000,148,348 | ---- | C] () -- C:\Users\MS\Desktop\podaci_arch130914001.pdf
[2015.06.22 13:24:29 | 000,434,152 | ---- | C] () -- C:\Users\MS\Desktop\formular.pdf
[2015.06.22 13:16:52 | 000,001,737 | ---- | C] () -- C:\Users\MS\Desktop\ČP 22.6.csv
[2015.06.19 14:03:02 | 000,000,543 | ---- | C] () -- C:\Users\MS\Desktop\PPL 19.6.csv
[2015.06.19 13:38:52 | 000,000,446 | ---- | C] () -- C:\Users\MS\Desktop\INT 19.6.csv
[2015.06.19 13:07:10 | 000,000,449 | ---- | C] () -- C:\Users\MS\Desktop\ČP 19.6.csv
[2014.11.24 12:01:47 | 000,009,320 | ---- | C] () -- C:\Users\MS\AppData\Roaming\Hodnoty oddělené čárkami (DOS).EML
[2014.11.24 12:01:47 | 000,003,073 | ---- | C] () -- C:\Users\MS\AppData\Roaming\DownloadManagerFiles.xml
[2014.06.05 12:35:02 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2014.01.03 12:39:01 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2013.10.12 12:42:22 | 000,496,640 | ---- | C] () -- C:\Windows\System32\SecureStoreCore.dll
[2013.10.09 12:43:14 | 000,061,440 | ---- | C] () -- C:\Windows\System32\SecureStoreKSignReg.exe
[2013.10.09 12:42:56 | 000,193,536 | ---- | C] () -- C:\Windows\System32\SecureStoreCspRes.dll
[2013.10.09 12:42:28 | 000,093,184 | ---- | C] () -- C:\Windows\System32\SecureStoreKSign.dll
[2013.10.09 12:42:14 | 000,163,328 | ---- | C] () -- C:\Windows\System32\SecureStorePkcs11.dll
[2013.10.09 12:41:56 | 000,163,840 | ---- | C] () -- C:\Windows\System32\SecureStoreCsp.dll
[2013.05.21 10:37:40 | 000,003,728 | ---- | C] () -- C:\Program Files\Mozilla Firefoxavg-secure-search.xml

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.02.13 07:26:18 | 012,875,264 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2014.11.24 11:19:25 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\AVG2013
[2014.11.24 11:20:02 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\GHISLER
[2014.11.24 11:19:07 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Razer
[2013.01.31 09:08:18 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\TuneUp Software
[2013.01.31 09:08:18 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2013.01.31 09:08:18 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2014.11.24 11:13:26 | 000,000,000 | ---D | M] -- C:\Users\MartinS\AppData\Roaming\AVG2013
[2014.11.24 12:01:07 | 000,000,000 | ---D | M] -- C:\Users\MartinS\AppData\Roaming\Drivers For Free
[2014.11.24 12:01:12 | 000,000,000 | ---D | M] -- C:\Users\MartinS\AppData\Roaming\Fighters
[2014.11.24 12:01:12 | 000,000,000 | ---D | M] -- C:\Users\MartinS\AppData\Roaming\GHISLER
[2014.11.24 12:01:33 | 000,000,000 | ---D | M] -- C:\Users\MartinS\AppData\Roaming\PDF Writer
[2014.11.24 11:13:22 | 000,000,000 | ---D | M] -- C:\Users\MartinS\AppData\Roaming\Razer
[2014.11.24 12:01:46 | 000,000,000 | ---D | M] -- C:\Users\MartinS\AppData\Roaming\StreamTorrent
[2014.11.24 12:01:47 | 000,000,000 | ---D | M] -- C:\Users\MartinS\AppData\Roaming\TeamViewer
[2014.11.24 12:01:47 | 000,000,000 | ---D | M] -- C:\Users\MartinS\AppData\Roaming\TightVNC
[2013.01.31 09:08:18 | 000,000,000 | ---D | M] -- C:\Users\MartinS\AppData\Roaming\TuneUp Software
[2015.04.27 09:39:23 | 000,000,000 | ---D | M] -- C:\Users\MS\AppData\Roaming\AVG2013
[2014.11.24 12:01:12 | 000,000,000 | ---D | M] -- C:\Users\MS\AppData\Roaming\Dropbox
[2015.04.27 09:42:12 | 000,000,000 | ---D | M] -- C:\Users\MS\AppData\Roaming\GHISLER
[2014.11.24 12:01:13 | 000,000,000 | ---D | M] -- C:\Users\MS\AppData\Roaming\ICQ
[2015.04.27 10:40:13 | 000,000,000 | ---D | M] -- C:\Users\MS\AppData\Roaming\PDF Writer
[2014.11.24 12:01:46 | 000,000,000 | ---D | M] -- C:\Users\MS\AppData\Roaming\STORMWARE
[2013.01.31 09:08:18 | 000,000,000 | ---D | M] -- C:\Users\MS\AppData\Roaming\TuneUp Software
[2013.06.24 08:56:18 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\AVG2013
[2011.06.20 15:17:46 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\Drivers For Free
[2014.11.22 14:22:28 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\Dropbox
[2013.04.26 08:47:58 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\Fighters
[2011.12.07 09:29:11 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\GHISLER
[2014.10.20 10:54:18 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\ICQ
[2012.12.05 14:54:26 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\PDF Writer
[2012.02.09 10:12:27 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\Razer
[2013.11.01 14:12:56 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\STORMWARE
[2013.03.29 15:41:15 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\StreamTorrent
[2014.03.27 18:01:01 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\TeamViewer
[2011.08.25 17:30:44 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\TightVNC
[2013.06.24 08:51:11 | 000,000,000 | ---D | M] -- C:\Users\Prodejna\AppData\Roaming\TuneUp Software
[2014.11.24 09:24:10 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\AVG2013
[2013.01.31 09:08:18 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\TuneUp Software
[2015.04.27 08:44:29 | 000,000,000 | ---D | M] -- C:\Users\TEMP.MARTIN\AppData\Roaming\AVG2013
[2013.01.31 09:08:18 | 000,000,000 | ---D | M] -- C:\Users\TEMP.MARTIN\AppData\Roaming\TuneUp Software

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 94681 bytes -> C:\Users\Public\Documents\DSC_0084.jpg:AFP_Resource
@Alternate Data Stream - 92133 bytes -> C:\Users\Public\Documents\DSC_0083.jpg:AFP_Resource
@Alternate Data Stream - 90239 bytes -> C:\Users\Public\Documents\DSC_0081.jpg:AFP_Resource
@Alternate Data Stream - 89355 bytes -> C:\Users\Public\Documents\DSC_0079.jpg:AFP_Resource
@Alternate Data Stream - 81362 bytes -> C:\Users\Public\Documents\DSC_0104 copy.jpg:AFP_Resource
@Alternate Data Stream - 81122 bytes -> C:\Users\Public\Documents\DSC_0087.jpg:AFP_Resource
@Alternate Data Stream - 79721 bytes -> C:\Users\Public\Documents\DSC_0088.jpg:AFP_Resource
@Alternate Data Stream - 60 bytes -> C:\Users\Public\Documents\Umbro PNG:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Public\Documents\DSC_0104 copy.jpg:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Public\Documents\DSC_0088.jpg:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Public\Documents\DSC_0087.jpg:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Public\Documents\DSC_0084.jpg:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Public\Documents\DSC_0083.jpg:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Public\Documents\DSC_0081.jpg:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Public\Documents\DSC_0079.jpg:AFP_AfpInfo
@Alternate Data Stream - 60 bytes -> C:\Users\Public\Documents\.DS_Store:AFP_AfpInfo
@Alternate Data Stream - 143 bytes -> C:\Users\MS\AppData\Roaming\Hodnoty oddělené čárkami (DOS).EML:OECustomProperty

< End of report >