Ahoj, prosím o preventivní kontrolu, jestli kámoška nemá v noťasu nějakou havěť. Děkuju
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenička at 2015-06-27 13:04:50
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 274 GB (60%) free of 460 GB
Total RAM: 3948 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:04:55, on 27.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10m_ActiveX.exe
C:\Program Files\trend micro\Lenička.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7B55709D ... sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10m_ActiveX.exe -update activex
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10321 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-5328-257a01c1fe5c /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
C:\Windows\SysWOW64\ssins.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2492
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
ctfmon.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Bluetooth®: On
WLAN: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>1892132151</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY /updatefinished
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3816 CREDAT:267521 /prefetch:2
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10m_ActiveX.exe -Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3634713918-1635650581-2670142321-100013_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3634713918-1635650581-2670142321-100013 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Lenička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QW97KAIB\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForLenička.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLenička (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-16 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-01 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-16 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-12 6602856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-01 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-01 379552]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-04-17 31282816]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10m_ActiveX.exe [2011-11-16 234656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12 998088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPOSD]
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2010-12-13 318520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-02-10 3710416]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-06-14 310064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-06-27 13:04:50 ----D---- C:\rsit
2015-06-27 13:04:50 ----D---- C:\Program Files\trend micro
2015-06-27 11:02:52 ----D---- C:\Program Files (x86)\ESET
2015-06-27 00:16:21 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-06-27 00:16:21 ----A---- C:\Windows\system32\dwmcore.dll
2015-06-27 00:16:21 ----A---- C:\Windows\system32\dwmapi.dll
2015-06-27 00:16:20 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-06-27 00:16:16 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-06-27 00:16:16 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-06-27 00:16:16 ----A---- C:\Windows\system32\cryptsvc.dll
2015-06-27 00:16:16 ----A---- C:\Windows\system32\crypt32.dll
2015-06-27 00:16:15 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-06-27 00:16:15 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-06-27 00:16:15 ----A---- C:\Windows\system32\wintrust.dll
2015-06-27 00:16:15 ----A---- C:\Windows\system32\cryptnet.dll
2015-06-27 00:16:08 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-06-27 00:16:08 ----A---- C:\Windows\system32\wucltux.dll
2015-06-27 00:16:08 ----A---- C:\Windows\system32\wuaueng.dll
2015-06-27 00:16:08 ----A---- C:\Windows\system32\wuapi.dll
2015-06-27 00:16:08 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-06-27 00:16:07 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-06-27 00:16:07 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-06-27 00:16:07 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-06-27 00:16:07 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wuwebv.dll
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wups2.dll
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wups.dll
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wudriver.dll
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wuauclt.exe
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wuapp.exe
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-06-27 00:15:10 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-10 17:08:39 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 17:08:37 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 17:08:34 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 17:08:32 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 17:08:31 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 17:08:31 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 17:08:31 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 17:08:31 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 17:08:30 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 17:08:14 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 17:08:12 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 17:08:12 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 17:08:11 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 17:08:10 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 17:08:10 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 17:08:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 17:08:09 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 17:08:09 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 17:08:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 17:08:07 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 17:08:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 17:08:07 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 17:08:07 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 17:08:07 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 17:08:07 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 17:08:07 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 17:08:07 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 17:08:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 17:08:07 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\smss.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\relog.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\logman.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 17:08:06 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 17:08:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 17:08:05 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 17:08:05 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 17:08:03 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 17:08:03 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 17:08:03 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 17:08:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 17:08:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 17:08:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 17:08:02 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 17:08:02 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 17:08:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 17:08:02 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 17:08:02 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 17:08:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 17:08:01 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 17:08:01 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 17:07:02 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 17:07:01 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 17:06:54 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-10 17:06:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 17:06:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 17:06:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 17:06:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 17:06:33 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 17:06:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 17:06:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 17:06:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 17:06:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 17:06:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 17:06:32 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 17:06:32 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 17:06:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 17:06:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 17:06:31 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 17:06:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 17:06:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 17:06:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 17:06:30 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 17:06:30 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 17:06:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 17:06:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 17:06:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 17:06:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 17:06:28 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 17:06:28 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 17:06:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 17:06:26 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 17:06:25 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 17:06:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 17:06:24 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 17:06:24 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 17:06:24 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 17:06:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 17:06:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 17:06:23 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 17:06:23 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 17:06:22 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 17:06:22 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 17:06:22 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 17:06:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 17:06:21 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 17:06:21 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 17:06:21 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 17:06:20 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 17:06:20 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 17:06:19 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 17:06:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 17:06:18 ----A---- C:\Windows\system32\mshtml.dll
2015-06-06 12:16:25 ----A---- C:\Windows\system32\generaltel.dll
2015-06-06 12:16:25 ----A---- C:\Windows\system32\appraiser.dll
2015-06-06 12:16:25 ----A---- C:\Windows\system32\aepic.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\invagent.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\devinv.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\aepdu.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\aeinv.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\acmigration.dll
======List of files/folders modified in the last 1 month======
2015-06-27 13:04:55 ----D---- C:\Windows\Prefetch
2015-06-27 13:04:50 ----RD---- C:\Program Files
2015-06-27 13:03:55 ----D---- C:\Windows\Temp
2015-06-27 12:41:55 ----SHD---- C:\System Volume Information
2015-06-27 12:33:06 ----SHD---- C:\Windows\Installer
2015-06-27 12:33:00 ----D---- C:\Windows\SysWOW64
2015-06-27 12:33:00 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-06-27 12:32:47 ----D---- C:\Windows\inf
2015-06-27 12:32:45 ----D---- C:\Windows\System32
2015-06-27 12:32:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-27 11:04:07 ----D---- C:\Windows
2015-06-27 11:02:52 ----RD---- C:\Program Files (x86)
2015-06-27 10:55:59 ----D---- C:\Users\Lenička\AppData\Roaming\Skype
2015-06-27 09:12:54 ----D---- C:\ProgramData\MFAData
2015-06-27 03:47:16 ----D---- C:\Windows\rescache
2015-06-27 03:12:06 ----D---- C:\Windows\Microsoft.NET
2015-06-27 03:02:50 ----D---- C:\Windows\winsxs
2015-06-27 03:01:41 ----A---- C:\Windows\SYSWOW64\log.txt
2015-06-27 02:59:19 ----D---- C:\Windows\system32\catroot2
2015-06-27 02:57:41 ----D---- C:\Windows\system32\config
2015-06-27 00:21:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-27 00:21:55 ----D---- C:\Windows\system32\cs-CZ
2015-06-27 00:21:55 ----D---- C:\Windows\PolicyDefinitions
2015-06-26 23:06:04 ----SHD---- C:\$Recycle.Bin
2015-06-26 08:54:23 ----D---- C:\Windows\system32\Tasks
2015-06-11 17:23:41 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-11 17:23:39 ----D---- C:\Program Files\Windows Media Player
2015-06-11 17:23:22 ----D---- C:\Windows\AppPatch
2015-06-11 17:23:21 ----D---- C:\Windows\system32\drivers
2015-06-11 17:23:11 ----D---- C:\Program Files\Internet Explorer
2015-06-11 17:23:10 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-06-11 17:23:08 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-11 17:23:03 ----D---- C:\Windows\system32\sk-SK
2015-06-11 17:23:03 ----D---- C:\Windows\system32\en-US
2015-06-11 17:23:00 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 17:16:32 ----D---- C:\Windows\system32\MRT
2015-06-11 16:45:36 ----A---- C:\Windows\system32\MRT.exe
2015-06-11 16:38:10 ----HD---- C:\ProgramData
2015-06-11 16:38:10 ----D---- C:\Windows\Tasks
2015-06-07 19:45:31 ----D---- C:\Windows\system32\NDF
2015-06-07 19:24:52 ----SD---- C:\Windows\system32\CompatTel
2015-06-07 19:24:51 ----D---- C:\Windows\system32\appraiser
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-02-03 341472]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2015-01-23 133088]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2014-12-03 58136]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2015-02-10 270816]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-01-16 284128]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-01 36000]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-06-20 3678720]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-01 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-01 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-01 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-01 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-01 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-01 280224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-11-16 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-12 2709224]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-12-31 56344]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-05 436840]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2014-06-16 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-01 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-01 76448]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-02-10 3411408]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-02-10 308720]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-12-01 126520]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-02-04 92216]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-31 325656]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2014-09-27 2324216]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-31 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-02-04 797240]
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2015-02-10 1508656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-27 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivní kontrola
Zdravim 
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivní kontrola
log je zde:
# AdwCleaner v4.207 - Log vytvořen 27/06/2015 v 21:08:04
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-06-23.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Lenička - LENIČKA-HP
# Spuštěno z : C:\Users\Lenička\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\AVG Security Toolbar
Složka Smazáno : C:\ProgramData\Avg_Update_1114tb
Složka Smazáno : C:\ProgramData\Avg_Update_1214tb
Složka Smazáno : C:\Program Files (x86)\AVG SafeGuard toolbar
Složka Smazáno : C:\Program Files (x86)\AVG Security Toolbar
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Klíč Smazáno : HKCU\Software\Myfree Codec
Klíč Smazáno : HKCU\Software\Avg Secure Update
Klíč Smazáno : HKLM\SOFTWARE\Myfree Codec
Klíč Smazáno : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Klíč Smazáno : HKU\.DEFAULT\Software\Avg Secure Update
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v43.0.2357.130
[C:\Users\Lenička\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
*************************
AdwCleaner[R0].txt - [3714 bytů] - [27/06/2015 21:06:01]
AdwCleaner[S0].txt - [3132 bytů] - [27/06/2015 21:08:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3190 bytů] ##########
# AdwCleaner v4.207 - Log vytvořen 27/06/2015 v 21:08:04
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-06-23.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Lenička - LENIČKA-HP
# Spuštěno z : C:\Users\Lenička\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění
***** [ Služby ] *****
***** [ Soubory / Složky ] *****
Složka Smazáno : C:\ProgramData\AVG Security Toolbar
Složka Smazáno : C:\ProgramData\Avg_Update_1114tb
Složka Smazáno : C:\ProgramData\Avg_Update_1214tb
Složka Smazáno : C:\Program Files (x86)\AVG SafeGuard toolbar
Složka Smazáno : C:\Program Files (x86)\AVG Security Toolbar
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč Smazáno : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC29EDF6-AD3C-4E1C-A087-D6CB81400C43}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Klíč Smazáno : HKCU\Software\Myfree Codec
Klíč Smazáno : HKCU\Software\Avg Secure Update
Klíč Smazáno : HKLM\SOFTWARE\Myfree Codec
Klíč Smazáno : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Klíč Smazáno : HKU\.DEFAULT\Software\Avg Secure Update
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Google Chrome v43.0.2357.130
[C:\Users\Lenička\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMNTDF
*************************
AdwCleaner[R0].txt - [3714 bytů] - [27/06/2015 21:06:01]
AdwCleaner[S0].txt - [3132 bytů] - [27/06/2015 21:08:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3190 bytů] ##########
S nehynoucí vděčností děkuji 
Re: Preventivní kontrola
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivní kontrola
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 27.6.2015
Čas skenování: 22:49:07
Protokol: dfg.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.06.27.04
Databáze rootkitů: v2015.06.26.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: LeniÄ?ka
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 472981
Uplynulý čas: 1 hod, 49 min, 18 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 27.6.2015
Čas skenování: 22:49:07
Protokol: dfg.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.06.27.04
Databáze rootkitů: v2015.06.26.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: LeniÄ?ka
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 472981
Uplynulý čas: 1 hod, 49 min, 18 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
S nehynoucí vděčností děkuji
Re: Preventivní kontrola
Proc ted pisete z jineho uctu, nez byl uvodni prispevek? MBAM odinstalujte. Dejte novy log z RSITa k tomu
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivní kontrola
eh, to bude asi proto, že jsem se přihlásila na několik let starej účet, o kterým jsem nevěděla, že ještě žije... to je tak, když má člověk tolik nicků, že už ani neví, co kde má... pak ten jeden smažu. FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015
Ran by Lenička (administrator) on LENIČKA-HP on 28-06-2015 12:32:27
Running from C:\Users\Lenička\Desktop
Loaded Profiles: Lenička & (Available Profiles: Lenička)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17843_none_85394e6bf752dae9\iexplore.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(forum.viry.cz) C:\Users\Lenička\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-03-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-01] (Atheros Commnucations)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-07-21] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3710416 2015-02-10] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-06-14] (Samsung Electronics Co., Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7B55709D ... sg=&sap=hp
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7B55709D ... sg=&sap=hp
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-16] (Sun Microsystems, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-01] (Atheros Commnucations)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-16] (Sun Microsystems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 178.22.118.10 178.22.112.22
Tcpip\..\Interfaces\{B11031F2-D4A3-4E0E-8C65-84B6C0CFB4CF}: [DhcpNameServer] 178.22.118.10 178.22.112.22
FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-16] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-16] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Lenička\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Lenička\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-26]
CHR Extension: (Google Docs) - C:\Users\Lenička\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-26]
CHR Extension: (Google Drive) - C:\Users\Lenička\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-26]
CHR Extension: (YouTube) - C:\Users\Lenička\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-26]
CHR Extension: (Google Search) - C:\Users\Lenička\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-26]
CHR Extension: (Google Sheets) - C:\Users\Lenička\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-26]
CHR Extension: (Google Wallet) - C:\Users\Lenička\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-26]
CHR Extension: (Gmail) - C:\Users\Lenička\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-26]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-01] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-03-01] (Atheros Commnucations) [File not signed]
S2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1508656 2015-02-10] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3411408 2015-02-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [308720 2015-02-10] (AVG Technologies CZ, s.r.o.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1817088 2010-12-28] (Realsil Microelectronics Inc.) [File not signed]
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2014-09-27] (PS Media s.r.o.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [58136 2014-12-03] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [270816 2015-02-10] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-01-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-01-16] (AVG Technologies CZ, s.r.o.)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [206080 2014-06-16] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2011-11-16] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2011-11-16] (Microsoft Corporation) [File not signed]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-28 12:32 - 2015-06-28 12:32 - 00015091 _____ C:\Users\Lenička\Desktop\FRST.txt
2015-06-28 12:31 - 2015-06-28 12:31 - 00112640 _____ (forum.viry.cz) C:\Users\Lenička\Desktop\FRSTLauncher.exe
2015-06-28 12:29 - 2015-06-28 12:32 - 00000000 ____D C:\FRST
2015-06-28 12:28 - 2015-06-28 12:29 - 02112512 _____ (Farbar) C:\Users\Lenička\Desktop\FRST64.exe
2015-06-28 00:51 - 2015-06-28 00:51 - 00001162 _____ C:\Users\Lenička\Desktop\dfg.txt
2015-06-27 22:47 - 2015-06-27 22:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-27 21:13 - 2015-06-28 12:29 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-27 21:13 - 2015-06-27 21:13 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-27 21:13 - 2015-06-27 21:13 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-27 21:13 - 2015-06-27 21:13 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-27 21:12 - 2015-06-27 21:12 - 00000000 ____D C:\Windows\system32\Macromed
2015-06-27 21:05 - 2015-06-27 21:08 - 00000000 ____D C:\AdwCleaner
2015-06-27 21:04 - 2015-06-27 21:04 - 02244096 _____ C:\Users\Lenička\Desktop\adwcleaner_4.207.exe
2015-06-27 13:04 - 2015-06-28 12:26 - 00000000 ____D C:\Program Files\trend micro
2015-06-27 13:04 - 2015-06-27 13:04 - 00000000 ____D C:\rsit
2015-06-27 11:02 - 2015-06-27 11:02 - 02870984 _____ (ESET) C:\Users\Lenička\Downloads\esetsmartinstaller_csy (2).exe
2015-06-27 11:02 - 2015-06-27 11:02 - 02870984 _____ (ESET) C:\Users\Lenička\Downloads\esetsmartinstaller_csy (1).exe
2015-06-27 00:16 - 2015-05-09 05:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-27 00:16 - 2015-05-09 05:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-27 00:16 - 2015-05-09 05:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-27 00:16 - 2015-05-09 05:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-27 00:16 - 2015-05-09 05:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-27 00:16 - 2015-05-09 05:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-27 00:16 - 2015-05-09 05:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-27 00:16 - 2015-05-09 05:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-27 00:16 - 2015-05-09 05:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-27 00:16 - 2015-05-09 05:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-27 00:16 - 2015-05-09 05:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-27 00:16 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-27 00:16 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-27 00:16 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-27 00:16 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-27 00:16 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-27 00:16 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-06-27 00:16 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-06-27 00:16 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-06-27 00:16 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-06-27 00:16 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-06-27 00:16 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-06-27 00:16 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-06-27 00:16 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-06-27 00:16 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-06-27 00:16 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-06-27 00:16 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-06-27 00:16 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-06-27 00:15 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-26 23:36 - 2015-06-27 21:18 - 00000168 _____ C:\Windows\setupact.log
2015-06-26 23:36 - 2015-06-26 23:36 - 00000000 _____ C:\Windows\setuperr.log
2015-06-26 23:19 - 2015-06-26 23:19 - 00003583 _____ C:\Users\Lenička\Desktop\2ZC2KF041_2015-06-16_09-50-32-288 – zástupce.lnk
2015-06-26 23:19 - 2015-06-26 23:19 - 00003580 _____ C:\Users\Lenička\Desktop\1C2KF041_2015-06-16_09-50-32-288 – zástupce.lnk
2015-06-26 23:19 - 2015-06-26 23:19 - 00003520 _____ C:\Users\Lenička\Desktop\Dukan-dieta-ve-350-receptech – zástupce.lnk
2015-06-26 23:19 - 2015-06-26 23:19 - 00003373 _____ C:\Users\Lenička\Desktop\Projekt PV celý (1) – zástupce.lnk
2015-06-26 23:19 - 2015-06-26 23:19 - 00003313 _____ C:\Users\Lenička\Desktop\Projekt PV celý – zástupce.lnk
2015-06-26 23:19 - 2015-06-26 23:19 - 00003313 _____ C:\Users\Lenička\Desktop\100_babovek (1) – zástupce.lnk
2015-06-26 23:19 - 2015-06-26 23:19 - 00003156 _____ C:\Users\Lenička\Desktop\RUNY – zástupce.lnk
2015-06-26 23:19 - 2015-06-26 23:19 - 00003129 _____ C:\Users\Lenička\Desktop\ZEN – zástupce.lnk
2015-06-26 23:16 - 2015-06-26 23:16 - 00001799 _____ C:\Users\Lenička\Desktop\hudba – zástupce.lnk
2015-06-26 23:02 - 2015-06-26 23:02 - 00001872 _____ C:\Users\Lenička\Desktop\texty z plochy – zástupce.lnk
2015-06-26 23:01 - 2015-06-26 23:19 - 00000000 ____D C:\Users\Lenička\Documents\texty z plochy
2015-06-26 08:54 - 2015-06-26 08:54 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-15 21:53 - 2015-06-15 21:57 - 364845056 _____ C:\Users\Lenička\Downloads\Grimm S04E22 CZ titulky v obraze NOVINKA 2015.avi
2015-06-15 21:17 - 2015-06-15 21:20 - 364834816 _____ C:\Users\Lenička\Downloads\Grimm S04E21 CZ Titulky NOVINKA 2015.avi
2015-06-10 17:08 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 17:08 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 17:08 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 17:08 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 17:08 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 17:08 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 17:08 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 17:08 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 17:08 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 17:08 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 17:08 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 17:08 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 17:08 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 17:08 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 17:08 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 17:08 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 17:08 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 17:08 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 17:08 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 17:08 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 17:08 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 17:08 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 17:08 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 17:08 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 17:08 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 17:08 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 17:08 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 17:08 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 17:08 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 17:08 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 17:08 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 17:08 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 17:08 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 17:08 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 17:08 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 17:08 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 17:08 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 17:08 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 17:08 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 17:08 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 17:08 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 17:08 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 17:08 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 17:08 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 17:08 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 17:08 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 17:08 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 17:08 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 17:08 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 17:08 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 17:08 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 17:07 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 17:07 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 17:06 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 17:06 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 17:06 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 17:06 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 17:06 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 17:06 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 17:06 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 17:06 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 17:06 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 17:06 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 17:06 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 17:06 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 17:06 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 17:06 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 17:06 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 17:06 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 17:06 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 17:06 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 17:06 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 17:06 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 17:06 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 17:06 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 17:06 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 17:06 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 17:06 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 17:06 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 17:06 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 17:06 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 17:06 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 17:06 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 17:06 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 17:06 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 17:06 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 17:06 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 17:06 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 17:06 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 17:06 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 17:06 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 17:06 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 17:06 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 17:06 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 17:06 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 17:06 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 17:06 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 17:06 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 17:06 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 17:06 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 17:06 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 17:06 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 17:06 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 17:06 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 17:06 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 17:06 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 17:06 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 17:06 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 17:06 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 17:06 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 17:06 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 17:06 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 17:06 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 17:06 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-07 19:26 - 2015-06-07 19:26 - 00000000 ____D C:\Users\Lenička\AppData\Local\GWX
2015-06-06 12:16 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-06 12:16 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-06 12:16 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-06 12:16 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-06 12:16 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-06 12:16 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-06 12:16 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-06 12:16 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-28 12:28 - 2014-09-26 17:35 - 00000000 ____D C:\ProgramData\MFAData
2015-06-28 12:27 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-28 12:27 - 2009-07-14 06:45 - 00032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-28 12:22 - 2014-09-26 20:32 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-28 12:22 - 2012-01-17 05:55 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2015-06-28 12:22 - 2012-01-17 05:25 - 01892262 _____ C:\Windows\WindowsUpdate.log
2015-06-27 21:19 - 2014-09-28 16:18 - 00000000 ____D C:\Users\Lenička\AppData\Roaming\Skype
2015-06-27 21:18 - 2014-09-27 12:19 - 00000000 _____ C:\Windows\SysWOW64\sinstall.log
2015-06-27 21:18 - 2014-09-26 20:32 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-27 21:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-27 12:33 - 2014-09-26 20:49 - 01558876 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-27 12:33 - 2011-11-16 21:18 - 00668792 _____ C:\Windows\system32\perfh005.dat
2015-06-27 12:33 - 2011-11-16 21:18 - 00141420 _____ C:\Windows\system32\perfc005.dat
2015-06-27 12:32 - 2009-07-14 07:13 - 01558876 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-27 10:44 - 2014-09-25 21:26 - 00003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6EC5FE75-FA10-4DFC-99B5-A4B21CE2E313}
2015-06-27 07:41 - 2015-05-04 19:18 - 00003198 _____ C:\Windows\System32\Tasks\HPCeeScheduleForLenička
2015-06-27 07:41 - 2015-05-04 19:18 - 00000340 _____ C:\Windows\Tasks\HPCeeScheduleForLenička.job
2015-06-27 03:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-27 00:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-26 23:13 - 2014-09-27 09:35 - 00000000 __SHD C:\Users\Lenička\AppData\Local\EmieUserList
2015-06-26 23:13 - 2014-09-27 09:35 - 00000000 __SHD C:\Users\Lenička\AppData\Local\EmieSiteList
2015-06-24 19:12 - 2014-09-26 20:34 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-24 18:47 - 2014-10-01 18:40 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-06-12 16:43 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-11 21:22 - 2009-07-14 06:45 - 00268800 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 17:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2015-06-11 17:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sk-SK
2015-06-11 17:16 - 2014-09-26 18:39 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 16:45 - 2014-09-26 18:39 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-07 19:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-07 19:28 - 2014-09-25 21:26 - 00000000 ____D C:\Users\Lenička\Documents\Bluetooth Folder
2015-06-07 19:24 - 2014-12-11 21:37 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-07 19:24 - 2014-09-27 09:06 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-06 13:36 - 2014-09-29 15:47 - 00000000 ____D C:\Users\Lenička\Documents\SelfMV
==================== Files in the root of some directories =======
2015-02-13 19:23 - 2015-04-13 23:00 - 0001854 _____ () C:\Users\Lenička\AppData\Roaming\GhostObjGAFix.xml
2014-09-27 11:38 - 2014-09-27 11:38 - 0007597 _____ () C:\Users\Lenička\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Lenička\AppData\Local\Temp\Quarantine.exe
C:\Users\Lenička\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-27 03:39
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:449.29 GB) (Free:267.47 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.18 GB) (Free:2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Available physical RAM: 2294.46 MB
Total physical RAM: 3947.86 MB
Percentage of memory in use: 41%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5AC588FB)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLenička.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG update module (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Leni�ka\Desktop" je 76 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPOSD
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (7.96 KiB) Staženo 49 x
S nehynoucí vděčností děkuji
Re: Preventivní kontrola
RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenička at 2015-06-28 12:26:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 274 GB (60%) free of 460 GB
Total RAM: 3948 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:27:00, on 28.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Lenička.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7B55709D ... sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User '?')
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10951 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-8154-815dc6883a69 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"taskhost.exe"
C:\Windows\SysWOW64\ssins.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
WLIDSvcM.exe 2716
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\system32\GWX\GWX.exe"
ctfmon.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Internet Explorer\iexplore.exe" http://forum.viry.cz/viewforum.php?f=30
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5404 CREDAT:267521 /prefetch:2
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Bluetooth®: On
WLAN: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>1267470604</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
"taskhost.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
taskeng.exe {DB6542BF-D6CD-4566-8030-AF89C8489FC2}
taskeng.exe {1E44F3CE-26A7-49CB-9363-68D40277C47D}
C:\Windows\system32\sppsvc.exe
taskhost.exe $(Arg0)
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3634713918-1635650581-2670142321-100014_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3634713918-1635650581-2670142321-100014 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lenička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4TERYATV\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForLenička.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLenička (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-16 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-01 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-16 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-12 6602856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-01 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-01 379552]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-04-17 31282816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12 998088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPOSD]
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2010-12-13 318520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-02-10 3710416]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-06-14 310064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-06-27 22:47:28 ----D---- C:\ProgramData\Malwarebytes
2015-06-27 21:13:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-27 21:12:59 ----D---- C:\Windows\system32\Macromed
2015-06-27 21:05:50 ----D---- C:\AdwCleaner
2015-06-27 13:04:50 ----D---- C:\rsit
2015-06-27 13:04:50 ----D---- C:\Program Files\trend micro
2015-06-27 00:16:21 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-06-27 00:16:21 ----A---- C:\Windows\system32\dwmcore.dll
2015-06-27 00:16:21 ----A---- C:\Windows\system32\dwmapi.dll
2015-06-27 00:16:20 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-06-27 00:16:16 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-06-27 00:16:16 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-06-27 00:16:16 ----A---- C:\Windows\system32\cryptsvc.dll
2015-06-27 00:16:16 ----A---- C:\Windows\system32\crypt32.dll
2015-06-27 00:16:15 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-06-27 00:16:15 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-06-27 00:16:15 ----A---- C:\Windows\system32\wintrust.dll
2015-06-27 00:16:15 ----A---- C:\Windows\system32\cryptnet.dll
2015-06-27 00:16:08 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-06-27 00:16:08 ----A---- C:\Windows\system32\wucltux.dll
2015-06-27 00:16:08 ----A---- C:\Windows\system32\wuaueng.dll
2015-06-27 00:16:08 ----A---- C:\Windows\system32\wuapi.dll
2015-06-27 00:16:08 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-06-27 00:16:07 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-06-27 00:16:07 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-06-27 00:16:07 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-06-27 00:16:07 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wuwebv.dll
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wups2.dll
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wups.dll
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wudriver.dll
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wuauclt.exe
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wuapp.exe
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-06-27 00:15:10 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-10 17:08:39 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 17:08:37 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 17:08:34 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 17:08:32 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 17:08:31 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 17:08:31 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 17:08:31 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 17:08:31 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 17:08:30 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 17:08:14 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 17:08:12 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 17:08:12 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 17:08:11 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 17:08:10 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 17:08:10 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 17:08:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 17:08:09 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 17:08:09 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 17:08:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 17:08:07 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 17:08:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 17:08:07 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 17:08:07 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 17:08:07 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 17:08:07 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 17:08:07 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 17:08:07 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 17:08:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 17:08:07 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\smss.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\relog.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\logman.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 17:08:06 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 17:08:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 17:08:05 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 17:08:05 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 17:08:03 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 17:08:03 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 17:08:03 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 17:08:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 17:08:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 17:08:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 17:08:02 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 17:08:02 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 17:08:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 17:08:02 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 17:08:02 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 17:08:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 17:08:01 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 17:08:01 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 17:07:02 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 17:07:01 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 17:06:54 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-10 17:06:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 17:06:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 17:06:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 17:06:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 17:06:33 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 17:06:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 17:06:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 17:06:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 17:06:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 17:06:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 17:06:32 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 17:06:32 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 17:06:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 17:06:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 17:06:31 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 17:06:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 17:06:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 17:06:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 17:06:30 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 17:06:30 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 17:06:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 17:06:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 17:06:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 17:06:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 17:06:28 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 17:06:28 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 17:06:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 17:06:26 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 17:06:25 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 17:06:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 17:06:24 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 17:06:24 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 17:06:24 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 17:06:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 17:06:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 17:06:23 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 17:06:23 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 17:06:22 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 17:06:22 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 17:06:22 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 17:06:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 17:06:21 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 17:06:21 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 17:06:21 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 17:06:20 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 17:06:20 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 17:06:19 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 17:06:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 17:06:18 ----A---- C:\Windows\system32\mshtml.dll
2015-06-06 12:16:25 ----A---- C:\Windows\system32\generaltel.dll
2015-06-06 12:16:25 ----A---- C:\Windows\system32\appraiser.dll
2015-06-06 12:16:25 ----A---- C:\Windows\system32\aepic.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\invagent.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\devinv.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\aepdu.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\aeinv.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\acmigration.dll
======List of files/folders modified in the last 1 month======
2015-06-28 12:27:00 ----D---- C:\Windows\Prefetch
2015-06-28 12:26:13 ----D---- C:\Windows\Temp
2015-06-28 12:26:09 ----D---- C:\ProgramData\MFAData
2015-06-28 12:24:55 ----RD---- C:\Program Files (x86)
2015-06-28 12:24:55 ----D---- C:\Windows\system32\drivers
2015-06-28 00:06:10 ----D---- C:\Windows\system32\config
2015-06-27 22:47:28 ----HD---- C:\ProgramData
2015-06-27 21:20:48 ----A---- C:\Windows\SYSWOW64\log.txt
2015-06-27 21:19:50 ----D---- C:\Users\Lenička\AppData\Roaming\Skype
2015-06-27 21:13:08 ----D---- C:\Windows\Tasks
2015-06-27 21:13:08 ----D---- C:\Windows\system32\Tasks
2015-06-27 21:13:03 ----D---- C:\Windows\SysWOW64
2015-06-27 21:12:59 ----D---- C:\Windows\System32
2015-06-27 16:24:40 ----SHD---- C:\Windows\Installer
2015-06-27 13:06:45 ----SD---- C:\Users\Lenička\AppData\Roaming\Microsoft
2015-06-27 13:04:50 ----RD---- C:\Program Files
2015-06-27 12:41:55 ----SHD---- C:\System Volume Information
2015-06-27 12:33:00 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-06-27 12:32:47 ----D---- C:\Windows\inf
2015-06-27 12:32:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-27 11:04:07 ----D---- C:\Windows
2015-06-27 03:47:16 ----D---- C:\Windows\rescache
2015-06-27 03:12:06 ----D---- C:\Windows\Microsoft.NET
2015-06-27 03:02:50 ----D---- C:\Windows\winsxs
2015-06-27 02:59:19 ----D---- C:\Windows\system32\catroot2
2015-06-27 00:21:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-27 00:21:55 ----D---- C:\Windows\system32\cs-CZ
2015-06-27 00:21:55 ----D---- C:\Windows\PolicyDefinitions
2015-06-26 23:06:04 ----SHD---- C:\$Recycle.Bin
2015-06-11 17:23:41 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-11 17:23:39 ----D---- C:\Program Files\Windows Media Player
2015-06-11 17:23:22 ----D---- C:\Windows\AppPatch
2015-06-11 17:23:11 ----D---- C:\Program Files\Internet Explorer
2015-06-11 17:23:10 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-06-11 17:23:08 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-11 17:23:03 ----D---- C:\Windows\system32\sk-SK
2015-06-11 17:23:03 ----D---- C:\Windows\system32\en-US
2015-06-11 17:23:00 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 17:16:32 ----D---- C:\Windows\system32\MRT
2015-06-11 16:45:36 ----A---- C:\Windows\system32\MRT.exe
2015-06-07 19:45:31 ----D---- C:\Windows\system32\NDF
2015-06-07 19:24:52 ----SD---- C:\Windows\system32\CompatTel
2015-06-07 19:24:51 ----D---- C:\Windows\system32\appraiser
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-02-03 341472]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2015-01-23 133088]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2014-12-03 58136]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2015-02-10 270816]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-01-16 284128]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-01 36000]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-06-20 3678720]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-01 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-01 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-01 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-01 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-01 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-01 280224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-11-16 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-12 2709224]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-12-31 56344]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-05 436840]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2014-06-16 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-01 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-01 76448]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-02-10 3411408]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-02-10 308720]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-12-01 126520]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-02-04 92216]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-31 325656]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2014-09-27 2324216]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-31 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-02-04 797240]
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2015-02-10 1508656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-27 268976]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-27 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenička at 2015-06-28 12:26:58
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 274 GB (60%) free of 460 GB
Total RAM: 3948 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:27:00, on 28.6.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\AVG2015\avgui.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Lenička.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7B55709D ... sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User '?')
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10951 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\AVG2015\avgrsa.exe /boot
C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe /pipeName=c2feea3f-0200-0000-8154-815dc6883a69 /binaryPath="C:\Program Files (x86)\AVG\AVG2015\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe"
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"taskhost.exe"
C:\Windows\SysWOW64\ssins.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgemca.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
WLIDSvcM.exe 2716
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\system32\GWX\GWX.exe"
ctfmon.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Internet Explorer\iexplore.exe" http://forum.viry.cz/viewforum.php?f=30
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5404 CREDAT:267521 /prefetch:2
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><Title>HP Wireless Assistant</Title><Text>Bluetooth®: On
WLAN: On</Text><IconPath>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WA_tray_32_on.ico</IconPath><ID>1267470604</ID><Path>C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe</Path><Parameters></Parameters></Toast></hpNotification>"
"taskhost.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding
taskeng.exe {DB6542BF-D6CD-4566-8030-AF89C8489FC2}
taskeng.exe {1E44F3CE-26A7-49CB-9363-68D40277C47D}
C:\Windows\system32\sppsvc.exe
taskhost.exe $(Arg0)
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3634713918-1635650581-2670142321-100014_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3634713918-1635650581-2670142321-100014 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Lenička\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4TERYATV\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForLenička.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLenička (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-16 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-01 60576]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-16 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2011-01-12 6602856]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-03-01 615584]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-03-01 379552]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-07-21 8192]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-29 171992]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-29 399832]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-29 442328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-04-17 31282816]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12 998088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Quick Launch]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-11-09 586296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPOSD]
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [2010-12-13 318520]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
"AVG_UI"=C:\Program Files (x86)\AVG\AVG2015\avgui.exe [2015-02-10 3710416]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-06-14 310064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-01-29 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-06-27 22:47:28 ----D---- C:\ProgramData\Malwarebytes
2015-06-27 21:13:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-27 21:12:59 ----D---- C:\Windows\system32\Macromed
2015-06-27 21:05:50 ----D---- C:\AdwCleaner
2015-06-27 13:04:50 ----D---- C:\rsit
2015-06-27 13:04:50 ----D---- C:\Program Files\trend micro
2015-06-27 00:16:21 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-06-27 00:16:21 ----A---- C:\Windows\system32\dwmcore.dll
2015-06-27 00:16:21 ----A---- C:\Windows\system32\dwmapi.dll
2015-06-27 00:16:20 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-06-27 00:16:16 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-06-27 00:16:16 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-06-27 00:16:16 ----A---- C:\Windows\system32\cryptsvc.dll
2015-06-27 00:16:16 ----A---- C:\Windows\system32\crypt32.dll
2015-06-27 00:16:15 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-06-27 00:16:15 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-06-27 00:16:15 ----A---- C:\Windows\system32\wintrust.dll
2015-06-27 00:16:15 ----A---- C:\Windows\system32\cryptnet.dll
2015-06-27 00:16:08 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-06-27 00:16:08 ----A---- C:\Windows\system32\wucltux.dll
2015-06-27 00:16:08 ----A---- C:\Windows\system32\wuaueng.dll
2015-06-27 00:16:08 ----A---- C:\Windows\system32\wuapi.dll
2015-06-27 00:16:08 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-06-27 00:16:07 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-06-27 00:16:07 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-06-27 00:16:07 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-06-27 00:16:07 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wuwebv.dll
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wups2.dll
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wups.dll
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wudriver.dll
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wuauclt.exe
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wuapp.exe
2015-06-27 00:16:07 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-06-27 00:15:10 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-10 17:08:39 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 17:08:37 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 17:08:34 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 17:08:32 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 17:08:31 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 17:08:31 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 17:08:31 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 17:08:31 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 17:08:30 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 17:08:14 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 17:08:12 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 17:08:12 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 17:08:11 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 17:08:10 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 17:08:10 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 17:08:09 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 17:08:09 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 17:08:09 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 17:08:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 17:08:07 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 17:08:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 17:08:07 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 17:08:07 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 17:08:07 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 17:08:07 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 17:08:07 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 17:08:07 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 17:08:07 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 17:08:07 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 17:08:06 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\smss.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\relog.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\logman.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 17:08:06 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 17:08:06 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 17:08:06 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 17:08:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 17:08:05 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 17:08:05 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 17:08:03 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 17:08:03 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 17:08:03 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 17:08:03 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 17:08:02 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 17:08:02 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 17:08:02 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 17:08:02 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 17:08:02 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 17:08:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 17:08:02 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 17:08:02 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 17:08:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 17:08:01 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 17:08:01 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 17:07:02 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 17:07:01 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 17:06:54 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-10 17:06:34 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 17:06:34 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 17:06:34 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 17:06:34 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 17:06:33 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 17:06:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 17:06:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 17:06:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 17:06:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 17:06:32 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 17:06:32 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 17:06:32 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 17:06:31 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 17:06:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 17:06:31 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 17:06:31 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 17:06:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 17:06:30 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 17:06:30 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 17:06:30 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 17:06:29 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 17:06:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 17:06:29 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 17:06:28 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 17:06:28 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 17:06:28 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 17:06:28 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 17:06:27 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 17:06:26 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 17:06:25 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 17:06:24 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 17:06:24 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 17:06:24 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 17:06:24 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 17:06:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 17:06:23 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 17:06:23 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 17:06:23 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 17:06:22 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 17:06:22 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 17:06:22 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 17:06:21 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 17:06:21 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 17:06:21 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 17:06:21 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 17:06:20 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 17:06:20 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 17:06:19 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 17:06:19 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 17:06:18 ----A---- C:\Windows\system32\mshtml.dll
2015-06-06 12:16:25 ----A---- C:\Windows\system32\generaltel.dll
2015-06-06 12:16:25 ----A---- C:\Windows\system32\appraiser.dll
2015-06-06 12:16:25 ----A---- C:\Windows\system32\aepic.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\invagent.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\devinv.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\aepdu.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\aeinv.dll
2015-06-06 12:16:24 ----A---- C:\Windows\system32\acmigration.dll
======List of files/folders modified in the last 1 month======
2015-06-28 12:27:00 ----D---- C:\Windows\Prefetch
2015-06-28 12:26:13 ----D---- C:\Windows\Temp
2015-06-28 12:26:09 ----D---- C:\ProgramData\MFAData
2015-06-28 12:24:55 ----RD---- C:\Program Files (x86)
2015-06-28 12:24:55 ----D---- C:\Windows\system32\drivers
2015-06-28 00:06:10 ----D---- C:\Windows\system32\config
2015-06-27 22:47:28 ----HD---- C:\ProgramData
2015-06-27 21:20:48 ----A---- C:\Windows\SYSWOW64\log.txt
2015-06-27 21:19:50 ----D---- C:\Users\Lenička\AppData\Roaming\Skype
2015-06-27 21:13:08 ----D---- C:\Windows\Tasks
2015-06-27 21:13:08 ----D---- C:\Windows\system32\Tasks
2015-06-27 21:13:03 ----D---- C:\Windows\SysWOW64
2015-06-27 21:12:59 ----D---- C:\Windows\System32
2015-06-27 16:24:40 ----SHD---- C:\Windows\Installer
2015-06-27 13:06:45 ----SD---- C:\Users\Lenička\AppData\Roaming\Microsoft
2015-06-27 13:04:50 ----RD---- C:\Program Files
2015-06-27 12:41:55 ----SHD---- C:\System Volume Information
2015-06-27 12:33:00 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-06-27 12:32:47 ----D---- C:\Windows\inf
2015-06-27 12:32:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-06-27 11:04:07 ----D---- C:\Windows
2015-06-27 03:47:16 ----D---- C:\Windows\rescache
2015-06-27 03:12:06 ----D---- C:\Windows\Microsoft.NET
2015-06-27 03:02:50 ----D---- C:\Windows\winsxs
2015-06-27 02:59:19 ----D---- C:\Windows\system32\catroot2
2015-06-27 00:21:55 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-27 00:21:55 ----D---- C:\Windows\system32\cs-CZ
2015-06-27 00:21:55 ----D---- C:\Windows\PolicyDefinitions
2015-06-26 23:06:04 ----SHD---- C:\$Recycle.Bin
2015-06-11 17:23:41 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-11 17:23:39 ----D---- C:\Program Files\Windows Media Player
2015-06-11 17:23:22 ----D---- C:\Windows\AppPatch
2015-06-11 17:23:11 ----D---- C:\Program Files\Internet Explorer
2015-06-11 17:23:10 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-06-11 17:23:08 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-11 17:23:03 ----D---- C:\Windows\system32\sk-SK
2015-06-11 17:23:03 ----D---- C:\Windows\system32\en-US
2015-06-11 17:23:00 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-11 17:16:32 ----D---- C:\Windows\system32\MRT
2015-06-11 16:45:36 ----A---- C:\Windows\system32\MRT.exe
2015-06-07 19:45:31 ----D---- C:\Windows\system32\NDF
2015-06-07 19:24:52 ----SD---- C:\Windows\system32\CompatTel
2015-06-07 19:24:51 ----D---- C:\Windows\system32\appraiser
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-11-18 203544]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2015-02-03 341472]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2015-01-23 133088]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-18 31512]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-09-13 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-18 153368]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2014-12-03 58136]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2015-02-10 270816]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-08-28 243480]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-01-16 284128]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-01 36000]
R3 athr;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-06-20 3678720]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-01 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-01 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-01 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-01 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-01 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-01 280224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-11-16 80384]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-01-29 5363200]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-01-12 2709224]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-12-31 56344]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-02-15 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-05 436840]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-06-16 110336]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x64.sys [2009-06-10 408960]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-06-16 206080]
S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudobex.sys [2014-06-16 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUSB;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUSB.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-01 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-01 76448]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [2015-02-10 3411408]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [2015-02-10 308720]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HP Health Check Service;HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [2010-12-01 126520]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-07-21 103992]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-02-04 92216]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-09 26680]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2010-12-28 1817088]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-31 325656]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2014-09-27 2324216]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-31 2656280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-02-04 797240]
S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [2015-02-10 1508656]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-27 268976]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-01-29 279000]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-27 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
S nehynoucí vděčností děkuji
Re: Preventivní kontrola
Mit zde vice uctu je proti pravidlum fora. Vyberte si tedy ktery chcete ponechat a ktery smazat a napiste mi to. Nahlasim to Adminovi a ten to uklidiZrzoun píše:
Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-06-14] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7B55709D ... sg=&sap=hp
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7B55709D ... sg=&sap=hp
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-27 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 116648]
2015-06-27 22:47 - 2015-06-27 22:47 - 00000000 ____D C:\ProgramData\Malwarebytes
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivní kontrola
Tak to se moc omlouvám, ani mi to nedošlo, než jste mě na to upozornil. Klidně smažte Zrzounka. Děkuju
Log je zde:
Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015
Ran by Lenička at 2015-06-29 17:22:04 Run:1
Running from C:\Users\Lenička\Desktop
Loaded Profiles: Lenička & (Available Profiles: Lenička)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-06-14] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7B55709D ... sg=&sap=hp
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7B55709D ... sg=&sap=hp
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-27 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 116648]
2015-06-27 22:47 - 2015-06-27 22:47 - 00000000 ____D C:\ProgramData\Malwarebytes
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => value removed successfully
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}" => key removed successfully
HKCR\Wow6432Node\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => key not found.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
MBAMSwissArmy => Service stopped successfully.
MBAMSwissArmy => Service removed successfully
AdobeARMservice => Service removed successfully
gupdate => Service removed successfully
SkypeUpdate => Service removed successfully
AdobeFlashPlayerUpdateSvc => Service removed successfully
gupdatem => Service removed successfully
"C:\ProgramData\Malwarebytes" folder move:
Could not move "C:\ProgramData\Malwarebytes" folder => Scheduled to move on reboot.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 1.1 GB temporary data Removed.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-29 17:25:35)<=
C:\ProgramData\Malwarebytes => Is moved successfully
==== End of Fixlog 17:25:36 ====
Log je zde:
Fix result of Farbar Recovery Scan Tool (x64) Version:28-06-2015
Ran by Lenička at 2015-06-29 17:22:04 Run:1
Running from C:\Users\Lenička\Desktop
Loaded Profiles: Lenička & (Available Profiles: Lenička)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310064 2014-06-14] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7B55709D ... sg=&sap=hp
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid=%7B55709D ... sg=&sap=hp
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-27 268976]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-26 116648]
2015-06-27 22:47 - 2015-06-27 22:47 - 00000000 ____D C:\ProgramData\Malwarebytes
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\KiesTrayAgent => value removed successfully
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value removed successfully
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3634713918-1635650581-2670142321-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}" => key removed successfully
HKCR\Wow6432Node\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => key not found.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
MBAMSwissArmy => Service stopped successfully.
MBAMSwissArmy => Service removed successfully
AdobeARMservice => Service removed successfully
gupdate => Service removed successfully
SkypeUpdate => Service removed successfully
AdobeFlashPlayerUpdateSvc => Service removed successfully
gupdatem => Service removed successfully
"C:\ProgramData\Malwarebytes" folder move:
Could not move "C:\ProgramData\Malwarebytes" folder => Scheduled to move on reboot.
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========
Operace byla dokonźena ŁspŘçnŘ.
========= End of Reg: =========
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 1.1 GB temporary data Removed.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-29 17:25:35)<=
C:\ProgramData\Malwarebytes => Is moved successfully
==== End of Fixlog 17:25:36 ====
S nehynoucí vděčností děkuji
Re: Preventivní kontrola
V poradkuZrzoun píše:Tak to se moc omlouvám, ani mi to nedošlo, než jste mě na to upozornil. Klidně smažte Zrzounka. Děkuju
Nesnazila jste se to zneuzit, bylo to omylem. Ale nekteri treba dostanou warn a aby meli cisty stit a zalozi si druhy ucet. Vetsinou na to drive ci pozdeji prijdeme a pak se to tresta trvalym vyloucenim z fora (ban treba na konkretni IP adresu). Zrzounek bude tedy odstranen 
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak je na tom pc.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivní kontrola
Tak konečně to běží jak má, akorát to její nadrbaný myšidlo asi omylem zašlápnu než to vrátím.
Děkuji vám všem moc. Jste nejlepší
Děkuji vám všem moc. Jste nejlepší
S nehynoucí vděčností děkuji
Re: Preventivní kontrola
S vadnou myskou vam asi nepomuzu 
Dekujeme za pochvalu Kdyby neco, staci se ozvat 
Nemate vubec zac!
Mejte se krasne a treba zase nekdy
Dekujeme za pochvalu
Kdyby neco, staci se ozvat Nemate vubec zac!
Mejte se krasne a treba zase nekdy
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?