Oursurfing - nejde běžně odinstalovat

[mlzd]

Zdravím! prosím o pomoc v odstranění nežádoucího programu Oursurfing. Z ovl.panelů nejde.
Přikládám ještě log, protože mám podezření na další havěť. Díky moc, Zdenek.

Logfile of random's system information tool 1.09 (written by random/random)
Run by wow at 2015-08-16 06:44:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 106 GB (53%) free of 200 GB
Total RAM: 3056 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:44:46, on 16.8.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal

Running processes:
C:\Windows\vsnpstd3.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Users\wow\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Altap Salamander\salamand.exe
C:\Program Files (x86)\Altap Salamander\utils\salmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\wow.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: O2 SMSender - {24BCDA96-8FCB-4D3B-0500-000000000003} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\wow\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\wow\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat jako MMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.186.dll/1003
O8 - Extra context menu item: Poslat jako SMS - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.186.dll/1001
O8 - Extra context menu item: Poslat MMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.186.dll/1002
O8 - Extra context menu item: Poslat SMS na - res://C:\Program Files (x86)\O2\SMSender\SMSender.E.186.dll/1000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8702 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
taskeng.exe {8CFC04DB-C1C5-485B-9ED3-E6993AA58BBE}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\vsnpstd3.exe"
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
szndesktop.exe default start
"C:\Users\wow\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "-202036727-471226011767241107-180107044018168905626272682066462349811614013100
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2288
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Altap Salamander\salamand.exe"
"C:\Program Files (x86)\Altap Salamander\utils\salmon.exe" "SalmonC1F" "czech.slg"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"D:\Programy\Safety\Viry_RSIT\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll


C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\searchplugins\
default-search.xml
oursurfing.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-02 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-02 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{24BCDA96-8FCB-4D3B-0500-000000000003} - O2 SMSender - C:\Windows\system32\mscoree.dll [2010-11-05 444752]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"snpstd3"=C:\Windows\vsnpstd3.exe [2006-09-18 843776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]
"cz.seznam.software.autoupdate"=C:\Users\wow\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\wow\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-02 6109776]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - "C:\Program Files (x86)\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-16 06:13:15 ----A---- C:\TDSSKiller.3.1.0.5_16.08.2015_06.13.15_log.txt
2015-08-16 06:12:47 ----A---- C:\AdwCleaner[R11].txt
2015-08-16 05:16:01 ----D---- C:\ProgramData\ESET
2015-08-16 05:14:06 ----A---- C:\Windows\SYSWOW64\drivers\efavdrv.sys
2015-08-16 04:47:00 ----A---- C:\autoexec.bat
2015-08-16 04:35:13 ----A---- C:\AdwCleaner[S1].txt
2015-08-16 04:34:48 ----A---- C:\AdwCleaner[R10].txt
2015-08-16 04:20:08 ----A---- C:\Windows\prleth.sys
2015-08-16 04:20:08 ----A---- C:\Windows\hgfs.sys
2015-08-16 04:20:00 ----D---- C:\Users\wow\AppData\Roaming\oursurfing
2015-08-16 00:54:32 ----A---- C:\TDSSKiller.3.1.0.5_16.08.2015_00.54.32_log.txt
2015-08-16 00:54:08 ----A---- C:\AdwCleaner[R9].txt
2015-08-16 00:15:08 ----A---- C:\Windows\msxml3r.dll
2015-08-16 00:15:08 ----A---- C:\Windows\msxml3a.dll
2015-08-16 00:15:07 ----A---- C:\Windows\msxml3.dll
2015-08-15 12:21:00 ----RD---- C:\Program Files (x86)\Skype
2015-08-12 06:37:09 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 06:37:09 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 05:43:49 ----A---- C:\Windows\system32\invagent.dll
2015-08-12 05:43:49 ----A---- C:\Windows\system32\generaltel.dll
2015-08-12 05:43:49 ----A---- C:\Windows\system32\devinv.dll
2015-08-12 05:43:49 ----A---- C:\Windows\system32\appraiser.dll
2015-08-12 05:43:49 ----A---- C:\Windows\system32\aeinv.dll
2015-08-12 05:43:49 ----A---- C:\Windows\system32\acmigration.dll
2015-08-12 05:43:48 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-12 05:43:48 ----A---- C:\Windows\system32\aepdu.dll
2015-08-12 05:43:41 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-12 05:43:41 ----A---- C:\Windows\system32\ntdll.dll
2015-08-12 05:43:40 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-08-12 05:43:40 ----A---- C:\Windows\system32\kernel32.dll
2015-08-12 05:43:39 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-08-12 05:43:39 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-08-12 05:43:39 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-08-12 05:43:39 ----A---- C:\Windows\system32\sysmain.dll
2015-08-12 05:43:39 ----A---- C:\Windows\system32\lsasrv.dll
2015-08-12 05:43:39 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-12 05:43:38 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-08-12 05:43:38 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-08-12 05:43:38 ----A---- C:\Windows\system32\wow64.dll
2015-08-12 05:43:38 ----A---- C:\Windows\system32\winsrv.dll
2015-08-12 05:43:38 ----A---- C:\Windows\system32\srcore.dll
2015-08-12 05:43:38 ----A---- C:\Windows\system32\schannel.dll
2015-08-12 05:43:38 ----A---- C:\Windows\system32\rstrui.exe
2015-08-12 05:43:38 ----A---- C:\Windows\system32\rpcrt4.dll
2015-08-12 05:43:38 ----A---- C:\Windows\system32\msv1_0.dll
2015-08-12 05:43:38 ----A---- C:\Windows\system32\KernelBase.dll
2015-08-12 05:43:38 ----A---- C:\Windows\system32\kerberos.dll
2015-08-12 05:43:38 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-12 05:43:38 ----A---- C:\Windows\system32\conhost.exe
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-08-12 05:43:37 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-08-12 05:43:37 ----A---- C:\Windows\system32\wow64win.dll
2015-08-12 05:43:37 ----A---- C:\Windows\system32\wdigest.dll
2015-08-12 05:43:37 ----A---- C:\Windows\system32\TSpkg.dll
2015-08-12 05:43:37 ----A---- C:\Windows\system32\sspisrv.dll
2015-08-12 05:43:37 ----A---- C:\Windows\system32\sspicli.dll
2015-08-12 05:43:37 ----A---- C:\Windows\system32\srclient.dll
2015-08-12 05:43:37 ----A---- C:\Windows\system32\smss.exe
2015-08-12 05:43:37 ----A---- C:\Windows\system32\secur32.dll
2015-08-12 05:43:37 ----A---- C:\Windows\system32\ntvdm64.dll
2015-08-12 05:43:37 ----A---- C:\Windows\system32\ncrypt.dll
2015-08-12 05:43:37 ----A---- C:\Windows\system32\msmmsp.dll
2015-08-12 05:43:37 ----A---- C:\Windows\system32\lsass.exe
2015-08-12 05:43:37 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-08-12 05:43:37 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-08-12 05:43:37 ----A---- C:\Windows\system32\cryptbase.dll
2015-08-12 05:43:37 ----A---- C:\Windows\system32\credssp.dll
2015-08-12 05:43:37 ----A---- C:\Windows\system32\auditpol.exe
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 05:43:36 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 05:43:36 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-08-12 05:43:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-08-12 05:43:36 ----A---- C:\Windows\system32\wow64cpu.dll
2015-08-12 05:43:36 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-08-12 05:43:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-08-12 05:43:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-08-12 05:43:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 05:43:35 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 05:43:35 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-08-12 05:43:35 ----A---- C:\Windows\system32\apisetschema.dll
2015-08-12 05:43:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 05:43:34 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 05:43:34 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-08-12 05:43:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 05:43:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 05:43:32 ----A---- C:\Windows\SYSWOW64\user.exe
2015-08-12 05:43:32 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-08-12 05:43:32 ----A---- C:\Windows\system32\adtschema.dll
2015-08-12 05:43:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-08-12 05:43:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-08-12 05:43:31 ----A---- C:\Windows\system32\msobjs.dll
2015-08-12 05:43:31 ----A---- C:\Windows\system32\msaudite.dll
2015-08-12 05:42:51 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-08-12 05:42:51 ----A---- C:\Windows\system32\mstscax.dll
2015-08-12 05:42:50 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-08-12 05:42:50 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2015-08-12 05:42:50 ----A---- C:\Windows\system32\tsgqec.dll
2015-08-12 05:42:50 ----A---- C:\Windows\system32\aaclient.dll
2015-08-12 05:42:34 ----A---- C:\Windows\system32\basesrv.dll
2015-08-12 05:41:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-08-12 05:41:24 ----A---- C:\Windows\system32\iertutil.dll
2015-08-12 05:41:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-08-12 05:41:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-08-12 05:41:23 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-08-12 05:41:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-08-12 05:41:23 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-08-12 05:41:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-08-12 05:41:22 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-08-12 05:41:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-08-12 05:41:22 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-08-12 05:41:22 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-08-12 05:41:22 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-08-12 05:41:22 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 05:41:22 ----A---- C:\Windows\system32\iernonce.dll
2015-08-12 05:41:22 ----A---- C:\Windows\system32\ie4uinit.exe
2015-08-12 05:41:21 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-08-12 05:41:20 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-08-12 05:41:20 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-08-12 05:41:20 ----A---- C:\Windows\system32\iedkcs32.dll
2015-08-12 05:41:19 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-08-12 05:41:19 ----A---- C:\Windows\system32\urlmon.dll
2015-08-12 05:41:19 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 05:41:18 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-08-12 05:41:18 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-08-12 05:41:18 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-08-12 05:41:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-08-12 05:41:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-08-12 05:41:17 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-08-12 05:41:17 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 05:41:17 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-12 05:41:17 ----A---- C:\Windows\system32\iesetup.dll
2015-08-12 05:41:17 ----A---- C:\Windows\system32\dxtrans.dll
2015-08-12 05:41:16 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-12 05:41:15 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-08-12 05:41:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-08-12 05:41:15 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-08-12 05:41:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-08-12 05:41:15 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-08-12 05:41:15 ----A---- C:\Windows\system32\vbscript.dll
2015-08-12 05:41:15 ----A---- C:\Windows\system32\jsproxy.dll
2015-08-12 05:41:15 ----A---- C:\Windows\system32\ieUnatt.exe
2015-08-12 05:41:14 ----A---- C:\Windows\system32\ieui.dll
2015-08-12 05:41:14 ----A---- C:\Windows\system32\ieframe.dll
2015-08-12 05:41:14 ----A---- C:\Windows\system32\dxtmsft.dll
2015-08-12 05:41:13 ----A---- C:\Windows\system32\wininet.dll
2015-08-12 05:41:13 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-08-12 05:41:13 ----A---- C:\Windows\system32\mshtmled.dll
2015-08-12 05:41:13 ----A---- C:\Windows\system32\jscript9diag.dll
2015-08-12 05:41:13 ----A---- C:\Windows\system32\jscript9.dll
2015-08-12 05:41:13 ----A---- C:\Windows\system32\jscript.dll
2015-08-12 05:41:12 ----A---- C:\Windows\system32\msrating.dll
2015-08-12 05:41:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-08-12 05:41:11 ----A---- C:\Windows\system32\mshtml.dll
2015-08-12 05:39:07 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-08-12 05:39:07 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-08-12 05:39:07 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-12 05:39:07 ----A---- C:\Windows\system32\davclnt.dll
2015-08-12 05:39:04 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-08-12 05:39:04 ----A---- C:\Windows\system32\msxml6.dll
2015-08-12 05:39:04 ----A---- C:\Windows\system32\msxml3.dll
2015-08-12 05:39:03 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-08-12 05:39:03 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-08-12 05:39:03 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-08-12 05:39:03 ----A---- C:\Windows\system32\msxml6r.dll
2015-08-12 05:39:03 ----A---- C:\Windows\system32\msxml3r.dll
2015-08-12 05:38:58 ----A---- C:\Windows\system32\FntCache.dll
2015-08-12 05:38:58 ----A---- C:\Windows\system32\DWrite.dll
2015-08-12 05:38:55 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-08-12 05:38:54 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-08-12 05:38:54 ----A---- C:\Windows\system32\win32k.sys
2015-08-12 05:38:54 ----A---- C:\Windows\system32\atmfd.dll
2015-08-12 05:38:52 ----A---- C:\Windows\system32\lpk.dll
2015-08-12 05:38:51 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-08-12 05:38:51 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-08-12 05:38:51 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2015-08-12 05:38:51 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-08-12 05:38:51 ----A---- C:\Windows\system32\fontsub.dll
2015-08-12 05:38:51 ----A---- C:\Windows\system32\dciman32.dll
2015-08-12 05:38:51 ----A---- C:\Windows\system32\d3d10warp.dll
2015-08-12 05:38:51 ----A---- C:\Windows\system32\atmlib.dll
2015-08-12 05:38:50 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-08-12 05:38:45 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-08-12 05:38:45 ----A---- C:\Windows\system32\notepad.exe
2015-08-12 05:38:45 ----A---- C:\Windows\notepad.exe
2015-08-12 05:38:41 ----A---- C:\Windows\system32\shell32.dll
2015-08-12 05:38:40 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-08-12 05:38:31 ----A---- C:\Windows\system32\wucltux.dll
2015-08-12 05:38:31 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-12 05:38:30 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-08-12 05:38:30 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-08-12 05:38:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-08-12 05:38:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-08-12 05:38:30 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-08-12 05:38:30 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-12 05:38:30 ----A---- C:\Windows\system32\wups2.dll
2015-08-12 05:38:30 ----A---- C:\Windows\system32\wups.dll
2015-08-12 05:38:30 ----A---- C:\Windows\system32\wudriver.dll
2015-08-12 05:38:30 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-12 05:38:30 ----A---- C:\Windows\system32\wuapp.exe
2015-08-12 05:38:30 ----A---- C:\Windows\system32\wuapi.dll
2015-08-12 05:38:30 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 05:38:30 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-08-12 05:23:39 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-07 04:30:58 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-02 10:15:26 ----A---- C:\Windows\system32\aswBoot.exe
2015-08-02 10:15:22 ----A---- C:\Windows\avastSS.scr
2015-07-26 01:10:38 ----A---- C:\AdwCleaner[R8].txt
2015-07-26 01:09:48 ----A---- C:\TDSSKiller.3.1.0.5_26.07.2015_01.09.48_log.txt
2015-07-26 01:09:00 ----A---- C:\TDSSKiller.3.0.0.44_26.07.2015_01.09.00_log.txt
2015-07-21 22:40:20 ----A---- C:\Windows\system32\drivers\TrueSight.sys
2015-07-21 22:40:18 ----D---- C:\ProgramData\RogueKiller
2015-07-21 22:40:09 ----D---- C:\Program Files\RogueKiller
2015-07-21 22:37:22 ----A---- C:\TDSSKiller.3.0.0.44_21.07.2015_22.37.22_log.txt
2015-07-21 22:37:01 ----A---- C:\AdwCleaner[R7].txt

======List of files/folders modified in the last 1 month======

2015-08-16 06:44:44 ----D---- C:\Program Files\trend micro
2015-08-16 06:44:42 ----D---- C:\Windows\Temp
2015-08-16 06:14:28 ----D---- C:\Windows\system32\drivers
2015-08-16 06:14:13 ----HD---- C:\ProgramData
2015-08-16 05:57:17 ----D---- C:\Users\wow\AppData\Roaming\Seznam.cz
2015-08-16 05:52:10 ----D---- C:\ProgramData\NVIDIA
2015-08-16 05:51:04 ----RD---- C:\Program Files (x86)
2015-08-16 05:46:56 ----RD---- C:\Program Files
2015-08-16 05:46:56 ----D---- C:\Windows\system32\Tasks
2015-08-16 05:14:06 ----D---- C:\Windows\SYSWOW64\drivers
2015-08-16 04:45:38 ----D---- C:\Windows\inf
2015-08-16 04:39:53 ----D---- C:\Windows\system32\config
2015-08-16 04:36:30 ----D---- C:\Windows
2015-08-16 04:25:06 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-08-16 04:24:32 ----D---- C:\Users\wow\AppData\Roaming\DAEMON Tools Lite
2015-08-16 04:24:32 ----D---- C:\Users\wow\AppData\Roaming\BitTorrent
2015-08-16 04:21:10 ----SHD---- C:\System Volume Information
2015-08-16 03:04:48 ----SHD---- C:\Config.Msi
2015-08-16 01:18:54 ----SHD---- C:\Windows\Installer
2015-08-16 00:51:39 ----D---- C:\Program Files (x86)\Seznam.cz
2015-08-15 12:22:19 ----D---- C:\Users\wow\AppData\Roaming\Skype
2015-08-15 12:21:10 ----D---- C:\ProgramData\Skype
2015-08-15 12:21:01 ----D---- C:\Program Files (x86)\Common Files
2015-08-15 12:21:00 ----D---- C:\Windows\SysWOW64
2015-08-13 07:14:43 ----D---- C:\Users\wow\AppData\Roaming\calibre
2015-08-12 19:42:10 ----D---- C:\Windows\debug
2015-08-12 13:15:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-08-12 12:32:02 ----D---- C:\Windows\Microsoft.NET
2015-08-12 12:31:27 ----RSD---- C:\Windows\assembly
2015-08-12 08:40:48 ----D---- C:\Windows\winsxs
2015-08-12 08:37:55 ----SD---- C:\Windows\system32\CompatTel
2015-08-12 08:37:55 ----D---- C:\Windows\system32\appraiser
2015-08-12 08:37:55 ----D---- C:\Windows\System32
2015-08-12 08:37:54 ----D---- C:\Windows\AppPatch
2015-08-12 08:37:51 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-08-12 08:37:49 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-12 08:37:49 ----D---- C:\Windows\system32\cs-CZ
2015-08-12 08:37:39 ----D---- C:\Program Files\Internet Explorer
2015-08-12 08:37:38 ----D---- C:\Windows\SYSWOW64\en-US
2015-08-12 08:37:38 ----D---- C:\Windows\system32\en-US
2015-08-12 08:37:37 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-12 06:38:10 ----D---- C:\ProgramData\Microsoft Help
2015-08-12 06:35:56 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-12 06:35:56 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 06:26:53 ----D---- C:\Windows\system32\MRT
2015-08-12 06:22:57 ----A---- C:\Windows\system32\MRT.exe
2015-08-12 05:35:45 ----D---- C:\Windows\system32\catroot2
2015-08-12 05:23:37 ----D---- C:\Windows\system32\catroot
2015-08-10 20:34:45 ----D---- C:\Program Files (x86)\Calibre2
2015-08-09 04:57:50 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-05 14:09:53 ----D---- C:\Windows\Panther
2015-08-05 14:04:49 ----HD---- C:\$Windows.~BT
2015-08-05 12:58:40 ----D---- C:\Windows\Logs
2015-07-28 06:50:44 ----D---- C:\Windows\SoftwareDistribution
2015-07-25 11:51:11 ----D---- C:\Program Files\CCleaner
2015-07-25 09:47:42 ----SD---- C:\Windows\system32\GWX
2015-07-21 17:18:11 ----SHD---- C:\$Recycle.Bin
2015-07-19 22:13:20 ----D---- C:\Windows\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-08-02 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-08-02 274808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-08-02 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-08-13 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-08-02 447944]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-10-25 283064]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-08-02 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-08-02 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-08-02 150672]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2014-08-11 197408]
R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2007-04-03 10535040]
R3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2011-12-16 14464]
S3 efavdrv;efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys []
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-09-04 38048]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]
S4 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-08-02 146600]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 935368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 411936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-22 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-22 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-07-16 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-07 148136]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2007-09-20 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-27 1255736]
S4 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[altrok]

Krasny den Vam preju


Pokud nepouzivate, odinstalujte Seznam Software.

TDSSKiller neco nasel?

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner novy (aktualne verze 5.000) https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

[mlzd]

Seznam Software odinstalován
TDSSKiller nenašel předtím nic
Přikládám log z AdwCleaner po předepsaném výkonu:

# AdwCleaner v5.000 - Logfile created 16/08/2015 at 12:33:28
# Updated 14/08/2015 by Xplode
# Database : 2015-08-15.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : wow - WOW-PC
# Running from : C:\Users\wow\Desktop\adwcleaner_5.000.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\SearchProtect
[-] Folder Deleted : C:\Users\wow\AppData\Roaming\FirefoxToolbar
[-] Folder Deleted : C:\Users\wow\AppData\Roaming\RHEng
[-] Folder Deleted : C:\Users\wow\AppData\Roaming\oursurfing

***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
[-] File Deleted : C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\invalidprefs.js

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : amiupdaterExi

***** [ Registry ] *****

[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [defsearchp@gmail.com]
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Key Deleted : HKCU\Software\AskPartnerNetwork
[-] Key Deleted : HKCU\Software\Media Get LLC
[-] Key Deleted : HKCU\Software\simplytech
[!] Key Not Deleted : HKCU\Software\Simplytech\HomeTab
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKCU\Software\ryofward
[-] Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
[-] Key Deleted : HKLM\SOFTWARE\SmdmF
[-] Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
[-] Key Deleted : HKLM\SOFTWARE\oursurfingSoftware
[-] Key Deleted : HKLM\SOFTWARE\FFPluginHp
[-] Key Deleted : HKLM\SOFTWARE\searchult
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing uninstall
[!] Key Not Deleted : [x64] HKCU\Software\AskPartnerNetwork
[!] Key Not Deleted : [x64] HKCU\Software\Media Get LLC
[!] Key Not Deleted : [x64] HKCU\Software\simplytech
[!] Key Not Deleted : [x64] HKCU\Software\Simplytech\HomeTab
[!] Key Not Deleted : [x64] HKCU\Software\TNT2
[!] Key Not Deleted : [x64] HKCU\Software\Linkey
[!] Key Not Deleted : [x64] HKCU\Software\ryofward
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command []
[-] Data Restored : HKLM\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command []

***** [ Web browsers ] *****

[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.search.order.1", "default-search.net");
[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.alias", "oursurfing");
[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.oursurfing.com/favicon.ico");
[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.name", "oursurfing");
[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.oursurfing.com/web/?type=ds&ts=1439 ... earchTerms}"[...]
[-] [C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "oursurfing");
[-] [C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : oursurfing
[-] [C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.oursurfing.com/webfavicon.ico

*************************

:: Proxy settings cleared
:: Winsock settings cleared

*************************

C:\AdwCleaner[C1].txt - [6727 octets] - [16/08/2015 12:33:28]
C:\AdwCleaner[S1].txt - [6944 octets] - [16/08/2015 12:32:16]

########## EOF - C:\AdwCleaner[C1].txt - [6853 octets] ##########

[altrok]

Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101

[mlzd]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
Ran by wow (administrator) on WOW-PC (16-08-2015 12:47:53)
Running from C:\Users\wow\Desktop
Loaded Profiles: wow (Available Profiles: wow)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\vsnpstd3.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [843776 2006-09-18] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-02] (AVAST Software)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-02] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3331582564-1448147210-1963712125-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=i ... ar=msnhome
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-02] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-02] (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Toolbar: HKLM-x32 - O2 SMSender - {24BCDA96-8FCB-4D3B-0500-000000000003} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0F511E83-2524-40B6-B4DE-834D33F64014}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\wow\AppData\Roaming\Mozilla\Firefox\Profiles\2o4y19b7.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-07-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-25]

Chrome:
=======
CHR Profile: C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-08]
CHR Extension: (Google Docs) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-22]
CHR Extension: (Google Drive) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-22]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-04-08]
CHR Extension: (YouTube) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-22]
CHR Extension: (Google Search) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-22]
CHR Extension: (Google Sheets) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-08]
CHR Extension: (Avast Online Security) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-11-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-22]
CHR Extension: (Gmail) - C:\Users\wow\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-22]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-02] (AVAST Software)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [853288 2007-09-20] (Nero AG)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-02] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-02] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-02] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-25] (Disc Soft Ltd)
S3 efavdrv; C:\Windows\SysWOW64\drivers\efavdrv.sys [115008 2015-08-16] (ESET)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10535040 2007-04-03] (Sonix Co. Ltd.)
R3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10246144 2007-04-03] (Sonix Co. Ltd.)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-16 12:47 - 2015-08-16 12:48 - 00010824 _____ C:\Users\wow\Desktop\FRST.txt
2015-08-16 12:47 - 2015-08-16 12:47 - 00000000 ____D C:\FRST
2015-08-16 12:46 - 2015-08-16 12:46 - 02173952 _____ (Farbar) C:\Users\wow\Desktop\FRST64.exe
2015-08-16 12:33 - 2015-08-16 12:33 - 00006974 _____ C:\AdwCleaner[C1].txt
2015-08-16 12:32 - 2015-08-16 12:33 - 00000000 ____D C:\AdwCleaner
2015-08-16 12:32 - 2015-08-16 12:32 - 00006944 _____ C:\AdwCleaner[S1].txt
2015-08-16 12:31 - 2015-08-16 12:31 - 01563648 _____ C:\Users\wow\Desktop\adwcleaner_5.000.exe
2015-08-16 12:17 - 2015-08-16 12:34 - 00000112 _____ C:\Windows\setupact.log
2015-08-16 12:17 - 2015-08-16 12:17 - 00000000 _____ C:\Windows\setuperr.log
2015-08-16 09:02 - 2015-08-16 12:25 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-08-16 09:02 - 2015-08-16 09:02 - 00000000 ____D C:\Program Files (x86)\Enigma Software Group
2015-08-16 05:16 - 2015-08-16 05:16 - 00000000 ____D C:\ProgramData\ESET
2015-08-16 05:14 - 2015-08-16 05:14 - 00115008 _____ (ESET) C:\Windows\SysWOW64\Drivers\efavdrv.sys
2015-08-16 04:47 - 2015-08-16 04:47 - 00000000 _____ C:\autoexec.bat
2015-08-16 04:22 - 2015-08-16 04:22 - 00003134 _____ C:\Windows\System32\Tasks\{AAA73FA3-7CC8-41F0-B88B-5E16730EF3CC}
2015-08-16 04:20 - 2015-08-16 04:20 - 00000000 _____ C:\Windows\prleth.sys
2015-08-16 04:20 - 2015-08-16 04:20 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-16 00:15 - 2003-09-20 11:09 - 01118720 _____ (Microsoft Corporation) C:\Windows\msxml3.dll
2015-08-16 00:15 - 2003-09-20 11:09 - 00044032 _____ (Microsoft Corporation) C:\Windows\msxml3r.dll
2015-08-16 00:15 - 2003-09-20 11:09 - 00024576 _____ (Microsoft Corporation) C:\Windows\msxml3a.dll
2015-08-15 23:48 - 2015-08-15 23:52 - 00000000 ____D C:\Users\wow\Downloads\eepepr7_[tfile.ru]
2015-08-15 12:21 - 2015-08-15 12:21 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-15 12:21 - 2015-08-15 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-12 06:37 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 06:37 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 05:43 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 05:43 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 05:43 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 05:43 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 05:43 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 05:43 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 05:43 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 05:43 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 05:43 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 05:43 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 05:43 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 05:43 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 05:43 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 05:43 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 05:43 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 05:43 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 05:43 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 05:43 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 05:43 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 05:43 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 05:43 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 05:43 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 05:43 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 05:43 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 05:43 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 05:43 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 05:43 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 05:43 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 05:43 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 05:43 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 05:43 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 05:43 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 05:43 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 05:43 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 05:43 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 05:43 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 05:43 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 05:43 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 05:43 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 05:43 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 05:43 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 05:43 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 05:43 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 05:43 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 05:43 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 05:43 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 05:43 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 05:43 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 05:43 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 05:43 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 05:43 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 05:43 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 05:43 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 05:43 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 05:42 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 05:42 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 05:42 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 05:42 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 05:42 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 05:42 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 05:42 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 05:41 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 05:41 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 05:41 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-12 05:41 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-12 05:41 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 05:41 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 05:41 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 05:41 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 05:41 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 05:41 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 05:41 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 05:41 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 05:41 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 05:41 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 05:41 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 05:41 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 05:41 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 05:41 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 05:41 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 05:41 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-12 05:41 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 05:41 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 05:41 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-12 05:41 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 05:41 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 05:41 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 05:41 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 05:41 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 05:41 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 05:41 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 05:41 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 05:41 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 05:41 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 05:41 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 05:41 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 05:41 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 05:41 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 05:41 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 05:41 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 05:41 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 05:41 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 05:41 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 05:41 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 05:41 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 05:41 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 05:41 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 05:41 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 05:41 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 05:41 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 05:41 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 05:41 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 05:41 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 05:41 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 05:41 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 05:41 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 05:41 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 05:41 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 05:41 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 05:41 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 05:41 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 05:39 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 05:39 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 05:39 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 05:39 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 05:39 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 05:39 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 05:39 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 05:39 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 05:39 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 05:39 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 05:39 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 05:39 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 05:38 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 05:38 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 05:38 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 05:38 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 05:38 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 05:38 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 05:38 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 05:38 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 05:38 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 05:38 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 05:38 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 05:38 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 05:38 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 05:38 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 05:38 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 05:38 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 05:38 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 05:38 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 05:38 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 05:38 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 05:38 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 05:38 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 05:38 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 05:38 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 05:38 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 05:38 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 05:38 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 05:38 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 05:38 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 05:38 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 05:38 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 05:38 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 05:38 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 05:38 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 05:38 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 05:38 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 05:38 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 05:23 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-10 20:34 - 2015-08-10 20:34 - 00000960 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk
2015-08-07 04:30 - 2015-08-15 12:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-04 12:42 - 2015-08-04 12:42 - 00000000 ____D C:\Users\wow\Tracing
2015-08-02 10:15 - 2015-08-02 10:15 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-02 10:15 - 2015-08-02 10:15 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-25 11:51 - 2015-07-25 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-21 22:40 - 2015-08-16 09:18 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-07-21 22:40 - 2015-07-21 22:41 - 00000000 ____D C:\ProgramData\RogueKiller
2015-07-21 22:40 - 2015-07-21 22:40 - 00000848 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2015-07-21 22:40 - 2015-07-21 22:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2015-07-21 22:40 - 2015-07-21 22:40 - 00000000 ____D C:\Program Files\RogueKiller
2015-07-19 22:13 - 2015-07-19 22:13 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-16 12:42 - 2009-07-14 06:45 - 00025872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-16 12:42 - 2009-07-14 06:45 - 00025872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-16 12:38 - 2015-07-14 18:55 - 01759031 _____ C:\Windows\WindowsUpdate.log
2015-08-16 12:34 - 2014-11-22 01:15 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-16 12:34 - 2014-10-25 22:27 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-16 12:34 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-16 12:24 - 2015-04-08 23:45 - 00000000 ____D C:\Users\wow\AppData\Roaming\Seznam.cz
2015-08-16 12:24 - 2015-04-08 23:45 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-08-16 09:15 - 2014-10-25 15:57 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-16 06:57 - 2014-10-28 02:45 - 00000000 ____D C:\Program Files\trend micro
2015-08-16 05:43 - 2014-11-22 01:16 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-16 05:43 - 2014-10-25 15:50 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-16 05:43 - 2014-10-25 15:35 - 00001397 _____ C:\Users\wow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-16 04:46 - 2014-10-25 15:33 - 00000000 ____D C:\Users\wow
2015-08-16 04:25 - 2014-10-27 00:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-16 04:25 - 2014-10-26 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TREND
2015-08-16 04:24 - 2014-11-02 19:55 - 00000000 ____D C:\Users\wow\AppData\Roaming\BitTorrent
2015-08-16 04:24 - 2014-10-25 16:01 - 00000000 ____D C:\Users\wow\AppData\Roaming\DAEMON Tools Lite
2015-08-16 00:51 - 2015-02-04 22:34 - 00000000 __SHD C:\Users\wow\AppData\Local\EmieBrowserModeList
2015-08-16 00:51 - 2014-11-12 17:06 - 00000000 __SHD C:\Users\wow\AppData\Local\EmieUserList
2015-08-16 00:51 - 2014-11-12 17:06 - 00000000 __SHD C:\Users\wow\AppData\Local\EmieSiteList
2015-08-15 12:22 - 2014-10-27 18:31 - 00000000 ____D C:\Users\wow\AppData\Roaming\Skype
2015-08-15 12:21 - 2014-10-27 18:37 - 00002731 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-15 12:21 - 2014-10-27 18:31 - 00000000 ____D C:\ProgramData\Skype
2015-08-14 01:43 - 2014-10-27 02:13 - 00000000 ____D C:\Users\wow\Documents\Zaloha_registru
2015-08-13 19:37 - 2014-10-25 15:37 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-13 07:14 - 2014-11-02 01:28 - 00000000 ____D C:\Users\wow\AppData\Roaming\calibre
2015-08-12 13:15 - 2014-10-25 15:57 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 13:15 - 2014-10-25 15:57 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-12 13:15 - 2014-10-25 15:57 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 08:41 - 2014-10-25 15:38 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-12 08:40 - 2009-07-14 06:45 - 00358432 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 08:37 - 2014-12-10 19:38 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 08:37 - 2014-10-25 22:31 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 06:38 - 2014-10-26 20:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-12 06:37 - 2014-11-09 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 06:35 - 2014-11-09 20:18 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 06:35 - 2014-11-09 20:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 06:26 - 2014-10-25 22:23 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 06:22 - 2014-10-25 22:23 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-10 20:34 - 2014-11-02 01:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-08-10 20:34 - 2014-11-02 01:28 - 00000000 ____D C:\Program Files (x86)\Calibre2
2015-08-09 04:57 - 2014-10-25 15:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-05 14:09 - 2014-10-25 16:24 - 00000000 ____D C:\Windows\Panther
2015-08-05 14:04 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-02 10:15 - 2014-10-25 15:37 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-02 10:15 - 2014-10-25 15:37 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-02 10:15 - 2014-10-25 15:37 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-02 10:15 - 2014-10-25 15:37 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-02 10:15 - 2014-10-25 15:37 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-02 10:15 - 2014-10-25 15:37 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-02 10:15 - 2014-10-25 15:37 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-25 11:51 - 2014-10-26 20:36 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-25 11:51 - 2014-10-26 20:36 - 00000000 ____D C:\Program Files\CCleaner
2015-07-25 09:47 - 2015-04-04 07:44 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-22 18:15 - 2014-11-21 21:20 - 00007168 _____ C:\Users\wow\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-17 14:32 - 2009-07-14 07:08 - 00032610 _____ C:\Windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2014-10-25 15:45 - 2014-10-25 15:45 - 0000600 _____ () C:\Users\wow\AppData\Roaming\winscp.rnd
2014-11-21 21:20 - 2015-07-22 18:15 - 0007168 _____ () C:\Users\wow\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-15 10:40 - 2015-07-15 10:40 - 0007609 _____ () C:\Users\wow\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\wow\AppData\Local\Temp\dllnt_dump.dll
C:\Users\wow\AppData\Local\Temp\sqlite3.dll
C:\Users\wow\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-23 16:55

==================== End of log ============================

[altrok]

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CloseProcesses:
  SearchScopes: HKLM -> DefaultScope value is missing
  SearchScopes: HKLM-x32 -> DefaultScope value is missing
  FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
  S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
  C:\Program Files (x86)\Enigma Software Group
  2015-08-16 09:02 - 2015-08-16 12:25 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
  2015-08-16 12:24 - 2015-04-08 23:45 - 00000000 ____D C:\Users\wow\AppData\Roaming\Seznam.cz
  2015-08-16 12:24 - 2015-04-08 23:45 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
  2015-08-16 06:57 - 2014-10-28 02:45 - 00000000 ____D C:\Program Files\trend micro
  EmptyTemp:
  End

[mlzd]

Fix result of Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
Ran by wow (2015-08-16 13:04:44) Run:1
Running from C:\Users\wow\Desktop
Loaded Profiles: wow (Available Profiles: wow)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files (x86)\Enigma Software Group
2015-08-16 09:02 - 2015-08-16 12:25 - 00000000 ____D C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2015-08-16 12:24 - 2015-04-08 23:45 - 00000000 ____D C:\Users\wow\AppData\Roaming\Seznam.cz
2015-08-16 12:24 - 2015-04-08 23:45 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-08-16 06:57 - 2014-10-28 02:45 - 00000000 ____D C:\Program Files\trend micro
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
esgiguard => service removed successfully
C:\Program Files (x86)\Enigma Software Group => moved successfully.
C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP => moved successfully.
C:\Users\wow\AppData\Roaming\Seznam.cz => moved successfully.
C:\Program Files (x86)\Seznam.cz => moved successfully.
C:\Program Files\trend micro => moved successfully.
EmptyTemp: => 377.4 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 13:04:56 ====

[altrok]

Vyborne, jak jsme na tom s uvodnim problemem? Jak se chova PC?

[mlzd]

Z ovládacích panelů je Oursurfing, který se tvářil jako odinstalační program pryč, zmizely další zbytečnosti, všechno běží jak má.
Mám už opět radost. Díky moc!!! Zdenek

[altrok]

Takze jeste uklidime.

• Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
• Oznacte jen moznost "Remove disinfection tools"
• kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

[mlzd]

Provedeno. Díky moc a přeji pohodovou neděli!

# DelFix v1.010 - Logfile created 16/08/2015 at 13:29:25
# Updated 26/04/2015 by Xplode
# Username : wow - WOW-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\AdwCleaner[C1].txt
Deleted : C:\AdwCleaner[S1].txt
Deleted : C:\Users\wow\Desktop\Addition.txt
Deleted : C:\Users\wow\Desktop\adwcleaner_5.000.exe
Deleted : C:\Users\wow\Desktop\Fixlog.txt
Deleted : C:\Users\wow\Desktop\FRST.txt
Deleted : C:\Users\wow\Desktop\FRST64.exe
Deleted : C:\Users\Public\Desktop\RogueKiller.lnk
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########

[altrok]

Nemate zac, rad jsem pomohl

Pohodovou nedeli i Vam.

Mejte se krasne a treba zase nekdy