Děkuji za kontrolu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ervd at 2015-08-17 19:58:34
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 50 GB (11%) free of 455 GB
Total RAM: 4030 MB (41% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:58:39, on 17.8.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
Boot mode: Normal
Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
C:\Program Files (x86)\Opera\31.0.1889.99\opera_crashreporter.exe
C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe
C:\Program Files\trend micro\Ervd.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {31264a33-a653-46c4-af49-1232c59a7da5} - (no file)
O2 - BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HP HD Webcam [Fixed]_Monitor] C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [BackgroundContainerV2] "C:\windows\SysWOW64\Rundll32.exe" "C:\Users\Ervd\AppData\Local\Tbccint\BackgroundContainer\BackgroundContainer.dll",DllRun
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~2\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~2\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.connectify.me
O15 - ESC Trusted Zone: http://*.fastspring.com
O15 - ESC Trusted Zone: http://*.connectify.me (HKLM)
O15 - ESC Trusted Zone: http://*.fastspring.com (HKLM)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - http://h20614.www2.hp.com/ediags/gmd/In ... ect119.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Manager - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: Brother Resource manager service (brmfrsmg) - Unknown owner - C:\windows\system32\BrmfRsmg.exe (file missing)
O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: Dragon Age: Prameny - aktualizace obsahu (DAUpdaterSvc) - BioWare - C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Toolbar Service (TBSrv) - ClientConnect Ltd. - C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13035 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
atieclxx
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {942B6423-A240-46EC-9168-A8B3510E5779}
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\SysWOW64\rundll32.exe" "C:\Users\Ervd\AppData\Local\Tbccint\BackgroundContainer\BackgroundContainer.dll",DllRun
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
C:\windows\system32\BrmfRsmg.exe -service
C:\windows\system32\BrmfRsmg.exe -process -overmain -load -open
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe"
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
WLIDSvcM.exe 3440
C:\windows\system32\wbem\unsecapp.exe -Embedding
"ConnectifyD.exe"
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
\??\C:\windows\system32\conhost.exe "-5453724-533375263-612385374-206886812710361332289478464901326182050-1630363517
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
-Minimized
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\CompatTelRunner.exe
\??\C:\windows\system32\conhost.exe "501385195-457240379-5666372837896644281890252825175747112210010169831843386901
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\TEMP\78BCBCDE-77BF-4674-AEB2-401FB478ED0D\dismhost.exe {F45ED9BA-216B-4B3B-849B-F827C75A4438}
C:\windows\servicing\TrustedInstaller.exe
C:\windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\31.0.1889.99\opera_crashreporter.exe" --ran-launcher --crash-reporter-parent-id=500
"C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe" --type=gpu-process --channel="500.0.1706652882\246763833" --crash-reporter-pid=1648 --enable-mse-h264-support --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,46 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.910.0.0 --crash-reporter-pid=1648 --enable-mse-h264-support --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=1648 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="500.2.321210786\1554778896" /prefetch:673131151
"C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=1648 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="500.3.1834379904\1622409005" /prefetch:673131151
"C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=1648 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="500.4.675815495\462989556" /prefetch:673131151
"C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=1648 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="500.6.1571924322\1903171391" /prefetch:673131151
"C:\Program Files (x86)\Opera\31.0.1889.99\opera.exe" --type=renderer --alt-high-dpi-setting=96 --system-dpi-setting=96 --disable-direct-npapi-requests --disable-win32k-renderer-lockdown --enable-deferred-image-decoding --lang=cs --disable-client-side-phishing-detection --ppapi-flash-path="C:\windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_232.dll" --ppapi-flash-version=18.0.0.232 --crash-reporter-pid=1648 --enable-mse-h264-support --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="500.9.1537018712\2062111654" /prefetch:673131151
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe" Restart Start Dashboard SingleAspectPage LeafName=Leaf_PowerXpress
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\windows\system32\RunDll32.exe" "C:\windows\system32\WerConCpl.dll", LaunchErcApp -queuereporting
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Ervd\Downloads\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\HPCeeScheduleForERVD-HP$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForERVD-HP$ (null)
C:\windows\tasks\HPCeeScheduleForErvd.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForErvd (null)
C:\windows\tasks\MATLAB R2014a Startup Accelerator.job - C:\Program Files\MATLAB\R2014a\bin\win64\MATLABStartupAccelerator.exe
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-18 551520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-28 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-18 212576]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A2D5EBA-F86D-4BD3-A177-019765996711}]
PDF Architect Helper - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08 92208]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-18 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-28 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-18 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IME14 JPN Uninstall"=C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [2012-03-14 110896]
"IME14 KOR Uninstall"=C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [2012-03-14 110896]
"IME14 CHS Uninstall"=C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [2012-03-14 110896]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-09-20 1664000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-30 2804976]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-09-01 167704]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-09-01 392472]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-09-01 416024]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BackgroundContainerV2"=C:\windows\SysWOW64\Rundll32.exe [2009-07-14 44544]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BTMTrayAgent]
C:\Program Files\Motorola\Bluetooth\btmshell.dll [2011-02-15 21709904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2014-11-21 7063832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Dispatch]
C:\Program Files (x86)\Connectify\DispatchUI.exe [2014-12-26 2381560]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify Hotspot]
C:\Program Files (x86)\Connectify\Connectify.exe [2014-12-26 4330232]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPPowerAssistant]
C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-07-15 14904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QLBController]
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-06-20 333728]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2015-06-17 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ervd^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
C:\Users\Ervd\AppData\Roaming\Dropbox\bin\Dropbox.exe [2014-07-30 36414496]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"HP HD Webcam [Fixed]_Monitor"=C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [2010-11-26 267128]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2012-09-05 184736]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-07-28 6109776]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-10-13 343168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2011-09-01 390144]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153
"NoDrives"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 month======
2015-08-16 00:39:12 ----D---- C:\ProgramData\ATI
2015-08-16 00:25:32 ----D---- C:\Program Files\ATI Technologies
2015-08-15 23:39:05 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-08-14 08:43:27 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 08:43:27 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 19:26:36 ----A---- C:\windows\system32\invagent.dll
2015-08-12 19:26:36 ----A---- C:\windows\system32\generaltel.dll
2015-08-12 19:26:36 ----A---- C:\windows\system32\devinv.dll
2015-08-12 19:26:36 ----A---- C:\windows\system32\appraiser.dll
2015-08-12 19:26:36 ----A---- C:\windows\system32\aeinv.dll
2015-08-12 19:26:36 ----A---- C:\windows\system32\acmigration.dll
2015-08-12 19:26:35 ----A---- C:\windows\system32\CompatTelRunner.exe
2015-08-12 19:26:35 ----A---- C:\windows\system32\aepdu.dll
2015-08-12 19:26:34 ----A---- C:\windows\system32\mstscax.dll
2015-08-12 19:26:33 ----A---- C:\windows\SYSWOW64\mstscax.dll
2015-08-12 19:26:32 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2015-08-12 19:26:32 ----A---- C:\windows\SYSWOW64\rdvidcrl.dll
2015-08-12 19:26:32 ----A---- C:\windows\system32\wksprt.exe
2015-08-12 19:26:32 ----A---- C:\windows\system32\tsgqec.dll
2015-08-12 19:26:32 ----A---- C:\windows\system32\rdvidcrl.dll
2015-08-12 19:26:20 ----A---- C:\windows\system32\basesrv.dll
2015-08-12 19:25:43 ----A---- C:\windows\system32\ntoskrnl.exe
2015-08-12 19:25:42 ----A---- C:\windows\system32\ntdll.dll
2015-08-12 19:25:42 ----A---- C:\windows\system32\kernel32.dll
2015-08-12 19:25:41 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-08-12 19:25:40 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-08-12 19:25:40 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-08-12 19:25:40 ----A---- C:\windows\system32\sysmain.dll
2015-08-12 19:25:40 ----A---- C:\windows\system32\drivers\mountmgr.sys
2015-08-12 19:25:39 ----A---- C:\windows\SYSWOW64\kernel32.dll
2015-08-12 19:25:39 ----A---- C:\windows\system32\lsasrv.dll
2015-08-12 19:25:35 ----A---- C:\windows\system32\KernelBase.dll
2015-08-12 19:25:34 ----A---- C:\windows\system32\wow64.dll
2015-08-12 19:25:34 ----A---- C:\windows\system32\rstrui.exe
2015-08-12 19:25:32 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-08-12 19:25:32 ----A---- C:\windows\system32\srcore.dll
2015-08-12 19:25:32 ----A---- C:\windows\system32\rpcrt4.dll
2015-08-12 19:25:30 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-08-12 19:25:30 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-08-12 19:25:30 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-08-12 19:25:30 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-08-12 19:25:30 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-08-12 19:25:30 ----A---- C:\windows\system32\winsrv.dll
2015-08-12 19:25:30 ----A---- C:\windows\system32\wdigest.dll
2015-08-12 19:25:30 ----A---- C:\windows\system32\TSpkg.dll
2015-08-12 19:25:30 ----A---- C:\windows\system32\sspicli.dll
2015-08-12 19:25:30 ----A---- C:\windows\system32\smss.exe
2015-08-12 19:25:30 ----A---- C:\windows\system32\schannel.dll
2015-08-12 19:25:30 ----A---- C:\windows\system32\ncrypt.dll
2015-08-12 19:25:30 ----A---- C:\windows\system32\msv1_0.dll
2015-08-12 19:25:30 ----A---- C:\windows\system32\lsass.exe
2015-08-12 19:25:30 ----A---- C:\windows\system32\kerberos.dll
2015-08-12 19:25:30 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-08-12 19:25:30 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-08-12 19:25:30 ----A---- C:\windows\system32\csrsrv.dll
2015-08-12 19:25:30 ----A---- C:\windows\system32\conhost.exe
2015-08-12 19:25:29 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-08-12 19:25:29 ----A---- C:\windows\SYSWOW64\setup16.exe
2015-08-12 19:25:29 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-08-12 19:25:29 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2015-08-12 19:25:29 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-08-12 19:25:29 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-08-12 19:25:29 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2015-08-12 19:25:29 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-08-12 19:25:29 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-08-12 19:25:29 ----A---- C:\windows\system32\wow64win.dll
2015-08-12 19:25:29 ----A---- C:\windows\system32\sspisrv.dll
2015-08-12 19:25:29 ----A---- C:\windows\system32\srclient.dll
2015-08-12 19:25:29 ----A---- C:\windows\system32\secur32.dll
2015-08-12 19:25:29 ----A---- C:\windows\system32\ntvdm64.dll
2015-08-12 19:25:29 ----A---- C:\windows\system32\msmmsp.dll
2015-08-12 19:25:29 ----A---- C:\windows\system32\cryptbase.dll
2015-08-12 19:25:29 ----A---- C:\windows\system32\credssp.dll
2015-08-12 19:25:29 ----A---- C:\windows\system32\auditpol.exe
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 19:25:28 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 19:25:28 ----A---- C:\windows\SYSWOW64\wow32.dll
2015-08-12 19:25:28 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-08-12 19:25:28 ----A---- C:\windows\SYSWOW64\instnm.exe
2015-08-12 19:25:28 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-08-12 19:25:28 ----A---- C:\windows\system32\wow64cpu.dll
2015-08-12 19:25:28 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2015-08-12 19:25:28 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2015-08-12 19:25:28 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2015-08-12 19:25:28 ----A---- C:\windows\system32\apisetschema.dll
2015-08-12 19:25:27 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 19:25:27 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 19:25:27 ----A---- C:\windows\SYSWOW64\user.exe
2015-08-12 19:25:27 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-08-12 19:25:27 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-08-12 19:25:27 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-08-12 19:25:27 ----A---- C:\windows\system32\msobjs.dll
2015-08-12 19:25:27 ----A---- C:\windows\system32\msaudite.dll
2015-08-12 19:25:27 ----A---- C:\windows\system32\adtschema.dll
2015-08-12 19:25:07 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-08-12 19:25:07 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-08-12 19:25:07 ----A---- C:\windows\system32\iertutil.dll
2015-08-12 19:25:06 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-08-12 19:25:06 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-08-12 19:25:06 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-08-12 19:25:06 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-08-12 19:25:06 ----A---- C:\windows\system32\iernonce.dll
2015-08-12 19:25:06 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-08-12 19:25:06 ----A---- C:\windows\system32\ieetwcollector.exe
2015-08-12 19:25:06 ----A---- C:\windows\system32\ie4uinit.exe
2015-08-12 19:25:05 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-08-12 19:25:05 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-08-12 19:25:05 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-08-12 19:25:05 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-08-12 19:25:05 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-08-12 19:25:05 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 19:25:04 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-08-12 19:25:04 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-08-12 19:25:04 ----A---- C:\windows\system32\urlmon.dll
2015-08-12 19:25:04 ----A---- C:\windows\system32\iedkcs32.dll
2015-08-12 19:25:03 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-08-12 19:25:03 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-08-12 19:25:03 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-08-12 19:25:03 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-08-12 19:25:03 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-08-12 19:25:03 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-08-12 19:25:03 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-08-12 19:25:03 ----A---- C:\windows\system32\msfeeds.dll
2015-08-12 19:25:03 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-08-12 19:25:03 ----A---- C:\windows\system32\dxtrans.dll
2015-08-12 19:25:02 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-08-12 19:25:02 ----A---- C:\windows\system32\iesetup.dll
2015-08-12 19:25:02 ----A---- C:\windows\system32\ieapfltr.dll
2015-08-12 19:25:01 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-08-12 19:25:01 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-08-12 19:25:01 ----A---- C:\windows\system32\vbscript.dll
2015-08-12 19:25:00 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-08-12 19:25:00 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-08-12 19:25:00 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-08-12 19:25:00 ----A---- C:\windows\system32\jsproxy.dll
2015-08-12 19:25:00 ----A---- C:\windows\system32\ieUnatt.exe
2015-08-12 19:25:00 ----A---- C:\windows\system32\ieui.dll
2015-08-12 19:25:00 ----A---- C:\windows\system32\dxtmsft.dll
2015-08-12 19:24:59 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-08-12 19:24:59 ----A---- C:\windows\system32\mshtmled.dll
2015-08-12 19:24:59 ----A---- C:\windows\system32\ieframe.dll
2015-08-12 19:24:58 ----A---- C:\windows\system32\wininet.dll
2015-08-12 19:24:58 ----A---- C:\windows\system32\jscript9diag.dll
2015-08-12 19:24:58 ----A---- C:\windows\system32\jscript9.dll
2015-08-12 19:24:58 ----A---- C:\windows\system32\jscript.dll
2015-08-12 19:24:57 ----A---- C:\windows\system32\msrating.dll
2015-08-12 19:24:57 ----A---- C:\windows\system32\MshtmlDac.dll
2015-08-12 19:24:56 ----A---- C:\windows\system32\mshtml.dll
2015-08-12 19:21:56 ----A---- C:\windows\SYSWOW64\WebClnt.dll
2015-08-12 19:21:56 ----A---- C:\windows\SYSWOW64\davclnt.dll
2015-08-12 19:21:56 ----A---- C:\windows\system32\WebClnt.dll
2015-08-12 19:21:56 ----A---- C:\windows\system32\davclnt.dll
2015-08-12 19:21:52 ----A---- C:\windows\system32\msxml6.dll
2015-08-12 19:21:52 ----A---- C:\windows\system32\msxml3.dll
2015-08-12 19:21:51 ----A---- C:\windows\SYSWOW64\msxml3.dll
2015-08-12 19:21:50 ----A---- C:\windows\SYSWOW64\msxml6r.dll
2015-08-12 19:21:50 ----A---- C:\windows\SYSWOW64\msxml6.dll
2015-08-12 19:21:50 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2015-08-12 19:21:50 ----A---- C:\windows\system32\msxml6r.dll
2015-08-12 19:21:50 ----A---- C:\windows\system32\msxml3r.dll
2015-08-12 19:21:48 ----A---- C:\windows\system32\FntCache.dll
2015-08-12 19:21:48 ----A---- C:\windows\system32\DWrite.dll
2015-08-12 19:21:46 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-08-12 19:21:46 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-08-12 19:21:46 ----A---- C:\windows\system32\win32k.sys
2015-08-12 19:21:46 ----A---- C:\windows\system32\atmfd.dll
2015-08-12 19:21:45 ----A---- C:\windows\system32\lpk.dll
2015-08-12 19:21:44 ----A---- C:\windows\SYSWOW64\lpk.dll
2015-08-12 19:21:44 ----A---- C:\windows\SYSWOW64\fontsub.dll
2015-08-12 19:21:44 ----A---- C:\windows\SYSWOW64\dciman32.dll
2015-08-12 19:21:44 ----A---- C:\windows\SYSWOW64\d3d10warp.dll
2015-08-12 19:21:44 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-08-12 19:21:44 ----A---- C:\windows\system32\fontsub.dll
2015-08-12 19:21:44 ----A---- C:\windows\system32\dciman32.dll
2015-08-12 19:21:44 ----A---- C:\windows\system32\d3d10warp.dll
2015-08-12 19:21:44 ----A---- C:\windows\system32\atmlib.dll
2015-08-12 19:21:36 ----A---- C:\windows\SYSWOW64\notepad.exe
2015-08-12 19:21:36 ----A---- C:\windows\system32\notepad.exe
2015-08-12 19:21:36 ----A---- C:\windows\notepad.exe
2015-08-12 19:21:32 ----A---- C:\windows\system32\shell32.dll
2015-08-12 19:21:31 ----A---- C:\windows\SYSWOW64\shell32.dll
2015-08-12 19:21:29 ----A---- C:\windows\system32\wuaueng.dll
2015-08-12 19:21:28 ----A---- C:\windows\SYSWOW64\wuwebv.dll
2015-08-12 19:21:28 ----A---- C:\windows\SYSWOW64\wups.dll
2015-08-12 19:21:28 ----A---- C:\windows\SYSWOW64\wudriver.dll
2015-08-12 19:21:28 ----A---- C:\windows\SYSWOW64\wuapp.exe
2015-08-12 19:21:28 ----A---- C:\windows\SYSWOW64\wuapi.dll
2015-08-12 19:21:28 ----A---- C:\windows\system32\wuwebv.dll
2015-08-12 19:21:28 ----A---- C:\windows\system32\wups2.dll
2015-08-12 19:21:28 ----A---- C:\windows\system32\wups.dll
2015-08-12 19:21:28 ----A---- C:\windows\system32\wudriver.dll
2015-08-12 19:21:28 ----A---- C:\windows\system32\wucltux.dll
2015-08-12 19:21:28 ----A---- C:\windows\system32\wuauclt.exe
2015-08-12 19:21:28 ----A---- C:\windows\system32\wuapp.exe
2015-08-12 19:21:28 ----A---- C:\windows\system32\wuapi.dll
2015-08-12 19:21:28 ----A---- C:\windows\system32\wu.upgrade.ps.dll
2015-08-12 19:21:28 ----A---- C:\windows\system32\WinSetupUI.dll
2015-08-09 17:45:42 ----D---- C:\Program Files (x86)\vizi
2015-07-28 22:14:37 ----A---- C:\windows\system32\aswBoot.exe
2015-07-28 22:14:25 ----A---- C:\windows\avastSS.scr
2015-07-24 22:46:58 ----D---- C:\ProgramData\Apple Computer
2015-07-24 22:46:58 ----D---- C:\Program Files (x86)\QuickTime
2015-07-23 18:27:26 ----A---- C:\windows\system32\mcupdate_GenuineIntel.dll
======List of files/folders modified in the last 1 month======
2015-08-17 19:58:38 ----D---- C:\Program Files\trend micro
2015-08-17 19:54:34 ----D---- C:\windows\temp
2015-08-17 19:53:59 ----SHD---- C:\System Volume Information
2015-08-17 19:50:10 ----D---- C:\windows\system32\config
2015-08-17 19:48:10 ----A---- C:\windows\SYSWOW64\log.txt
2015-08-16 00:43:39 ----D---- C:\Program Files (x86)\Opera
2015-08-16 00:41:17 ----D---- C:\Windows
2015-08-16 00:39:12 ----D---- C:\ProgramData
2015-08-16 00:37:46 ----D---- C:\windows\System32
2015-08-16 00:37:11 ----D---- C:\windows\system32\catroot
2015-08-16 00:28:47 ----SHD---- C:\windows\Installer
2015-08-16 00:27:27 ----D---- C:\windows\system32\drivers
2015-08-16 00:27:26 ----D---- C:\windows\SysWOW64
2015-08-16 00:26:40 ----D---- C:\windows\inf
2015-08-16 00:26:33 ----D---- C:\windows\system32\DriverStore
2015-08-16 00:25:32 ----D---- C:\Program Files
2015-08-16 00:20:56 ----D---- C:\windows\system32\catroot2
2015-08-15 23:35:42 ----D---- C:\windows\Tasks
2015-08-15 23:35:42 ----D---- C:\windows\system32\Tasks
2015-08-15 23:34:29 ----D---- C:\windows\Prefetch
2015-08-15 23:34:18 ----RD---- C:\Program Files (x86)
2015-08-15 23:34:12 ----A---- C:\windows\win.ini
2015-08-15 23:26:57 ----D---- C:\Program Files\SUPERAntiSpyware
2015-08-14 11:08:57 ----D---- C:\windows\Microsoft.NET
2015-08-14 11:08:14 ----RSD---- C:\windows\assembly
2015-08-14 08:47:53 ----D---- C:\windows\winsxs
2015-08-13 03:45:46 ----SD---- C:\windows\system32\CompatTel
2015-08-13 03:45:46 ----D---- C:\windows\system32\appraiser
2015-08-13 03:45:46 ----D---- C:\windows\AppPatch
2015-08-13 03:45:45 ----D---- C:\windows\SYSWOW64\en-US
2015-08-13 03:45:45 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-08-13 03:45:44 ----D---- C:\windows\system32\en-US
2015-08-13 03:45:44 ----D---- C:\windows\system32\drivers\en-US
2015-08-13 03:45:44 ----D---- C:\windows\system32\drivers\cs-CZ
2015-08-13 03:45:44 ----D---- C:\windows\system32\cs-CZ
2015-08-13 03:45:39 ----D---- C:\Program Files\Internet Explorer
2015-08-13 03:45:35 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-13 03:45:32 ----D---- C:\windows\SYSWOW64\sl-SI
2015-08-13 03:45:32 ----D---- C:\windows\SYSWOW64\sk-SK
2015-08-13 03:45:32 ----D---- C:\windows\SYSWOW64\hr-HR
2015-08-13 03:45:31 ----D---- C:\windows\system32\sl-SI
2015-08-13 03:45:31 ----D---- C:\windows\system32\sk-SK
2015-08-13 03:45:31 ----D---- C:\windows\system32\hr-HR
2015-08-13 03:11:05 ----D---- C:\windows\system32\MRT
2015-08-13 03:02:39 ----D---- C:\windows\debug
2015-08-13 03:02:31 ----A---- C:\windows\system32\MRT.exe
2015-08-12 12:56:51 ----D---- C:\windows\system32\FxsTmp
2015-08-04 22:35:27 ----D---- C:\Users\Ervd\AppData\Roaming\vlc
2015-08-04 22:33:57 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-08-02 18:34:23 ----SD---- C:\Users\Ervd\AppData\Roaming\Microsoft
2015-08-01 11:45:59 ----HD---- C:\$Windows.~BT
2015-08-01 11:09:16 ----D---- C:\boot
2015-08-01 11:05:36 ----D---- C:\windows\Panther
2015-08-01 09:51:56 ----D---- C:\windows\Logs
2015-07-28 22:34:04 ----D---- C:\Users\Ervd\AppData\Roaming\DAEMON Tools Lite
2015-07-28 22:26:28 ----SHD---- C:\$RECYCLE.BIN
2015-07-25 23:22:21 ----SD---- C:\windows\system32\GWX
2015-07-23 18:25:32 ----D---- C:\windows\SoftwareDistribution
2015-07-18 10:21:44 ----D---- C:\ProgramData\FLEXnet
2015-07-18 07:53:29 ----D---- C:\windows\PolicyDefinitions
2015-07-18 07:53:27 ----SD---- C:\windows\SYSWOW64\GWX
2015-07-18 07:53:07 ----D---- C:\windows\system32\wbem
2015-07-18 00:13:38 ----D---- C:\Program Files (x86)\Java
2015-07-18 00:13:09 ----D---- C:\Program Files\Java
2015-07-18 00:11:51 ----A---- C:\windows\system32\WindowsAccessBridge-64.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2015-07-28 65224]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2015-07-28 274808]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2014-05-04 386680]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2015-07-28 93528]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2015-08-14 1048344]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2015-07-28 447944]
R1 cnnctfy3;Connectify LightWeight Filter; C:\windows\system32\DRIVERS\cnnctfy3.sys [2015-01-19 42152]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-05-04 283064]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2015-07-28 28656]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2015-07-28 90968]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2015-07-28 150672]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-10-14 10496000]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-10-14 326656]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\drivers\HpqKbFiltr.sys [2010-12-03 25912]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-09-01 12306848]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2013-05-24 175928]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2013-05-24 708200]
R3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver; C:\windows\system32\DRIVERS\rtl8192Ce.sys [2011-07-19 1145448]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2011-01-12 2611704]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2013-05-24 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-10-30 549104]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 Bridge;@%SystemRoot%\system32\bridgeres.dll,-3; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BrUsbScn;Ovladač skeneru Brother MFC USB; C:\windows\System32\Drivers\BrUsbScn.sys [2009-06-10 14336]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2012-01-02 80384]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-06-30 52736]
S3 BTMNET;Motorola Bluetooth Network Adapter Service; C:\windows\system32\DRIVERS\btmnet.sys [2010-07-16 30208]
S3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2011-02-08 486144]
S3 ggflt;SEMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2013-01-16 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsemc.sys [2013-01-16 27760]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2011-09-01 12306848]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 nmwcdnsucx64;Nokia USB Flashing Generic; C:\windows\system32\drivers\nmwcdnsucx64.sys [2012-01-09 12800]
S3 nmwcdnsux64;Nokia USB Flashing Phone Parent; C:\windows\system32\drivers\nmwcdnsux64.sys [2012-01-09 171008]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 trufos;trufos; C:\windows\system32\drivers\trufos.sys [2014-08-30 350160]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usb_rndisx;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-08-29 172344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-10-14 204288]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-07-28 146600]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2011-02-15 680016]
R2 brmfrsmg;Brother Resource manager service; C:\windows\system32\BrmfRsmg.exe [2009-07-14 52736]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2014-12-26 487936]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-07-15 137272]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2015-05-19 99128]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2012-06-20 523680]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-09-24 31040]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-04-08 1320496]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-04-08 799280]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-03-16 113264]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-20 323072]
R2 TBSrv;Toolbar Service; C:\Program Files (x86)\Tbccint\ToolbarService\ToolbarService.exe [2014-04-10 350528]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2011-02-08 4151376]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-06-09 1028096]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2012-09-05 1420192]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2011-02-28 1189968]
S3 DAUpdaterSvc;Dragon Age: Prameny - aktualizace obsahu; C:\Program Files (x86)\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [2009-12-15 25832]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-06-09 647680]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-07-16 114688]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2014-11-20 1900400]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-10-30 566696]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-06-09 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka notebooku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka notebooku
Krasny den Vam preju 
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Cleaning
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Preventivka notebooku
Pěkný den i Vám.
# AdwCleaner v5.002 - Logfile created 19/08/2015 at 20:13:49
# Updated 18/08/2015 by Xplode
# Database : 2015-08-18.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Ervd - ERVD-HP
# Running from : C:\Users\Ervd\Desktop\adwcleaner_5.002.exe
# Option : Cleaning
***** [ Services ] *****
[-] Service Deleted : TBSrv
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\Tbccint
[-] Folder Deleted : C:\ProgramData\Tbccint
[-] Folder Deleted : C:\ProgramData\MiniApp
[-] Folder Deleted : C:\ProgramData\7750915de7fa4b3c
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Tbccint
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\slimware utilities inc
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oobdmiffgnobnpagcjjmpcajhdaoighg
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgpplajodjdlaboiaoapefengcfpiie
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcncjmplbpjabghifndhigahbaablbej
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mfaglgiaggmkcjiijjnmofamllhmdcdh
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oobdmiffgnobnpagcjjmpcajhdaoighg
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgpplajodjdlaboiaoapefengcfpiie
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcncjmplbpjabghifndhigahbaablbej
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mfaglgiaggmkcjiijjnmofamllhmdcdh
[-] Folder Deleted : C:\Users\Ervd\AppData\LocalLow\Tbccint
[-] Folder Deleted : C:\Users\Ervd\AppData\LocalLow\BS_Player_ControlBar_B
[-] Folder Deleted : C:\Users\Ervd\AppData\Roaming\pdfforge
***** [ Files ] *****
[-] File Deleted : C:\END
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : Express FilesUpdate
***** [ Registry ] *****
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV2]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\BS_Player_ControlBar_B
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Tbccint
[-] Key Deleted : HKCU\Software\Tbccint_HKLM
[-] Key Deleted : HKCU\Software\BS_Player_ControlBar_B
[-] Key Deleted : HKCU\Software\DriverTuner_Init
[-] Key Deleted : HKCU\Software\DriverTuner
[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
[-] Key Deleted : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\Tbccint
[!] Key Not Deleted : [x64] HKCU\Software\Tbccint_HKLM
[!] Key Not Deleted : [x64] HKCU\Software\BS_Player_ControlBar_B
[!] Key Not Deleted : [x64] HKCU\Software\DriverTuner_Init
[!] Key Not Deleted : [x64] HKCU\Software\DriverTuner
[!] Key Not Deleted : [x64] HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : [x64] HKLM\SOFTWARE\SlimWare Utilities Inc
***** [ Web browsers ] *****
*************************
:: Proxy settings cleared
:: Winsock settings cleared
:: IE policies deleted
:: Chrome policies deleted
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [5023 bytes] ##########
# AdwCleaner v5.002 - Logfile created 19/08/2015 at 20:13:49
# Updated 18/08/2015 by Xplode
# Database : 2015-08-18.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Ervd - ERVD-HP
# Running from : C:\Users\Ervd\Desktop\adwcleaner_5.002.exe
# Option : Cleaning
***** [ Services ] *****
[-] Service Deleted : TBSrv
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\Tbccint
[-] Folder Deleted : C:\ProgramData\Tbccint
[-] Folder Deleted : C:\ProgramData\MiniApp
[-] Folder Deleted : C:\ProgramData\7750915de7fa4b3c
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Tbccint
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\slimware utilities inc
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oobdmiffgnobnpagcjjmpcajhdaoighg
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ajgpplajodjdlaboiaoapefengcfpiie
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fcncjmplbpjabghifndhigahbaablbej
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mfaglgiaggmkcjiijjnmofamllhmdcdh
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\lmnbobhffedhdhfpcjkjphcfpeeiocdn
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oobdmiffgnobnpagcjjmpcajhdaoighg
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ajgpplajodjdlaboiaoapefengcfpiie
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fcncjmplbpjabghifndhigahbaablbej
[-] Folder Deleted : C:\Users\Ervd\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mfaglgiaggmkcjiijjnmofamllhmdcdh
[-] Folder Deleted : C:\Users\Ervd\AppData\LocalLow\Tbccint
[-] Folder Deleted : C:\Users\Ervd\AppData\LocalLow\BS_Player_ControlBar_B
[-] Folder Deleted : C:\Users\Ervd\AppData\Roaming\pdfforge
***** [ Files ] *****
[-] File Deleted : C:\END
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : Express FilesUpdate
***** [ Registry ] *****
[-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainerV2]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
[-] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3329621
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3A1209A4-8568-40F0-9B5E-4A06A2A06417}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{31264A33-A653-46C4-AF49-1232C59A7DA5}]
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\BS_Player_ControlBar_B
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Tbccint
[-] Key Deleted : HKCU\Software\Tbccint_HKLM
[-] Key Deleted : HKCU\Software\BS_Player_ControlBar_B
[-] Key Deleted : HKCU\Software\DriverTuner_Init
[-] Key Deleted : HKCU\Software\DriverTuner
[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Tbccint
[-] Key Deleted : HKCU\Software\AppDataLow\Software\TbccintSearchScopes
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_ControlBar_B
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\Tbccint
[!] Key Not Deleted : [x64] HKCU\Software\Tbccint_HKLM
[!] Key Not Deleted : [x64] HKCU\Software\BS_Player_ControlBar_B
[!] Key Not Deleted : [x64] HKCU\Software\DriverTuner_Init
[!] Key Not Deleted : [x64] HKCU\Software\DriverTuner
[!] Key Not Deleted : [x64] HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : [x64] HKLM\SOFTWARE\SlimWare Utilities Inc
***** [ Web browsers ] *****
*************************
:: Proxy settings cleared
:: Winsock settings cleared
:: IE policies deleted
:: Chrome policies deleted
########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [5023 bytes] ##########
Re: Preventivka notebooku
Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Preventivka notebooku
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:19-08-2015
Ran by Ervd (administrator) on ERVD-HP (19-08-2015 21:23:05)
Running from C:\Users\Ervd\Desktop
Loaded Profiles: Ervd (Available Profiles: Ervd)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Brother Industries, Ltd.) C:\Windows\System32\BrmfRsmg.exe
(Brother Industries, Ltd.) C:\Windows\System32\BrmfRsmg.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera_crashreporter.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IME14 JPN Uninstall] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [IME14 KOR Uninstall] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [IME14 CHS Uninstall] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-20] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HP HD Webcam [Fixed]_Monitor] => C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [267128 2010-11-26] ()
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184736 2012-09-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-28] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-28] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3347873718-463703722-4102279566-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_res ... =20.3.1.22
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_res ... =20.3.1.22
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_res ... =20.3.1.22
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3347873718-463703722-4102279566-1001 -> {4702E441-33EB-4081-AAB4-A4306691127A} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN31232173072314200&UM=4
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-18] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-28] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-18] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-28] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-18] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.100.250
Tcpip\..\Interfaces\{274F84D7-F378-417A-ACAA-E28BE2E7AFF2}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{90A00704-316C-4E63-A4D7-D080D72B54B8}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B1CDFA70-9693-4D83-93F3-51DF11D97236}: [DhcpNameServer] 192.168.100.250
Tcpip\..\Interfaces\{F8B36AC6-63DF-485B-89A1-FD6E889A7A94}: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3347873718-463703722-4102279566-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-3347873718-463703722-4102279566-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-10] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-06-21]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-12]
Chrome:
=======
CHR Profile: C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-27]
CHR Extension: (Google Docs) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-27]
CHR Extension: (Google Drive) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-27]
CHR Extension: (YouTube) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-27]
CHR Extension: (Google Search) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-27]
CHR Extension: (Google Sheets) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-27]
CHR Extension: (Bookmark Manager) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-27]
CHR Extension: (Avast Online Security) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-27]
CHR Extension: (Google Wallet) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-27]
CHR Extension: (Gmail) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-04]
Opera:
=======
OPR Extension: (Opera Software) - C:\Users\Ervd\AppData\Roaming\Opera Software\Opera Stable\Extensions\encfpfilknmenlmjemepncnlbbjlabkc [2014-02-11]
OPR Extension: (Gantt) - C:\Users\Ervd\AppData\Roaming\Opera Software\Opera Stable\Extensions\maeombkgfpjdnjkhohbjachnnmpbipol [2013-11-19]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-29] (SUPERAntiSpyware.com)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-28] (AVAST Software)
R2 brmfrsmg; C:\Windows\system32\BrmfRsmg.exe [52736 2009-07-14] (Brother Industries, Ltd.)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2014-12-26] (Connectify) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2012-06-09] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2012-06-09] (Macrovision Europe Ltd.) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-20] (Electronic Arts)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2012-09-20] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-07-25] (Advanced Micro Devices)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-28] (AVAST Software)
R5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-28] (AVAST Software)
R5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-28] (AVAST Software)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
S3 BrUsbScn; C:\Windows\System32\Drivers\BrUsbScn.sys [14336 2009-06-10] (Brother Industries Ltd.)
S3 BTMNET; C:\Windows\System32\DRIVERS\btmnet.sys [30208 2010-07-16] (Motorola, Inc.)
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [42152 2015-01-19] (Connectify)
R5 Compbatt; C:\Windows\System32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-04] (Disc Soft Ltd)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
R5 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company)
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [439320 2011-01-13] (Intel Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R5 speedfan; C:\Windows\SysWow64\speedfan.sys [28664 2012-12-29] (Almico Software)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R5 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-04] (Duplex Secure Ltd.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2611704 2011-01-12] (Sunplus Technology)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2014-08-30] (BitDefender S.R.L.)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [296320 2011-02-25] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
U3 aw7mx0h8; C:\Windows\System32\Drivers\aw7mx0h8.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-19 21:23 - 2015-08-19 21:23 - 00025881 _____ C:\Users\Ervd\Desktop\FRST.txt
2015-08-19 21:22 - 2015-08-19 21:23 - 00000000 ____D C:\FRST
2015-08-19 21:15 - 2015-08-19 21:15 - 02173440 _____ (Farbar) C:\Users\Ervd\Desktop\FRST64.exe
2015-08-19 20:12 - 2015-08-19 20:13 - 00000000 ____D C:\AdwCleaner
2015-08-19 20:10 - 2015-08-19 20:10 - 01585664 _____ C:\Users\Ervd\Desktop\adwcleaner_5.002.exe
2015-08-17 20:24 - 2015-08-17 20:24 - 00000000 ____D C:\ProgramData\ATI
2015-08-17 20:17 - 2015-08-17 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-08-17 20:17 - 2015-08-17 20:17 - 00000000 ____D C:\Program Files (x86)\AMD APP
2015-08-17 20:16 - 2011-09-12 17:05 - 00003917 _____ C:\windows\SysWOW64\atipblup.dat
2015-08-17 20:16 - 2011-09-12 17:05 - 00003917 _____ C:\windows\system32\atipblup.dat
2015-08-17 20:13 - 2015-08-17 20:16 - 00000000 ____D C:\Program Files\ATI Technologies
2015-08-17 19:58 - 2015-08-17 19:58 - 01222144 _____ C:\Users\Ervd\Downloads\RSITx64.exe
2015-08-16 12:29 - 2015-08-16 12:29 - 00016384 _____ C:\Users\Ervd\Downloads\Nákupní seznam pro mimčo (1).xls
2015-08-16 00:06 - 2015-08-16 00:06 - 00000930 _____ C:\windows\PFRO.log
2015-08-15 23:39 - 2015-08-15 23:39 - 00778440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-08-15 23:39 - 2015-08-15 23:39 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-15 23:34 - 2015-08-15 23:34 - 00001247 _____ C:\windows\ESCAN.LOG
2015-08-15 23:31 - 2015-08-15 23:42 - 00000184 _____ C:\windows\general.log
2015-08-15 23:29 - 2015-08-15 23:43 - 00000908 _____ C:\windows\UPDLL.LOG
2015-08-15 23:26 - 2015-08-15 23:26 - 00001022 _____ C:\Users\Ervd\Desktop\MWAVSCAN.lnk
2015-08-14 08:43 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 08:43 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 20:25 - 2015-08-15 12:16 - 00000000 ____D C:\Users\Ervd\Downloads\prilohy_22736
2015-08-12 19:26 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-12 19:26 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-12 19:26 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-12 19:26 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-12 19:26 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-12 19:26 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-08-12 19:26 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-12 19:26 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-12 19:26 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-08-12 19:26 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-08-12 19:26 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-08-12 19:26 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-12 19:26 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-08-12 19:26 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-08-12 19:26 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-12 19:26 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-08-12 19:25 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-08-12 19:25 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-08-12 19:25 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-08-12 19:25 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-08-12 19:25 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-08-12 19:25 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-12 19:25 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-08-12 19:25 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-12 19:25 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-08-12 19:25 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-08-12 19:25 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-08-12 19:25 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-08-12 19:25 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-08-12 19:25 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-08-12 19:25 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-08-12 19:25 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-08-12 19:25 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-08-12 19:25 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 19:25 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-08-12 19:25 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-08-12 19:25 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-08-12 19:25 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-08-12 19:25 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-08-12 19:25 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-08-12 19:25 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-08-12 19:25 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-08-12 19:25 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-08-12 19:25 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-08-12 19:25 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-08-12 19:25 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-08-12 19:25 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-08-12 19:25 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-12 19:25 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-08-12 19:25 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-08-12 19:25 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-08-12 19:25 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 19:25 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-08-12 19:25 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-08-12 19:25 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-08-12 19:25 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-08-12 19:25 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-08-12 19:25 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-08-12 19:25 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-08-12 19:25 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-08-12 19:25 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-12 19:25 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-08-12 19:25 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-08-12 19:25 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-08-12 19:25 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-08-12 19:25 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-12 19:25 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-08-12 19:25 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-08-12 19:25 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-12 19:25 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-12 19:25 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-08-12 19:25 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-08-12 19:25 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-08-12 19:25 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-08-12 19:25 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-08-12 19:25 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-08-12 19:25 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-08-12 19:25 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-08-12 19:25 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-08-12 19:25 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-08-12 19:25 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-08-12 19:25 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-08-12 19:25 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-08-12 19:25 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-08-12 19:25 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-08-12 19:25 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-08-12 19:25 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-08-12 19:25 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-08-12 19:25 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-08-12 19:25 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-08-12 19:25 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-08-12 19:25 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-08-12 19:25 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-08-12 19:25 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-08-12 19:25 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-08-12 19:25 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-08-12 19:25 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-08-12 19:25 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-08-12 19:25 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-08-12 19:25 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-08-12 19:25 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-08-12 19:25 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-08-12 19:25 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-08-12 19:25 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-08-12 19:25 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-08-12 19:25 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-08-12 19:25 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-08-12 19:25 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-08-12 19:25 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 19:24 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-12 19:24 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-08-12 19:24 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-08-12 19:24 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-12 19:24 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-12 19:24 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-08-12 19:24 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-08-12 19:24 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-08-12 19:24 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-12 19:24 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-08-12 19:24 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-08-12 19:21 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-08-12 19:21 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-08-12 19:21 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-08-12 19:21 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-08-12 19:21 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-08-12 19:21 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-08-12 19:21 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-12 19:21 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-12 19:21 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-08-12 19:21 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-08-12 19:21 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-08-12 19:21 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-08-12 19:21 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-08-12 19:21 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-08-12 19:21 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-08-12 19:21 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-08-12 19:21 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-12 19:21 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-12 19:21 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-08-12 19:21 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-08-12 19:21 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-08-12 19:21 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-08-12 19:21 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-08-12 19:21 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-08-12 19:21 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-08-12 19:21 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-08-12 19:21 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-12 19:21 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-12 19:21 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-08-12 19:21 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-12 19:21 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-12 19:21 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-08-12 19:21 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-08-09 19:02 - 2015-08-12 12:56 - 00000000 ____D C:\Users\Ervd\Desktop\nehoda
2015-08-09 18:05 - 2015-08-09 18:14 - 217914627 _____ C:\Users\Ervd\Downloads\vcrash22lite.exe
2015-08-09 17:46 - 2015-08-09 17:46 - 00000000 ____D C:\Users\Ervd\Documents\Downloaded Installations
2015-08-09 17:45 - 2015-08-09 18:44 - 00000000 ____D C:\Program Files (x86)\vizi
2015-08-01 13:09 - 2015-08-01 13:09 - 00075184 _____ C:\Users\Ervd\Desktop\monte carlo pí.ods
2015-08-01 11:30 - 2015-08-01 11:30 - 00018830 _____ C:\Users\Ervd\Desktop\Nákupní seznam pro mimčo.ods
2015-08-01 10:57 - 2015-08-01 10:57 - 00015872 _____ C:\Users\Ervd\Downloads\Nákupní seznam pro mimčo.xls
2015-07-28 23:30 - 2015-08-19 20:15 - 00002414 _____ C:\windows\setupact.log
2015-07-28 23:30 - 2015-07-28 23:30 - 00000000 _____ C:\windows\setuperr.log
2015-07-28 22:14 - 2015-07-28 22:14 - 00378880 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-07-28 22:14 - 2015-07-28 22:14 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr
2015-07-24 22:47 - 2015-07-24 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-24 22:46 - 2015-07-24 22:47 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-24 22:46 - 2015-07-24 22:46 - 00000000 ____D C:\ProgramData\Apple Computer
2015-07-23 18:27 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-19 21:09 - 2014-09-07 02:11 - 01905918 _____ C:\windows\WindowsUpdate.log
2015-08-19 20:27 - 2009-07-14 06:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-19 20:27 - 2009-07-14 06:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-19 20:22 - 2014-11-06 13:31 - 00000544 _____ C:\windows\Tasks\MATLAB R2014a Startup Accelerator.job
2015-08-19 20:15 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-19 19:36 - 2014-06-03 14:26 - 00003828 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1383528208
2015-08-19 19:36 - 2012-06-09 19:41 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-19 19:27 - 2013-09-13 21:14 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-08-17 21:12 - 2014-06-14 15:12 - 00000340 _____ C:\windows\Tasks\HPCeeScheduleForERVD-HP$.job
2015-08-17 21:12 - 2012-07-11 13:01 - 00003216 _____ C:\windows\System32\Tasks\HPCeeScheduleForERVD-HP$
2015-08-17 20:15 - 2012-06-10 02:01 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-08-17 19:58 - 2012-08-01 17:34 - 00000000 ____D C:\Program Files\trend micro
2015-08-16 10:26 - 2012-06-15 16:30 - 00000000 ____D C:\Users\Ervd\AppData\Local\CrashDumps
2015-08-15 23:42 - 2014-08-30 01:49 - 00000056 _____ C:\windows\Lic.xxx
2015-08-15 23:42 - 2014-04-17 21:16 - 00000000 ____D C:\Users\Ervd\Downloads\TempBK
2015-08-15 23:39 - 2014-08-27 14:47 - 00000000 ____D C:\Users\Ervd\AppData\Local\Adobe
2015-08-15 23:34 - 2009-07-14 04:34 - 00000764 _____ C:\windows\win.ini
2015-08-15 23:26 - 2013-05-24 16:38 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-08-15 12:27 - 2014-06-11 14:02 - 00000328 _____ C:\windows\Tasks\HPCeeScheduleForErvd.job
2015-08-15 11:22 - 2013-04-26 22:57 - 00003180 _____ C:\windows\System32\Tasks\HPCeeScheduleForErvd
2015-08-15 11:21 - 2012-06-18 11:46 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2015-08-14 08:54 - 2013-05-12 13:40 - 01048344 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2015-08-13 03:50 - 2009-07-14 06:45 - 00466640 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-13 03:45 - 2014-12-13 00:06 - 00000000 ____D C:\windows\system32\appraiser
2015-08-13 03:45 - 2014-05-03 17:01 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-13 03:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\sl-SI
2015-08-13 03:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\sk-SK
2015-08-13 03:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\hr-HR
2015-08-13 03:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\sl-SI
2015-08-13 03:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\sk-SK
2015-08-13 03:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\hr-HR
2015-08-13 03:11 - 2013-08-15 03:04 - 00000000 ____D C:\windows\system32\MRT
2015-08-13 03:02 - 2012-06-09 18:29 - 132483416 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-08-12 12:56 - 2009-07-14 07:32 - 00000000 ____D C:\windows\system32\FxsTmp
2015-08-04 22:35 - 2013-10-21 23:48 - 00000000 ____D C:\Users\Ervd\AppData\Roaming\vlc
2015-08-04 22:33 - 2012-01-02 19:36 - 00672408 _____ C:\windows\system32\perfh005.dat
2015-08-04 22:33 - 2012-01-02 19:36 - 00142972 _____ C:\windows\system32\perfc005.dat
2015-08-04 22:33 - 2009-07-14 07:13 - 01593238 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-01 11:45 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-01 11:31 - 2014-11-06 13:35 - 00000000 ____D C:\Users\Ervd\Documents\MATLAB
2015-08-01 11:05 - 2011-02-11 07:14 - 00000000 ____D C:\windows\Panther
2015-07-28 22:34 - 2012-11-21 09:28 - 00000000 ____D C:\Users\Ervd\AppData\Roaming\DAEMON Tools Lite
2015-07-28 22:14 - 2014-05-01 14:39 - 00028656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2015-07-28 22:14 - 2013-12-21 17:35 - 00150672 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2015-07-28 22:14 - 2013-05-12 13:40 - 00447944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2015-07-28 22:14 - 2013-05-12 13:40 - 00274808 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2015-07-28 22:14 - 2013-05-12 13:40 - 00093528 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-07-28 22:14 - 2013-05-12 13:40 - 00090968 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2015-07-28 22:14 - 2013-05-12 13:40 - 00065224 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2015-07-28 17:20 - 2009-07-14 07:08 - 00032614 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-07-25 23:22 - 2015-04-04 06:30 - 00000000 ___SD C:\windows\system32\GWX
2015-07-24 22:34 - 2012-11-18 20:08 - 00017497 _____ C:\windows\SysWOW64\InstallUtil.InstallLog
==================== Files in the root of some directories =======
2013-09-25 22:17 - 2013-09-25 22:17 - 0000000 _____ () C:\Users\Ervd\AppData\Roaming\pdfconverter
2013-06-09 17:00 - 2013-06-09 17:00 - 0004096 ____H () C:\Users\Ervd\AppData\Local\keyfile3.drm
2012-08-30 20:14 - 2012-08-31 03:03 - 0001554 _____ () C:\Users\Ervd\AppData\Local\mbt-actwiz.log
2013-03-07 00:53 - 2015-04-09 04:09 - 0007602 _____ () C:\Users\Ervd\AppData\Local\Resmon.ResmonCfg
2012-06-09 18:08 - 2012-06-09 18:08 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some files in TEMP:
====================
C:\Users\Ervd\AppData\Local\Temp\avcuf32.dll
C:\Users\Ervd\AppData\Local\Temp\avcuf64.dll
C:\Users\Ervd\AppData\Local\Temp\avxdisk.dll
C:\Users\Ervd\AppData\Local\Temp\bdc.exe
C:\Users\Ervd\AppData\Local\Temp\bdcore.dll
C:\Users\Ervd\AppData\Local\Temp\bdfltlib2k.dll
C:\Users\Ervd\AppData\Local\Temp\bdnimbus32.dll
C:\Users\Ervd\AppData\Local\Temp\bdnimbus64.dll
C:\Users\Ervd\AppData\Local\Temp\bdupdateservice.dll
C:\Users\Ervd\AppData\Local\Temp\DEVCON.EXE
C:\Users\Ervd\AppData\Local\Temp\encdec.dll
C:\Users\Ervd\AppData\Local\Temp\esupdate.exe
C:\Users\Ervd\AppData\Local\Temp\failover.exe
C:\Users\Ervd\AppData\Local\Temp\FSSync.dll
C:\Users\Ervd\AppData\Local\Temp\Getvlist.exe
C:\Users\Ervd\AppData\Local\Temp\ikave.dll
C:\Users\Ervd\AppData\Local\Temp\ipc.dll
C:\Users\Ervd\AppData\Local\Temp\kave.dll
C:\Users\Ervd\AppData\Local\Temp\kavvlg.dll
C:\Users\Ervd\AppData\Local\Temp\msvclnt.dll
C:\Users\Ervd\AppData\Local\Temp\msvcp80.dll
C:\Users\Ervd\AppData\Local\Temp\msvcr80.dll
C:\Users\Ervd\AppData\Local\Temp\msvl64.dll
C:\Users\Ervd\AppData\Local\Temp\msvlclnt.dll
C:\Users\Ervd\AppData\Local\Temp\mwavdwnl.exe
C:\Users\Ervd\AppData\Local\Temp\MWAVL.exe
C:\Users\Ervd\AppData\Local\Temp\mwavscan.exe
C:\Users\Ervd\AppData\Local\Temp\mwunzip.dll
C:\Users\Ervd\AppData\Local\Temp\nx6ybkpb.dll
C:\Users\Ervd\AppData\Local\Temp\prLoader.dll
C:\Users\Ervd\AppData\Local\Temp\red32.dll
C:\Users\Ervd\AppData\Local\Temp\Reload.exe
C:\Users\Ervd\AppData\Local\Temp\scan.dll
C:\Users\Ervd\AppData\Local\Temp\ScanningProcess.exe
C:\Users\Ervd\AppData\Local\Temp\setpriv.exe
C:\Users\Ervd\AppData\Local\Temp\sqlite3.dll
C:\Users\Ervd\AppData\Local\Temp\sstyydza.dll
C:\Users\Ervd\AppData\Local\Temp\test2.exe
C:\Users\Ervd\AppData\Local\Temp\trufos.dll
C:\Users\Ervd\AppData\Local\Temp\unregx.exe
C:\Users\Ervd\AppData\Local\Temp\UPDLL10.DLL
C:\Users\Ervd\AppData\Local\Temp\viewtcp.exe
C:\Users\Ervd\AppData\Local\Temp\Virtual crash 2.2 download crack__10924_i1576813639_il1206311.exe
C:\Users\Ervd\AppData\Local\Temp\wqyz7q8p.dll
Some zero byte size files/folders:
==========================
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-13 00:42
==================== End of log ============================
Ran by Ervd (administrator) on ERVD-HP (19-08-2015 21:23:05)
Running from C:\Users\Ervd\Desktop
Loaded Profiles: Ervd (Available Profiles: Ervd)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Brother Industries, Ltd.) C:\Windows\System32\BrmfRsmg.exe
(Brother Industries, Ltd.) C:\Windows\System32\BrmfRsmg.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Motorola Solutions, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Connectify) C:\Program Files (x86)\Connectify\ConnectifyService.exe
(Connectify) C:\Program Files (x86)\Connectify\Connectifyd.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera_crashreporter.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IME14 JPN Uninstall] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [IME14 KOR Uninstall] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [IME14 CHS Uninstall] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110896 2012-03-14] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-09-20] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HP HD Webcam [Fixed]_Monitor] => C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [267128 2010-11-26] ()
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184736 2012-09-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-28] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-28] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3347873718-463703722-4102279566-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_res ... =20.3.1.22
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_res ... =20.3.1.22
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.msn.com/spbasic.htm
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_res ... =20.3.1.22
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3347873718-463703722-4102279566-1001 -> {4702E441-33EB-4081-AAB4-A4306691127A} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN31232173072314200&UM=4
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-18] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-28] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-18] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-28] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-18] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CZ/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.100.250
Tcpip\..\Interfaces\{274F84D7-F378-417A-ACAA-E28BE2E7AFF2}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{90A00704-316C-4E63-A4D7-D080D72B54B8}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B1CDFA70-9693-4D83-93F3-51DF11D97236}: [DhcpNameServer] 192.168.100.250
Tcpip\..\Interfaces\{F8B36AC6-63DF-485B-89A1-FD6E889A7A94}: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-18] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll [2014-04-15] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-31] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3347873718-463703722-4102279566-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-03-24] (Sony Network Entertainment International LLC)
FF Plugin HKU\S-1-5-21-3347873718-463703722-4102279566-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-10] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppluginrichmediaplayer.dll [2013-03-12] ()
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-06-21]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-12]
Chrome:
=======
CHR Profile: C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-27]
CHR Extension: (Google Docs) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-27]
CHR Extension: (Google Drive) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-27]
CHR Extension: (YouTube) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-27]
CHR Extension: (Google Search) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-27]
CHR Extension: (Google Sheets) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-27]
CHR Extension: (Bookmark Manager) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-27]
CHR Extension: (Avast Online Security) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-27]
CHR Extension: (Google Wallet) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-27]
CHR Extension: (Gmail) - C:\Users\Ervd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-04]
Opera:
=======
OPR Extension: (Opera Software) - C:\Users\Ervd\AppData\Roaming\Opera Software\Opera Stable\Extensions\encfpfilknmenlmjemepncnlbbjlabkc [2014-02-11]
OPR Extension: (Gantt) - C:\Users\Ervd\AppData\Roaming\Opera Software\Opera Stable\Extensions\maeombkgfpjdnjkhohbjachnnmpbipol [2013-11-19]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-29] (SUPERAntiSpyware.com)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-28] (AVAST Software)
R2 brmfrsmg; C:\Windows\system32\BrmfRsmg.exe [52736 2009-07-14] (Brother Industries, Ltd.)
R2 Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [487936 2014-12-26] (Connectify) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2012-06-09] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2012-06-09] (Macrovision Europe Ltd.) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-20] (Electronic Arts)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2012-09-20] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-07-25] (Advanced Micro Devices)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-28] (AVAST Software)
R5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-28] (AVAST Software)
R5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-28] (AVAST Software)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
S3 BrUsbScn; C:\Windows\System32\Drivers\BrUsbScn.sys [14336 2009-06-10] (Brother Industries Ltd.)
S3 BTMNET; C:\Windows\System32\DRIVERS\btmnet.sys [30208 2010-07-16] (Motorola, Inc.)
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R1 cnnctfy3; C:\Windows\System32\DRIVERS\cnnctfy3.sys [42152 2015-01-19] (Connectify)
R5 Compbatt; C:\Windows\System32\drivers\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-04] (Disc Soft Ltd)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
R5 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [31040 2012-09-24] (Hewlett-Packard Company)
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [439320 2011-01-13] (Intel Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R5 speedfan; C:\Windows\SysWow64\speedfan.sys [28664 2012-12-29] (Almico Software)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R5 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-04] (Duplex Secure Ltd.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2611704 2011-01-12] (Sunplus Technology)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2014-08-30] (BitDefender S.R.L.)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [296320 2011-02-25] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
U3 aw7mx0h8; C:\Windows\System32\Drivers\aw7mx0h8.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-19 21:23 - 2015-08-19 21:23 - 00025881 _____ C:\Users\Ervd\Desktop\FRST.txt
2015-08-19 21:22 - 2015-08-19 21:23 - 00000000 ____D C:\FRST
2015-08-19 21:15 - 2015-08-19 21:15 - 02173440 _____ (Farbar) C:\Users\Ervd\Desktop\FRST64.exe
2015-08-19 20:12 - 2015-08-19 20:13 - 00000000 ____D C:\AdwCleaner
2015-08-19 20:10 - 2015-08-19 20:10 - 01585664 _____ C:\Users\Ervd\Desktop\adwcleaner_5.002.exe
2015-08-17 20:24 - 2015-08-17 20:24 - 00000000 ____D C:\ProgramData\ATI
2015-08-17 20:17 - 2015-08-17 20:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-08-17 20:17 - 2015-08-17 20:17 - 00000000 ____D C:\Program Files (x86)\AMD APP
2015-08-17 20:16 - 2011-09-12 17:05 - 00003917 _____ C:\windows\SysWOW64\atipblup.dat
2015-08-17 20:16 - 2011-09-12 17:05 - 00003917 _____ C:\windows\system32\atipblup.dat
2015-08-17 20:13 - 2015-08-17 20:16 - 00000000 ____D C:\Program Files\ATI Technologies
2015-08-17 19:58 - 2015-08-17 19:58 - 01222144 _____ C:\Users\Ervd\Downloads\RSITx64.exe
2015-08-16 12:29 - 2015-08-16 12:29 - 00016384 _____ C:\Users\Ervd\Downloads\Nákupní seznam pro mimčo (1).xls
2015-08-16 00:06 - 2015-08-16 00:06 - 00000930 _____ C:\windows\PFRO.log
2015-08-15 23:39 - 2015-08-15 23:39 - 00778440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-08-15 23:39 - 2015-08-15 23:39 - 00142536 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-15 23:34 - 2015-08-15 23:34 - 00001247 _____ C:\windows\ESCAN.LOG
2015-08-15 23:31 - 2015-08-15 23:42 - 00000184 _____ C:\windows\general.log
2015-08-15 23:29 - 2015-08-15 23:43 - 00000908 _____ C:\windows\UPDLL.LOG
2015-08-15 23:26 - 2015-08-15 23:26 - 00001022 _____ C:\Users\Ervd\Desktop\MWAVSCAN.lnk
2015-08-14 08:43 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 08:43 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 20:25 - 2015-08-15 12:16 - 00000000 ____D C:\Users\Ervd\Downloads\prilohy_22736
2015-08-12 19:26 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2015-08-12 19:26 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-08-12 19:26 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-08-12 19:26 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-08-12 19:26 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-08-12 19:26 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-08-12 19:26 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-08-12 19:26 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-08-12 19:26 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-08-12 19:26 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-08-12 19:26 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-08-12 19:26 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-08-12 19:26 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-08-12 19:26 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-08-12 19:26 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\basesrv.dll
2015-08-12 19:26 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-08-12 19:25 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-08-12 19:25 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-08-12 19:25 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-08-12 19:25 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-08-12 19:25 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-08-12 19:25 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-08-12 19:25 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-08-12 19:25 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-08-12 19:25 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-08-12 19:25 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-08-12 19:25 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-08-12 19:25 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-08-12 19:25 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-08-12 19:25 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-08-12 19:25 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-08-12 19:25 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-08-12 19:25 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-08-12 19:25 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 19:25 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-08-12 19:25 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-08-12 19:25 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-08-12 19:25 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-08-12 19:25 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-08-12 19:25 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-08-12 19:25 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-08-12 19:25 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-08-12 19:25 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-08-12 19:25 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-08-12 19:25 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-08-12 19:25 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-08-12 19:25 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-08-12 19:25 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-08-12 19:25 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-08-12 19:25 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-08-12 19:25 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-08-12 19:25 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 19:25 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-08-12 19:25 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-08-12 19:25 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-08-12 19:25 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-08-12 19:25 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-08-12 19:25 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-08-12 19:25 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-08-12 19:25 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-08-12 19:25 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-08-12 19:25 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-08-12 19:25 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-08-12 19:25 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-08-12 19:25 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-08-12 19:25 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-08-12 19:25 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-08-12 19:25 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-08-12 19:25 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-08-12 19:25 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-08-12 19:25 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-08-12 19:25 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-08-12 19:25 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-08-12 19:25 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-08-12 19:25 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-08-12 19:25 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-08-12 19:25 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-08-12 19:25 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-08-12 19:25 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-08-12 19:25 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-08-12 19:25 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-08-12 19:25 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-08-12 19:25 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-08-12 19:25 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-08-12 19:25 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-08-12 19:25 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-08-12 19:25 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-08-12 19:25 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-08-12 19:25 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-08-12 19:25 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-08-12 19:25 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-08-12 19:25 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-08-12 19:25 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-08-12 19:25 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2015-08-12 19:25 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-08-12 19:25 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-08-12 19:25 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-08-12 19:25 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-08-12 19:25 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2015-08-12 19:25 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-08-12 19:25 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-08-12 19:25 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-08-12 19:25 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-08-12 19:25 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-08-12 19:25 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2015-08-12 19:25 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2015-08-12 19:25 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2015-08-12 19:25 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-08-12 19:25 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-08-12 19:25 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 19:25 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 19:24 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-08-12 19:24 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-08-12 19:24 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-08-12 19:24 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-08-12 19:24 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-08-12 19:24 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-08-12 19:24 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-08-12 19:24 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-08-12 19:24 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-08-12 19:24 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-08-12 19:24 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-08-12 19:21 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-08-12 19:21 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2015-08-12 19:21 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-08-12 19:21 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-08-12 19:21 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-08-12 19:21 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-08-12 19:21 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-08-12 19:21 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-08-12 19:21 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-08-12 19:21 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-08-12 19:21 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-08-12 19:21 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-08-12 19:21 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-08-12 19:21 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-08-12 19:21 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-08-12 19:21 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-08-12 19:21 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-08-12 19:21 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-08-12 19:21 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2015-08-12 19:21 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-08-12 19:21 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2015-08-12 19:21 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-08-12 19:21 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2015-08-12 19:21 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-08-12 19:21 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2015-08-12 19:21 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-08-12 19:21 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-08-12 19:21 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-08-12 19:21 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\notepad.exe
2015-08-12 19:21 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\windows\notepad.exe
2015-08-12 19:21 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\notepad.exe
2015-08-12 19:21 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2015-08-12 19:21 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2015-08-12 19:21 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
2015-08-12 19:21 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
2015-08-09 19:02 - 2015-08-12 12:56 - 00000000 ____D C:\Users\Ervd\Desktop\nehoda
2015-08-09 18:05 - 2015-08-09 18:14 - 217914627 _____ C:\Users\Ervd\Downloads\vcrash22lite.exe
2015-08-09 17:46 - 2015-08-09 17:46 - 00000000 ____D C:\Users\Ervd\Documents\Downloaded Installations
2015-08-09 17:45 - 2015-08-09 18:44 - 00000000 ____D C:\Program Files (x86)\vizi
2015-08-01 13:09 - 2015-08-01 13:09 - 00075184 _____ C:\Users\Ervd\Desktop\monte carlo pí.ods
2015-08-01 11:30 - 2015-08-01 11:30 - 00018830 _____ C:\Users\Ervd\Desktop\Nákupní seznam pro mimčo.ods
2015-08-01 10:57 - 2015-08-01 10:57 - 00015872 _____ C:\Users\Ervd\Downloads\Nákupní seznam pro mimčo.xls
2015-07-28 23:30 - 2015-08-19 20:15 - 00002414 _____ C:\windows\setupact.log
2015-07-28 23:30 - 2015-07-28 23:30 - 00000000 _____ C:\windows\setuperr.log
2015-07-28 22:14 - 2015-07-28 22:14 - 00378880 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2015-07-28 22:14 - 2015-07-28 22:14 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr
2015-07-24 22:47 - 2015-07-24 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-24 22:46 - 2015-07-24 22:47 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-24 22:46 - 2015-07-24 22:46 - 00000000 ____D C:\ProgramData\Apple Computer
2015-07-23 18:27 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-19 21:09 - 2014-09-07 02:11 - 01905918 _____ C:\windows\WindowsUpdate.log
2015-08-19 20:27 - 2009-07-14 06:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-19 20:27 - 2009-07-14 06:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-19 20:22 - 2014-11-06 13:31 - 00000544 _____ C:\windows\Tasks\MATLAB R2014a Startup Accelerator.job
2015-08-19 20:15 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-08-19 19:36 - 2014-06-03 14:26 - 00003828 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1383528208
2015-08-19 19:36 - 2012-06-09 19:41 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-19 19:27 - 2013-09-13 21:14 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2015-08-17 21:12 - 2014-06-14 15:12 - 00000340 _____ C:\windows\Tasks\HPCeeScheduleForERVD-HP$.job
2015-08-17 21:12 - 2012-07-11 13:01 - 00003216 _____ C:\windows\System32\Tasks\HPCeeScheduleForERVD-HP$
2015-08-17 20:15 - 2012-06-10 02:01 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-08-17 19:58 - 2012-08-01 17:34 - 00000000 ____D C:\Program Files\trend micro
2015-08-16 10:26 - 2012-06-15 16:30 - 00000000 ____D C:\Users\Ervd\AppData\Local\CrashDumps
2015-08-15 23:42 - 2014-08-30 01:49 - 00000056 _____ C:\windows\Lic.xxx
2015-08-15 23:42 - 2014-04-17 21:16 - 00000000 ____D C:\Users\Ervd\Downloads\TempBK
2015-08-15 23:39 - 2014-08-27 14:47 - 00000000 ____D C:\Users\Ervd\AppData\Local\Adobe
2015-08-15 23:34 - 2009-07-14 04:34 - 00000764 _____ C:\windows\win.ini
2015-08-15 23:26 - 2013-05-24 16:38 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2015-08-15 12:27 - 2014-06-11 14:02 - 00000328 _____ C:\windows\Tasks\HPCeeScheduleForErvd.job
2015-08-15 11:22 - 2013-04-26 22:57 - 00003180 _____ C:\windows\System32\Tasks\HPCeeScheduleForErvd
2015-08-15 11:21 - 2012-06-18 11:46 - 00000052 _____ C:\windows\SysWOW64\DOErrors.log
2015-08-14 08:54 - 2013-05-12 13:40 - 01048344 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2015-08-13 03:50 - 2009-07-14 06:45 - 00466640 _____ C:\windows\system32\FNTCACHE.DAT
2015-08-13 03:45 - 2014-12-13 00:06 - 00000000 ____D C:\windows\system32\appraiser
2015-08-13 03:45 - 2014-05-03 17:01 - 00000000 ___SD C:\windows\system32\CompatTel
2015-08-13 03:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\sl-SI
2015-08-13 03:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\sk-SK
2015-08-13 03:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\hr-HR
2015-08-13 03:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\sl-SI
2015-08-13 03:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\sk-SK
2015-08-13 03:45 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\hr-HR
2015-08-13 03:11 - 2013-08-15 03:04 - 00000000 ____D C:\windows\system32\MRT
2015-08-13 03:02 - 2012-06-09 18:29 - 132483416 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-08-12 12:56 - 2009-07-14 07:32 - 00000000 ____D C:\windows\system32\FxsTmp
2015-08-04 22:35 - 2013-10-21 23:48 - 00000000 ____D C:\Users\Ervd\AppData\Roaming\vlc
2015-08-04 22:33 - 2012-01-02 19:36 - 00672408 _____ C:\windows\system32\perfh005.dat
2015-08-04 22:33 - 2012-01-02 19:36 - 00142972 _____ C:\windows\system32\perfc005.dat
2015-08-04 22:33 - 2009-07-14 07:13 - 01593238 _____ C:\windows\system32\PerfStringBackup.INI
2015-08-01 11:45 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-01 11:31 - 2014-11-06 13:35 - 00000000 ____D C:\Users\Ervd\Documents\MATLAB
2015-08-01 11:05 - 2011-02-11 07:14 - 00000000 ____D C:\windows\Panther
2015-07-28 22:34 - 2012-11-21 09:28 - 00000000 ____D C:\Users\Ervd\AppData\Roaming\DAEMON Tools Lite
2015-07-28 22:14 - 2014-05-01 14:39 - 00028656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2015-07-28 22:14 - 2013-12-21 17:35 - 00150672 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2015-07-28 22:14 - 2013-05-12 13:40 - 00447944 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2015-07-28 22:14 - 2013-05-12 13:40 - 00274808 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2015-07-28 22:14 - 2013-05-12 13:40 - 00093528 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2015-07-28 22:14 - 2013-05-12 13:40 - 00090968 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2015-07-28 22:14 - 2013-05-12 13:40 - 00065224 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2015-07-28 17:20 - 2009-07-14 07:08 - 00032614 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-07-25 23:22 - 2015-04-04 06:30 - 00000000 ___SD C:\windows\system32\GWX
2015-07-24 22:34 - 2012-11-18 20:08 - 00017497 _____ C:\windows\SysWOW64\InstallUtil.InstallLog
==================== Files in the root of some directories =======
2013-09-25 22:17 - 2013-09-25 22:17 - 0000000 _____ () C:\Users\Ervd\AppData\Roaming\pdfconverter
2013-06-09 17:00 - 2013-06-09 17:00 - 0004096 ____H () C:\Users\Ervd\AppData\Local\keyfile3.drm
2012-08-30 20:14 - 2012-08-31 03:03 - 0001554 _____ () C:\Users\Ervd\AppData\Local\mbt-actwiz.log
2013-03-07 00:53 - 2015-04-09 04:09 - 0007602 _____ () C:\Users\Ervd\AppData\Local\Resmon.ResmonCfg
2012-06-09 18:08 - 2012-06-09 18:08 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Some files in TEMP:
====================
C:\Users\Ervd\AppData\Local\Temp\avcuf32.dll
C:\Users\Ervd\AppData\Local\Temp\avcuf64.dll
C:\Users\Ervd\AppData\Local\Temp\avxdisk.dll
C:\Users\Ervd\AppData\Local\Temp\bdc.exe
C:\Users\Ervd\AppData\Local\Temp\bdcore.dll
C:\Users\Ervd\AppData\Local\Temp\bdfltlib2k.dll
C:\Users\Ervd\AppData\Local\Temp\bdnimbus32.dll
C:\Users\Ervd\AppData\Local\Temp\bdnimbus64.dll
C:\Users\Ervd\AppData\Local\Temp\bdupdateservice.dll
C:\Users\Ervd\AppData\Local\Temp\DEVCON.EXE
C:\Users\Ervd\AppData\Local\Temp\encdec.dll
C:\Users\Ervd\AppData\Local\Temp\esupdate.exe
C:\Users\Ervd\AppData\Local\Temp\failover.exe
C:\Users\Ervd\AppData\Local\Temp\FSSync.dll
C:\Users\Ervd\AppData\Local\Temp\Getvlist.exe
C:\Users\Ervd\AppData\Local\Temp\ikave.dll
C:\Users\Ervd\AppData\Local\Temp\ipc.dll
C:\Users\Ervd\AppData\Local\Temp\kave.dll
C:\Users\Ervd\AppData\Local\Temp\kavvlg.dll
C:\Users\Ervd\AppData\Local\Temp\msvclnt.dll
C:\Users\Ervd\AppData\Local\Temp\msvcp80.dll
C:\Users\Ervd\AppData\Local\Temp\msvcr80.dll
C:\Users\Ervd\AppData\Local\Temp\msvl64.dll
C:\Users\Ervd\AppData\Local\Temp\msvlclnt.dll
C:\Users\Ervd\AppData\Local\Temp\mwavdwnl.exe
C:\Users\Ervd\AppData\Local\Temp\MWAVL.exe
C:\Users\Ervd\AppData\Local\Temp\mwavscan.exe
C:\Users\Ervd\AppData\Local\Temp\mwunzip.dll
C:\Users\Ervd\AppData\Local\Temp\nx6ybkpb.dll
C:\Users\Ervd\AppData\Local\Temp\prLoader.dll
C:\Users\Ervd\AppData\Local\Temp\red32.dll
C:\Users\Ervd\AppData\Local\Temp\Reload.exe
C:\Users\Ervd\AppData\Local\Temp\scan.dll
C:\Users\Ervd\AppData\Local\Temp\ScanningProcess.exe
C:\Users\Ervd\AppData\Local\Temp\setpriv.exe
C:\Users\Ervd\AppData\Local\Temp\sqlite3.dll
C:\Users\Ervd\AppData\Local\Temp\sstyydza.dll
C:\Users\Ervd\AppData\Local\Temp\test2.exe
C:\Users\Ervd\AppData\Local\Temp\trufos.dll
C:\Users\Ervd\AppData\Local\Temp\unregx.exe
C:\Users\Ervd\AppData\Local\Temp\UPDLL10.DLL
C:\Users\Ervd\AppData\Local\Temp\viewtcp.exe
C:\Users\Ervd\AppData\Local\Temp\Virtual crash 2.2 download crack__10924_i1576813639_il1206311.exe
C:\Users\Ervd\AppData\Local\Temp\wqyz7q8p.dll
Some zero byte size files/folders:
==========================
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-13 00:42
==================== End of log ============================
- Přílohy
-
- Addition.zip
- (14.8 KiB) Staženo 90 x
Re: Preventivka notebooku
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: File: C:\Windows\RUNDL132.EXE File: C:\Windows\logo_1.exe File: C:\Windows\VDLL.DLL File: C:\Windows\SysWOW64\runouce.exe CMD: dir C:\Users\Ervd\AppData\Local\CrashDumps HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKU\S-1-5-21-3347873718-463703722-4102279566-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope value is missing SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3347873718-463703722-4102279566-1001 -> {4702E441-33EB-4081-AAB4-A4306691127A} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN31232173072314200&UM=4 FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] S3 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X] 2015-08-19 20:12 - 2015-08-19 20:13 - 00000000 ____D C:\AdwCleaner 2015-08-19 20:10 - 2015-08-19 20:10 - 01585664 _____ C:\Users\Ervd\Desktop\adwcleaner_5.002.exe 2015-08-17 19:58 - 2015-08-17 19:58 - 01222144 _____ C:\Users\Ervd\Downloads\RSITx64.exe 2015-08-17 19:58 - 2012-08-01 17:34 - 00000000 ____D C:\Program Files\trend micro 2012-06-09 18:08 - 2012-06-09 18:08 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Task: {0837DE83-199A-4959-AE82-AF8268561C5D} - System32\Tasks\{28B4CB8C-06FC-4D0E-9371-EE7961A2F7EF} => pcalua.exe -a C:\Users\Ervd\Desktop\mwav.exe -d C:\Users\Ervd\Desktop Task: {1B63A719-9E37-4973-984D-F3231B775A8E} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano Final\TriggerKMS.exe [2013-02-10] () C:\Program Files\KMSnano Final IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Preventivka notebooku
Fix result of Farbar Recovery Scan Tool (x64) Version:19-08-2015
Ran by Ervd (2015-08-19 22:13:11) Run:1
Running from C:\Users\Ervd\Desktop
Loaded Profiles: Ervd (Available Profiles: Ervd)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
File: C:\Windows\RUNDL132.EXE
File: C:\Windows\logo_1.exe
File: C:\Windows\VDLL.DLL
File: C:\Windows\SysWOW64\runouce.exe
CMD: dir C:\Users\Ervd\AppData\Local\CrashDumps
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-3347873718-463703722-4102279566-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3347873718-463703722-4102279566-1001 -> {4702E441-33EB-4081-AAB4-A4306691127A} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN31232173072314200&UM=4
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]
2015-08-19 20:12 - 2015-08-19 20:13 - 00000000 ____D C:\AdwCleaner
2015-08-19 20:10 - 2015-08-19 20:10 - 01585664 _____ C:\Users\Ervd\Desktop\adwcleaner_5.002.exe
2015-08-17 19:58 - 2015-08-17 19:58 - 01222144 _____ C:\Users\Ervd\Downloads\RSITx64.exe
2015-08-17 19:58 - 2012-08-01 17:34 - 00000000 ____D C:\Program Files\trend micro
2012-06-09 18:08 - 2012-06-09 18:08 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Task: {0837DE83-199A-4959-AE82-AF8268561C5D} - System32\Tasks\{28B4CB8C-06FC-4D0E-9371-EE7961A2F7EF} => pcalua.exe -a C:\Users\Ervd\Desktop\mwav.exe -d C:\Users\Ervd\Desktop
Task: {1B63A719-9E37-4973-984D-F3231B775A8E} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano Final\TriggerKMS.exe [2013-02-10] ()
C:\Program Files\KMSnano Final
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
========================= File: C:\Windows\RUNDL132.EXE ========================
File not signed
MD5:
Creation and modification date: 2014-08-30 02:07 - 2014-08-30 02:07
Size: 0000000
Attributes: ---AD
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Windows\logo_1.exe ========================
File not signed
MD5:
Creation and modification date: 2014-08-30 02:07 - 2014-08-30 02:07
Size: 0000000
Attributes: ---AD
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Windows\VDLL.DLL ========================
File not signed
MD5:
Creation and modification date: 2014-08-30 02:07 - 2014-08-30 02:07
Size: 0000000
Attributes: ---AD
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Windows\SysWOW64\runouce.exe ========================
File not signed
MD5:
Creation and modification date: 2014-08-30 02:07 - 2014-08-30 02:07
Size: 0000000
Attributes: ---AD
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========= dir C:\Users\Ervd\AppData\Local\CrashDumps =========
Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 2C53-6BCF.
V�pis adres��e C:\Users\Ervd\AppData\Local\CrashDumps
16.08.2015 10:26 <DIR> .
16.08.2015 10:26 <DIR> ..
15.08.2015 21:05 10�564�253 TriggerKMS.exe.1560.dmp
16.08.2015 10:26 10�562�413 TriggerKMS.exe.1704.dmp
16.08.2015 00:40 10�560�597 TriggerKMS.exe.2240.dmp
08.08.2015 13:10 10�562�417 TriggerKMS.exe.2544.dmp
Soubor�: 4, Bajt�: 42�249�680
Adres���: 2, Voln�ch bajt�: 51�387�863�040
========= End of CMD: =========
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-3347873718-463703722-4102279566-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-3347873718-463703722-4102279566-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4702E441-33EB-4081-AAB4-A4306691127A}" => key removed successfully
HKCR\CLSID\{4702E441-33EB-4081-AAB4-A4306691127A} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
WinDefend => service removed successfully
C:\AdwCleaner => moved successfully.
C:\Users\Ervd\Desktop\adwcleaner_5.002.exe => moved successfully.
C:\Users\Ervd\Downloads\RSITx64.exe => moved successfully.
C:\Program Files\trend micro => moved successfully.
C:\ProgramData\ezsidmv.dat => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0837DE83-199A-4959-AE82-AF8268561C5D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0837DE83-199A-4959-AE82-AF8268561C5D}" => key removed successfully
C:\windows\System32\Tasks\{28B4CB8C-06FC-4D0E-9371-EE7961A2F7EF} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{28B4CB8C-06FC-4D0E-9371-EE7961A2F7EF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B63A719-9E37-4973-984D-F3231B775A8E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B63A719-9E37-4973-984D-F3231B775A8E}" => key removed successfully
C:\windows\System32\Tasks\Trigger KMS Activation => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation" => key removed successfully
C:\Program Files\KMSnano Final => moved successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com" => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 1.7 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 22:15:45 ====
Ran by Ervd (2015-08-19 22:13:11) Run:1
Running from C:\Users\Ervd\Desktop
Loaded Profiles: Ervd (Available Profiles: Ervd)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
File: C:\Windows\RUNDL132.EXE
File: C:\Windows\logo_1.exe
File: C:\Windows\VDLL.DLL
File: C:\Windows\SysWOW64\runouce.exe
CMD: dir C:\Users\Ervd\AppData\Local\CrashDumps
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-3347873718-463703722-4102279566-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3347873718-463703722-4102279566-1001 -> {4702E441-33EB-4081-AAB4-A4306691127A} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN31232173072314200&UM=4
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]
2015-08-19 20:12 - 2015-08-19 20:13 - 00000000 ____D C:\AdwCleaner
2015-08-19 20:10 - 2015-08-19 20:10 - 01585664 _____ C:\Users\Ervd\Desktop\adwcleaner_5.002.exe
2015-08-17 19:58 - 2015-08-17 19:58 - 01222144 _____ C:\Users\Ervd\Downloads\RSITx64.exe
2015-08-17 19:58 - 2012-08-01 17:34 - 00000000 ____D C:\Program Files\trend micro
2012-06-09 18:08 - 2012-06-09 18:08 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
Task: {0837DE83-199A-4959-AE82-AF8268561C5D} - System32\Tasks\{28B4CB8C-06FC-4D0E-9371-EE7961A2F7EF} => pcalua.exe -a C:\Users\Ervd\Desktop\mwav.exe -d C:\Users\Ervd\Desktop
Task: {1B63A719-9E37-4973-984D-F3231B775A8E} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano Final\TriggerKMS.exe [2013-02-10] ()
C:\Program Files\KMSnano Final
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
========================= File: C:\Windows\RUNDL132.EXE ========================
File not signed
MD5:
Creation and modification date: 2014-08-30 02:07 - 2014-08-30 02:07
Size: 0000000
Attributes: ---AD
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Windows\logo_1.exe ========================
File not signed
MD5:
Creation and modification date: 2014-08-30 02:07 - 2014-08-30 02:07
Size: 0000000
Attributes: ---AD
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Windows\VDLL.DLL ========================
File not signed
MD5:
Creation and modification date: 2014-08-30 02:07 - 2014-08-30 02:07
Size: 0000000
Attributes: ---AD
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Windows\SysWOW64\runouce.exe ========================
File not signed
MD5:
Creation and modification date: 2014-08-30 02:07 - 2014-08-30 02:07
Size: 0000000
Attributes: ---AD
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========= dir C:\Users\Ervd\AppData\Local\CrashDumps =========
Svazek v jednotce C nem� ��dnou jmenovku.
S�riov� ��slo svazku je 2C53-6BCF.
V�pis adres��e C:\Users\Ervd\AppData\Local\CrashDumps
16.08.2015 10:26 <DIR> .
16.08.2015 10:26 <DIR> ..
15.08.2015 21:05 10�564�253 TriggerKMS.exe.1560.dmp
16.08.2015 10:26 10�562�413 TriggerKMS.exe.1704.dmp
16.08.2015 00:40 10�560�597 TriggerKMS.exe.2240.dmp
08.08.2015 13:10 10�562�417 TriggerKMS.exe.2544.dmp
Soubor�: 4, Bajt�: 42�249�680
Adres���: 2, Voln�ch bajt�: 51�387�863�040
========= End of CMD: =========
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-3347873718-463703722-4102279566-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-3347873718-463703722-4102279566-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4702E441-33EB-4081-AAB4-A4306691127A}" => key removed successfully
HKCR\CLSID\{4702E441-33EB-4081-AAB4-A4306691127A} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
WinDefend => service removed successfully
C:\AdwCleaner => moved successfully.
C:\Users\Ervd\Desktop\adwcleaner_5.002.exe => moved successfully.
C:\Users\Ervd\Downloads\RSITx64.exe => moved successfully.
C:\Program Files\trend micro => moved successfully.
C:\ProgramData\ezsidmv.dat => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0837DE83-199A-4959-AE82-AF8268561C5D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0837DE83-199A-4959-AE82-AF8268561C5D}" => key removed successfully
C:\windows\System32\Tasks\{28B4CB8C-06FC-4D0E-9371-EE7961A2F7EF} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{28B4CB8C-06FC-4D0E-9371-EE7961A2F7EF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B63A719-9E37-4973-984D-F3231B775A8E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B63A719-9E37-4973-984D-F3231B775A8E}" => key removed successfully
C:\windows\System32\Tasks\Trigger KMS Activation => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation" => key removed successfully
C:\Program Files\KMSnano Final => moved successfully.
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\clonewarsadventures.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\freerealms.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\soe.com" => key removed successfully
"HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sony.com" => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 1.7 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 22:15:45 ====
Re: Preventivka notebooku
Mel jste moc nepotrebnych dat v tempech - doporucuju alespon jednou za dva tydny pouzit CCleaner. Jeste uklidime pouzite nastroje.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Preventivka notebooku
děkuji za pomoc!
Re: Preventivka notebooku
Nemate zac, rad jsem pomohl 
Mejte se krasne a treba zase nekdy
Mejte se krasne a treba zase nekdy
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?