Logfile of random's system information tool 1.10 (written by random/random)
Run by Mirek at 2015-09-09 17:02:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 82 GB (56%) free of 148 GB
Total RAM: 2558 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:02:48, on 9.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Users\Mirek\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Software Informer\softinfo.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Mirek\Downloads\RSIT.exe
C:\Program Files\trend micro\Mirek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [MobileConnect] %programfiles%\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe /silent
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [SpywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://C:\Program Files\Free Download Manager\dlall.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Unknown owner - C:\Program Files\Spyware Terminator\sp_rsser.exe (file missing)
O23 - Service: Vodafone Mobile Connect Service (VMCService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
--
End of file - 6047 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-07 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30 98304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-03 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-06 7600672]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-07-06 1833504]
"MobileConnect"=C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2009-07-03 2328576]
"SpywareTerminator"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe []
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-07-28 13797920]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-04-08 254696]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-07 6111824]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]
"Software Informer"=C:\Program Files\Software Informer\softinfo.exe [2011-03-22 2859077]
"fsm"= []
"SpywareTerminatorUpdate"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe []
C:\Users\Mirek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.3.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.aacacm"=AACACM.acm
"msacm.lameacm"=lameACM.acm
"msacm.ac3acm"=ac3acm.acm
"VIDC.LAGS"=lagarith.dll
"msacm.ac3filter"=ac3filter.acm
"VIDC.FFDS"=ff_vfw.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-09-09 17:02:25 ----D---- C:\rsit
2015-09-09 17:02:25 ----D---- C:\Program Files\trend micro
2015-09-09 16:44:57 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2015-09-09 16:29:21 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-09 16:26:42 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 16:26:42 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 16:26:42 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 16:26:41 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 16:26:41 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 16:26:41 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 16:26:27 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 16:26:27 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 16:26:27 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 16:26:27 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 16:26:26 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 16:26:26 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 16:26:26 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 16:26:26 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 16:26:26 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 16:26:26 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 16:26:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-09-09 16:26:24 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 16:26:24 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 16:26:24 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 16:26:24 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 16:26:23 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 16:26:23 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 16:26:23 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 16:26:23 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 16:26:23 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 16:26:22 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 16:26:22 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 16:26:22 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 16:26:22 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 16:26:22 ----A---- C:\Windows\system32\smss.exe
2015-09-09 16:26:22 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 16:26:22 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 16:26:22 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 16:26:22 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 16:26:22 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 16:26:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 16:26:22 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 16:26:22 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 16:26:22 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 16:26:22 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 16:26:22 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 16:26:06 ----A---- C:\Windows\system32\KBDYAK.DLL
2015-09-09 16:26:06 ----A---- C:\Windows\system32\KBDTAT.DLL
2015-09-09 16:26:06 ----A---- C:\Windows\system32\KBDRU1.DLL
2015-09-09 16:26:06 ----A---- C:\Windows\system32\KBDRU.DLL
2015-09-09 16:26:06 ----A---- C:\Windows\system32\KBDBASH.DLL
2015-09-09 16:26:04 ----A---- C:\Windows\system32\d2d1.dll
2015-09-09 16:26:00 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 16:26:00 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 16:26:00 ----A---- C:\Windows\system32\wups.dll
2015-09-09 16:26:00 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 16:26:00 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 16:26:00 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 16:26:00 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 16:26:00 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 16:26:00 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 16:26:00 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 16:26:00 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-09-09 16:25:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 16:25:54 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 16:25:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 16:25:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 16:25:54 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 16:25:53 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 16:25:53 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 16:25:53 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 16:25:52 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 16:25:52 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 16:25:52 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 16:25:52 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 16:25:52 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 16:25:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 16:25:50 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 16:25:49 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 16:25:49 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 16:25:49 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 16:25:47 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 16:25:47 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 16:25:46 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 16:25:45 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 16:25:44 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 16:25:43 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 16:25:43 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 16:25:42 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 16:25:40 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 16:25:40 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 16:25:40 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 16:25:37 ----A---- C:\Windows\system32\spoolsv.exe
2015-09-09 16:25:36 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 16:25:35 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 16:25:31 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 16:25:31 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 16:25:26 ----A---- C:\Windows\system32\consent.exe
2015-09-09 16:25:25 ----A---- C:\Windows\system32\authui.dll
2015-09-09 16:25:25 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 16:25:21 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 16:25:21 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 16:25:20 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 16:25:20 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 16:25:20 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 16:25:19 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 16:25:19 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 16:25:18 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 16:25:18 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 16:25:18 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 16:25:18 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 16:19:40 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 15:53:50 ----SD---- C:\Windows\system32\CompatTel
2015-09-09 15:53:50 ----D---- C:\Windows\system32\appraiser
2015-09-09 15:53:50 ----D---- C:\Windows\Migration
2015-09-08 20:24:05 ----N---- C:\bootsqm.dat
2015-09-08 19:50:46 ----D---- C:\Program Files\CCleaner
2015-09-08 19:49:36 ----A---- C:\Windows\system32\d3d10warp.dll
2015-09-08 19:49:35 ----A---- C:\Windows\system32\FntCache.dll
2015-09-08 19:49:35 ----A---- C:\Windows\system32\DWrite.dll
2015-09-08 19:49:33 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-09-08 19:49:14 ----A---- C:\Windows\system32\WMPhoto.dll
2015-09-07 21:08:27 ----D---- C:\Windows\system32\MRT
2015-09-07 20:22:31 ----A---- C:\Windows\system32\infocardapi.dll
2015-09-07 20:22:26 ----A---- C:\Windows\system32\icardres.dll
2015-09-07 20:22:12 ----A---- C:\Windows\system32\icardagt.exe
2015-09-07 20:22:08 ----A---- C:\Windows\system32\TsWpfWrp.exe
2015-09-07 20:07:47 ----A---- C:\Windows\system32\powertracker.dll
2015-09-07 20:07:47 ----A---- C:\Windows\system32\perftrack.dll
2015-09-07 20:07:46 ----A---- C:\Windows\system32\wdi.dll
2015-09-07 19:54:50 ----A---- C:\Windows\system32\elshyph.dll
2015-09-07 19:54:48 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2015-09-07 19:54:48 ----A---- C:\Windows\system32\msls31.dll
2015-09-07 19:54:48 ----A---- C:\Windows\system32\jsIntl.dll
2015-09-07 19:54:46 ----A---- C:\Windows\system32\ieapfltr.dat
2015-09-07 19:54:45 ----A---- C:\Windows\system32\url.dll
2015-09-07 19:54:45 ----A---- C:\Windows\system32\icardie.dll
2015-09-07 19:54:44 ----A---- C:\Windows\system32\wextract.exe
2015-09-07 19:54:44 ----A---- C:\Windows\system32\webcheck.dll
2015-09-07 19:54:44 ----A---- C:\Windows\system32\licmgr10.dll
2015-09-07 19:54:44 ----A---- C:\Windows\system32\inseng.dll
2015-09-07 19:54:44 ----A---- C:\Windows\system32\iexpress.exe
2015-09-07 19:54:43 ----A---- C:\Windows\system32\pngfilt.dll
2015-09-07 19:54:43 ----A---- C:\Windows\system32\occache.dll
2015-09-07 19:54:42 ----A---- C:\Windows\system32\mshta.exe
2015-09-07 19:54:42 ----A---- C:\Windows\system32\imgutil.dll
2015-09-07 19:54:42 ----A---- C:\Windows\system32\iepeers.dll
2015-09-07 19:54:41 ----A---- C:\Windows\system32\msfeedssync.exe
2015-09-07 19:54:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2015-09-07 19:54:41 ----A---- C:\Windows\system32\IEAdvpack.dll
2015-09-07 19:54:40 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2015-09-07 19:54:40 ----A---- C:\Windows\system32\mshtmler.dll
2015-09-07 19:54:40 ----A---- C:\Windows\system32\iesysprep.dll
2015-09-07 19:53:08 ----A---- C:\Windows\system32\mswsock.dll
2015-09-07 19:51:53 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-09-07 19:51:53 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-09-07 19:51:53 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-09-07 19:51:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-09-07 19:51:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-09-07 19:51:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-09-07 19:51:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-09-07 19:51:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-09-07 19:51:52 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-09-07 19:51:52 ----A---- C:\Windows\system32\XpsPrint.dll
2015-09-07 19:51:52 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2015-09-07 19:51:51 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2015-09-07 19:51:51 ----A---- C:\Windows\system32\d3d10core.dll
2015-09-07 19:51:51 ----A---- C:\Windows\system32\d3d10_1core.dll
2015-09-07 19:51:51 ----A---- C:\Windows\system32\d3d10_1.dll
2015-09-07 19:51:51 ----A---- C:\Windows\system32\d3d10.dll
2015-09-07 19:51:50 ----A---- C:\Windows\system32\UIAnimation.dll
2015-09-07 19:51:50 ----A---- C:\Windows\system32\dxgi.dll
2015-09-07 19:51:50 ----A---- C:\Windows\system32\d3d10level9.dll
2015-09-07 19:48:59 ----A---- C:\Windows\system32\d3d11.dll
2015-09-07 19:44:43 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-09-07 19:44:43 ----A---- C:\Windows\system32\aitstatic.exe
2015-09-07 19:44:42 ----A---- C:\Windows\system32\invagent.dll
2015-09-07 19:44:42 ----A---- C:\Windows\system32\generaltel.dll
2015-09-07 19:44:42 ----A---- C:\Windows\system32\devinv.dll
2015-09-07 19:44:42 ----A---- C:\Windows\system32\appraiser.dll
2015-09-07 19:44:42 ----A---- C:\Windows\system32\aepic.dll
2015-09-07 19:44:42 ----A---- C:\Windows\system32\aeinv.dll
2015-09-07 19:44:42 ----A---- C:\Windows\system32\acmigration.dll
2015-09-07 19:44:40 ----A---- C:\Windows\system32\aepdu.dll
2015-09-07 19:44:36 ----A---- C:\Windows\system32\wintrust.dll
2015-09-07 19:44:36 ----A---- C:\Windows\system32\cryptsvc.dll
2015-09-07 19:44:36 ----A---- C:\Windows\system32\cryptnet.dll
2015-09-07 19:44:36 ----A---- C:\Windows\system32\crypt32.dll
2015-09-07 19:44:30 ----A---- C:\Windows\system32\wpdshext.dll
2015-09-07 19:44:25 ----A---- C:\Windows\system32\msi.dll
2015-09-07 19:44:24 ----A---- C:\Windows\system32\msimsg.dll
2015-09-07 19:44:24 ----A---- C:\Windows\system32\msihnd.dll
2015-09-07 19:44:24 ----A---- C:\Windows\system32\msiexec.exe
2015-09-07 19:44:10 ----A---- C:\Windows\system32\typeperf.exe
2015-09-07 19:44:10 ----A---- C:\Windows\system32\tracerpt.exe
2015-09-07 19:44:10 ----A---- C:\Windows\system32\sechost.dll
2015-09-07 19:44:10 ----A---- C:\Windows\system32\relog.exe
2015-09-07 19:44:10 ----A---- C:\Windows\system32\logman.exe
2015-09-07 19:44:10 ----A---- C:\Windows\system32\diskperf.exe
2015-09-07 19:43:45 ----A---- C:\Windows\system32\sysmain.dll
2015-09-07 19:43:45 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-09-07 19:43:43 ----A---- C:\Windows\system32\msmmsp.dll
2015-09-07 19:43:30 ----A---- C:\Windows\system32\certcli.dll
2015-09-07 19:43:25 ----A---- C:\Windows\system32\shimeng.dll
2015-09-07 19:43:25 ----A---- C:\Windows\system32\sdbinst.exe
2015-09-07 19:43:25 ----A---- C:\Windows\system32\cewmdm.dll
2015-09-07 19:43:25 ----A---- C:\Windows\system32\apphelp.dll
2015-09-07 19:43:25 ----A---- C:\Windows\system32\aelupsvc.dll
2015-09-07 19:43:16 ----A---- C:\Windows\system32\basesrv.dll
2015-09-07 19:43:06 ----A---- C:\Windows\system32\shell32.dll
2015-09-07 19:42:50 ----A---- C:\Windows\system32\poqexec.exe
2015-09-07 19:42:48 ----A---- C:\Windows\system32\wmp.dll
2015-09-07 19:42:47 ----A---- C:\Windows\system32\wmploc.DLL
2015-09-07 19:42:47 ----A---- C:\Windows\system32\spwmp.dll
2015-09-07 19:42:47 ----A---- C:\Windows\system32\dxmasf.dll
2015-09-07 19:42:45 ----A---- C:\Windows\system32\ole32.dll
2015-09-07 19:42:44 ----A---- C:\Windows\system32\WebClnt.dll
2015-09-07 19:42:44 ----A---- C:\Windows\system32\davclnt.dll
2015-09-07 19:42:43 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-07 19:42:43 ----A---- C:\Windows\system32\kernel32.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-07 19:42:42 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-07 19:42:42 ----A---- C:\Windows\system32\winsrv.dll
2015-09-07 19:42:42 ----A---- C:\Windows\system32\conhost.exe
2015-09-07 19:42:39 ----A---- C:\Windows\system32\mstscax.dll
2015-09-07 19:42:38 ----A---- C:\Windows\system32\tsgqec.dll
2015-09-07 19:42:38 ----A---- C:\Windows\system32\aaclient.dll
2015-09-07 19:42:30 ----A---- C:\Windows\system32\gdi32.dll
2015-09-07 19:42:28 ----A---- C:\Windows\system32\notepad.exe
2015-09-07 19:42:28 ----A---- C:\Windows\notepad.exe
2015-09-07 19:42:27 ----A---- C:\Windows\system32\drivers\stream.sys
2015-09-07 19:42:25 ----A---- C:\Windows\system32\services.exe
2015-09-07 19:38:15 ----A---- C:\Windows\system32\comctl32.dll
2015-09-07 19:18:23 ----A---- C:\Windows\system32\drivers\hidparse.sys
2015-09-07 19:18:23 ----A---- C:\Windows\system32\drivers\hidclass.sys
2015-09-07 19:18:10 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2015-09-07 19:18:10 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-09-07 19:18:07 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2015-09-07 19:18:07 ----A---- C:\Windows\system32\credui.dll
2015-09-07 19:17:43 ----A---- C:\Windows\system32\drivers\usb8023.sys
2015-09-07 19:17:41 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-09-07 19:17:40 ----A---- C:\Windows\system32\dpnet.dll
2015-09-07 19:17:12 ----A---- C:\Windows\system32\msieftp.dll
2015-09-07 19:16:49 ----A---- C:\Windows\system32\drivers\fvevol.sys
2015-09-07 19:16:45 ----A---- C:\Windows\system32\pku2u.dll
2015-09-07 19:16:31 ----A---- C:\Windows\system32\imagehlp.dll
2015-09-07 19:16:29 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2015-09-07 19:16:29 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2015-09-07 19:16:28 ----A---- C:\Windows\system32\cdd.dll
2015-09-07 19:16:22 ----A---- C:\Windows\system32\wincredprovider.dll
2015-09-07 19:16:22 ----A---- C:\Windows\system32\objsel.dll
2015-09-07 19:16:22 ----A---- C:\Windows\system32\dpapiprovider.dll
2015-09-07 19:16:22 ----A---- C:\Windows\system32\dimsroam.dll
2015-09-07 19:16:22 ----A---- C:\Windows\system32\cngprovider.dll
2015-09-07 19:16:22 ----A---- C:\Windows\system32\capiprovider.dll
2015-09-07 19:16:22 ----A---- C:\Windows\system32\adprovider.dll
2015-09-07 19:16:09 ----A---- C:\Windows\system32\IMJP10K.DLL
2015-09-07 19:16:07 ----A---- C:\Windows\system32\wscript.exe
2015-09-07 19:16:07 ----A---- C:\Windows\system32\scrrun.dll
2015-09-07 19:16:07 ----A---- C:\Windows\system32\cscript.exe
2015-09-07 19:16:05 ----A---- C:\Windows\system32\OxpsConverter.exe
2015-09-07 19:15:32 ----A---- C:\Windows\system32\cryptdlg.dll
2015-09-07 19:15:15 ----A---- C:\Windows\system32\rastls.dll
2015-09-07 19:13:41 ----A---- C:\Windows\system32\wwansvc.dll
2015-09-07 19:13:41 ----A---- C:\Windows\system32\wwanprotdim.dll
2015-09-07 19:13:40 ----A---- C:\Windows\system32\clfsw32.dll
2015-09-07 19:13:40 ----A---- C:\Windows\system32\clfs.sys
2015-09-07 19:13:39 ----A---- C:\Windows\system32\win32spl.dll
2015-09-07 19:13:37 ----A---- C:\Windows\system32\scavengeui.dll
2015-09-07 19:13:29 ----A---- C:\Windows\system32\certutil.exe
2015-09-07 19:13:28 ----A---- C:\Windows\system32\certenc.dll
2015-09-07 19:12:58 ----A---- C:\Windows\system32\msctf.dll
2015-09-07 19:12:27 ----A---- C:\Windows\system32\iologmsg.dll
2015-09-07 19:12:27 ----A---- C:\Windows\system32\drivers\storport.sys
2015-09-07 19:12:27 ----A---- C:\Windows\system32\drivers\msiscsi.sys
2015-09-07 19:12:27 ----A---- C:\Windows\system32\drivers\Diskdump.sys
2015-09-07 19:12:19 ----A---- C:\Windows\system32\netevent.dll
2015-09-07 19:12:19 ----A---- C:\Windows\system32\netcorehc.dll
2015-09-07 19:12:19 ----A---- C:\Windows\system32\iphlpsvc.dll
2015-09-07 19:12:19 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2015-09-07 19:11:32 ----A---- C:\Windows\system32\cdosys.dll
2015-09-07 19:11:07 ----A---- C:\Windows\system32\osk.exe
2015-09-07 19:11:05 ----A---- C:\Windows\system32\EncDec.dll
2015-09-07 19:11:03 ----A---- C:\Windows\system32\netapi32.dll
2015-09-07 19:11:03 ----A---- C:\Windows\system32\browser.dll
2015-09-07 19:11:03 ----A---- C:\Windows\system32\browcli.dll
2015-09-07 19:10:45 ----A---- C:\Windows\system32\drivers\ntfs.sys
2015-09-07 19:10:43 ----A---- C:\Windows\system32\WMVDECOD.DLL
2015-09-07 19:10:39 ----A---- C:\Windows\system32\drivers\portcls.sys
2015-09-07 19:10:39 ----A---- C:\Windows\system32\drivers\drmk.sys
2015-09-07 19:09:59 ----A---- C:\Windows\system32\qedit.dll
2015-09-07 19:09:57 ----A---- C:\Windows\system32\TSWorkspace.dll
2015-09-07 19:09:49 ----A---- C:\Windows\system32\drivers\tcpip.sys
2015-09-07 19:09:49 ----A---- C:\Windows\system32\drivers\netio.sys
2015-09-07 19:09:49 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2015-09-07 19:09:41 ----A---- C:\Windows\system32\oleaut32.dll
2015-09-07 19:09:39 ----A---- C:\Windows\system32\drivers\afd.sys
2015-09-07 19:08:50 ----A---- C:\Windows\system32\mscorier.dll
2015-09-07 19:08:50 ----A---- C:\Windows\system32\dfshim.dll
2015-09-07 19:08:49 ----A---- C:\Windows\system32\mscories.dll
2015-09-07 19:08:42 ----A---- C:\Windows\system32\gameux.dll
2015-09-07 19:08:41 ----A---- C:\Windows\system32\Wpc.dll
2015-09-07 19:08:20 ----A---- C:\Windows\system32\profsvc.dll
2015-09-07 19:08:19 ----A---- C:\Windows\system32\packager.dll
2015-09-07 19:08:13 ----A---- C:\Windows\system32\webio.dll
2015-09-07 19:08:11 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-09-07 19:08:08 ----A---- C:\Windows\system32\msvcrt.dll
2015-09-07 18:54:16 ----A---- C:\Windows\system32\drivers\ngvss.sys
2015-09-07 18:53:42 ----A---- C:\Windows\system32\aswBoot.exe
2015-09-07 18:50:52 ----A---- C:\Windows\avastSS.scr
======List of files/folders modified in the last 1 month======
2015-09-09 17:02:28 ----D---- C:\Windows\Temp
2015-09-09 17:02:25 ----RD---- C:\Program Files
2015-09-09 17:01:26 ----D---- C:\Windows\System32
2015-09-09 17:01:26 ----D---- C:\Windows\inf
2015-09-09 17:01:26 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-09 16:57:25 ----D---- C:\Users\Mirek\AppData\Roaming\Software Informer
2015-09-09 16:55:50 ----D---- C:\Windows\winsxs
2015-09-09 16:55:34 ----D---- C:\Windows\system32\config
2015-09-09 16:52:57 ----D---- C:\Program Files\Windows Journal
2015-09-09 16:52:56 ----D---- C:\Windows\system32\en-US
2015-09-09 16:52:56 ----D---- C:\Windows\system32\drivers
2015-09-09 16:52:56 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 16:52:54 ----RSD---- C:\Windows\Fonts
2015-09-09 16:52:54 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 16:52:54 ----D---- C:\Program Files\Internet Explorer
2015-09-09 16:46:50 ----RSD---- C:\Windows\assembly
2015-09-09 16:46:50 ----D---- C:\Windows\Microsoft.NET
2015-09-09 16:43:14 ----SHD---- C:\Windows\Installer
2015-09-09 16:31:07 ----D---- C:\Windows\debug
2015-09-09 16:28:21 ----D---- C:\Windows\ehome
2015-09-09 16:27:32 ----SHD---- C:\System Volume Information
2015-09-09 16:23:55 ----D---- C:\Windows\system32\catroot2
2015-09-09 15:53:50 ----D---- C:\Windows\system32\wbem
2015-09-09 15:53:50 ----D---- C:\Windows\AppCompat
2015-09-09 15:53:50 ----D---- C:\Windows
2015-09-09 15:53:49 ----D---- C:\Windows\AppPatch
2015-09-09 15:53:47 ----D---- C:\Windows\tracing
2015-09-09 15:53:38 ----D---- C:\Windows\system32\DriverStore
2015-09-08 19:53:13 ----D---- C:\Users\Mirek\AppData\Roaming\Media Player Classic
2015-09-08 19:53:13 ----D---- C:\Users\Mirek\AppData\Roaming\Free Download Manager
2015-09-08 19:53:09 ----D---- C:\Windows\Panther
2015-09-08 19:53:09 ----D---- C:\Windows\ModemLogs
2015-09-08 19:53:07 ----D---- C:\Windows\Logs
2015-09-08 19:50:52 ----D---- C:\Windows\system32\Tasks
2015-09-08 19:48:29 ----D---- C:\Windows\SoftwareDistribution
2015-09-08 18:52:22 ----D---- C:\Windows\system32\LogFiles
2015-09-08 15:40:47 ----D---- C:\Program Files\Microsoft Silverlight
2015-09-08 15:21:18 ----D---- C:\Program Files\Common Files\System
2015-09-08 15:21:15 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-09-08 15:21:07 ----D---- C:\Windows\system32\AdvancedInstallers
2015-09-08 15:21:06 ----D---- C:\Windows\system32\migration
2015-09-08 15:21:01 ----D---- C:\Windows\system32\Dism
2015-09-08 15:20:59 ----SD---- C:\ProgramData\Microsoft
2015-09-08 15:20:44 ----D---- C:\Program Files\Windows Media Player
2015-09-08 15:20:34 ----D---- C:\Windows\system32\zh-HK
2015-09-08 15:20:34 ----D---- C:\Windows\system32\pt-PT
2015-09-08 15:20:34 ----D---- C:\Windows\system32\pt-BR
2015-09-08 15:20:34 ----D---- C:\Windows\system32\pl-PL
2015-09-08 15:20:34 ----D---- C:\Windows\system32\nl-NL
2015-09-08 15:20:34 ----D---- C:\Windows\system32\ko-KR
2015-09-08 15:20:34 ----D---- C:\Windows\system32\it-IT
2015-09-08 15:20:34 ----D---- C:\Windows\system32\hu-HU
2015-09-08 15:20:34 ----D---- C:\Windows\system32\fr-FR
2015-09-08 15:20:34 ----D---- C:\Windows\system32\el-GR
2015-09-08 15:20:33 ----D---- C:\Windows\system32\zh-TW
2015-09-08 15:20:33 ----D---- C:\Windows\system32\tr-TR
2015-09-08 15:20:33 ----D---- C:\Windows\system32\sv-SE
2015-09-08 15:20:33 ----D---- C:\Windows\system32\fi-FI
2015-09-08 15:20:33 ----D---- C:\Windows\system32\es-ES
2015-09-08 15:20:33 ----D---- C:\Windows\system32\de-DE
2015-09-08 15:20:32 ----D---- C:\Windows\system32\zh-CN
2015-09-08 15:20:32 ----D---- C:\Windows\system32\ru-RU
2015-09-08 15:20:32 ----D---- C:\Windows\system32\nb-NO
2015-09-08 15:20:32 ----D---- C:\Windows\system32\ja-JP
2015-09-08 15:20:32 ----D---- C:\Windows\system32\da-DK
2015-09-07 19:28:19 ----D---- C:\Windows\system32\NDF
2015-09-07 18:51:06 ----D---- C:\Windows\Tasks
2015-09-05 20:35:16 ----D---- C:\Users\Mirek\AppData\Roaming\Spyware Terminator
2015-09-05 20:35:16 ----D---- C:\Program Files\Spyware Terminator
2015-08-26 18:36:06 ----A---- C:\Windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-07 49776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-07 208664]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-09-07 95112]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-07 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-09-07 788784]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-09-07 433264]
R1 sp_rsdrv2;Spyware Terminator Driver 2; \??\C:\Windows\system32\drivers\sp_rsdrv2.sys [2011-10-13 142592]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-07 24016]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-07 76000]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-07 113592]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-18 12672]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-09-07 220752]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\XAudio32.sys [2009-04-29 8704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-10-05 1221632]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2009-02-12 980992]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2009-02-12 207360]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-06 2657120]
R3 nuvotoncir;Nuvoton IR Transceiver; C:\Windows\system32\DRIVERS\nuvotoncir.sys [2009-06-24 44544]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2009-06-02 17920]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-08-10 171520]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2009-02-12 661504]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\Windows\system32\DRIVERS\ewusbnet.sys [2009-06-29 112128]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-04-09 102784]
S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [2009-06-29 102912]
S3 iaStor;iaStor; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
S3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 25088]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-14 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-14 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-14 661504]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-07 146600]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 HsfXAudioService;HsfXAudioService; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-07-28 211488]
R2 VMCService;Vodafone Mobile Connect Service; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2009-07-03 9216]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-02 107848]
S2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files\Spyware Terminator\sp_rsser.exe []
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-09-07 3218624]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-02 107848]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 102912]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-07-03 1343400]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o kontrolu NB,díky
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím o kontrolu NB,díky
Zdravim 
Pouzivate Spyware Terminatora? Podle logu to vypada, ze byl odinstalovany, ale odinstalace se nejak nepovedla, stale tam visi. Pokud to tak je, odpalim ho skriptem.
Je jinak s pc nejaky konkretni problem, nebo jde ciste jen o prevenci?
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pouzivate Spyware Terminatora? Podle logu to vypada, ze byl odinstalovany, ale odinstalace se nejak nepovedla, stale tam visi. Pokud to tak je, odpalim ho skriptem. Je jinak s pc nejaky konkretni problem, nebo jde ciste jen o prevenci? Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosím o kontrolu NB,díky
díky, NB je příbuzných,mysleli si že je zavirovaný,zdál se jim zpomalený,přeinstalovat win se mi zatím nechce.ten spyware terminator bych dal pryč,níže lok z adwcleaneru:
# AdwCleaner v5.007 - Logfile created 11/09/2015 at 15:23:03
# Updated 08/09/2015 by Xplode
# Database : 2015-09-10.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Mirek - MIREK-ACER7530G
# Running from : C:\Users\Mirek\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : sp_rsdrv2
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Ask.com
[-] Folder Deleted : C:\Program Files\Crawler
[-] Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Files ] *****
[-] File Deleted : C:\Windows\system32\drivers\sp_rsdrv2.sys
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Nápověda pro lištu.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Více produktů Crawler.lnk
***** [ Scheduled tasks ] *****
[-] Task Deleted : Scheduled Update for Ask Toolbar
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
[-] Key Deleted : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7459F1D0-9FB6-4D71-AA7B-9DECB34EB704}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Key Deleted : HKCU\Software\Ask.com
[-] Key Deleted : HKCU\Software\CToolbar
[-] Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
[-] Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Key Deleted : HKLM\SOFTWARE\OpenCandy
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
[!] Key Not Deleted : HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Software\AppDataLow\Software\AskToolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[!] Key Not Deleted : HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[!] Key Not Deleted : HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6140 bytes] ##########
# AdwCleaner v5.007 - Logfile created 11/09/2015 at 15:23:03
# Updated 08/09/2015 by Xplode
# Database : 2015-09-10.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Mirek - MIREK-ACER7530G
# Running from : C:\Users\Mirek\Desktop\adwcleaner_5.007.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : sp_rsdrv2
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Ask.com
[-] Folder Deleted : C:\Program Files\Crawler
[-] Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Files ] *****
[-] File Deleted : C:\Windows\system32\drivers\sp_rsdrv2.sys
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Nápověda pro lištu.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta\Více produktů Crawler.lnk
***** [ Scheduled tasks ] *****
[-] Task Deleted : Scheduled Update for Ask Toolbar
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Crawler Search
[-] Key Deleted : HKLM\SOFTWARE\Classes\ctbcommon.Buttons
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Client
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Script
[-] Key Deleted : HKLM\SOFTWARE\Classes\CToolbar.TB4Server
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\Crawler
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{183643C8-EE67-4574-9A38-927852E34163}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1DDA201E-5B42-4352-933E-21A92B297E3B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{54ECA872-DB2A-4C6B-BBB2-F3777C6786CC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DBDB6FAA-1F5F-4A18-B60B-7A905C7FF83F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01C78433-6FDF-4E5A-A82D-B535C32E03DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41349826-5C7F-4BF0-8279-5DAF1DE6E9AE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{604EA016-1EDE-41E6-A23E-76CF8F2A4808}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3BA5582-79A9-464D-A7FA-711C5888C6E9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E9BBD270-4B87-4EE2-912F-6635674986C0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{04006843-5199-4CE4-B3CD-8092CC91706E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{506F578A-91E1-46CE-830F-E2F4268E9966}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79BB61D-7F1A-41DF-8AD0-402795E3B566}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7459F1D0-9FB6-4D71-AA7B-9DECB34EB704}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF1B8D2-9A06-4174-A8B5-E38606DDB92B}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Key Deleted : HKCU\Software\Ask.com
[-] Key Deleted : HKCU\Software\CToolbar
[-] Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
[-] Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Key Deleted : HKLM\SOFTWARE\OpenCandy
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CToolbar_UNINSTALL
[!] Key Not Deleted : HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Software\AppDataLow\Software\AskToolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
[!] Key Not Deleted : HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
[!] Key Not Deleted : HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
***** [ Web browsers ] *****
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6140 bytes] ##########
Re: prosím o kontrolu NB,díky
Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosím o kontrolu NB,díky
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x86)
Date : 2015/09/12 7:24:29
-- Controller Map ----------------------------------------------------------
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
+ ATA Channel 0 (0)
- Hitachi HTS543232L9A300 ATA Device
- ATA Channel 1 (1)
+ ATA Channel 2 (2)
- TSSTcorp CDDVDW TS-L633A ATA Device
- ATA Channel 3 (3)
- ATA Channel 4 (4)
- ATA Channel 5 (5)
-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS543232L9A300 : 320,0 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) Hitachi HTS543232L9A300
----------------------------------------------------------------------------
Model : Hitachi HTS543232L9A300
Firmware : FB4OC40C
Serial Number : 081012FB2406LECGXE2C
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 7114 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3f
Transfer Mode : SATA/300
Power On Hours : 924 hod.
Power On Count : 330 krát
Temparature : 30 C (86 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 253 253 _33 000400000000 Čas na roztočení ploten
04 100 100 __0 00000000014B Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _98 _98 __0 00000000039C Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000014A Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000000F Počet vypnutí disku
C1 100 100 __0 000000001E8D Počet cyklů načítání/vymazání
C2 183 183 __0 00300011001E Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 3038 3130 3132 4642 3234 4C45 4C45 4347 5845 3243
020: 0003 3795 0004 4642 344F 3043 3043 4869 7461 6368
030: 6920 4854 5335 3433 3233 3941 3941 3330 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 0F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1706 1706 0000 005E 0040
080: 01FC 0042 746B 7F69 6163 BC49 BC49 6163 407F 003F
090: 0040 4080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 8848 5000 CCA5
110: 64C6 C7E3 0000 0000 0000 0000 0000 0000 0000 4014
120: 4014 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4001 0000
150: 8000 0000 344F 0000 0000 8364 8364 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 90A5
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium Edition SP1 [6.1 Build 7601] (x86)
Date : 2015/09/12 7:24:29
-- Controller Map ----------------------------------------------------------
+ Standardní řadič AHCI 1.0 s rozhraním Serial ATA [ATA]
+ ATA Channel 0 (0)
- Hitachi HTS543232L9A300 ATA Device
- ATA Channel 1 (1)
+ ATA Channel 2 (2)
- TSSTcorp CDDVDW TS-L633A ATA Device
- ATA Channel 3 (3)
- ATA Channel 4 (4)
- ATA Channel 5 (5)
-- Disk List ---------------------------------------------------------------
(1) Hitachi HTS543232L9A300 : 320,0 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) Hitachi HTS543232L9A300
----------------------------------------------------------------------------
Model : Hitachi HTS543232L9A300
Firmware : FB4OC40C
Serial Number : 081012FB2406LECGXE2C
Disk Size : 320,0 GB (8,4/137,4/320,0)
Buffer Size : 7114 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 3f
Transfer Mode : SATA/300
Power On Hours : 924 hod.
Power On Count : 330 krát
Temparature : 30 C (86 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 4080h [ON]
AAM Level : 80FEh [OFF]
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _62 000000000000 Počet chyb čtení
02 100 100 _40 000000000000 Průchodnost disku
03 253 253 _33 000400000000 Čas na roztočení ploten
04 100 100 __0 00000000014B Počet spuštění/zastavení
05 100 100 __5 000000000000 Počet přemapovaných sektorů
07 100 100 _67 000000000000 Počet chybných hledání
08 100 100 _40 000000000000 Čas potřebný na vyhledání
09 _98 _98 __0 00000000039C Hodin v činnosti
0A 100 100 _60 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 00000000014A Počet cyklů zapnutí zařízení
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000000F Počet vypnutí disku
C1 100 100 __0 000000001E8D Počet cyklů načítání/vymazání
C2 183 183 __0 00300011001E Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
DF 100 100 __0 000000000000 Zatížení budiče magnetických hlav způsobené opakovanými úkony
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 045A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 3038 3130 3132 4642 3234 4C45 4C45 4347 5845 3243
020: 0003 3795 0004 4642 344F 3043 3043 4869 7461 6368
030: 6920 4854 5335 3433 3233 3941 3941 3330 3020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 0F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 1706 1706 0000 005E 0040
080: 01FC 0042 746B 7F69 6163 BC49 BC49 6163 407F 003F
090: 0040 4080 FFFE 0000 80FE 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 0000 8848 5000 CCA5
110: 64C6 C7E3 0000 0000 0000 0000 0000 0000 0000 4014
120: 4014 0000 0000 0000 0000 0000 0000 0000 0029 000B
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 4001 0000
150: 8000 0000 344F 0000 0000 8364 8364 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 003D 003D 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0021 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 90A5
Re: prosím o kontrolu NB,díky
scan MBAM: Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 12.9.2015
Čas skenování: 7:29
Protokol: scan mbam.txt
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.12.01
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Mirek
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 298375
Uplynulý čas: 16 min, 49 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 12.9.2015
Čas skenování: 7:29
Protokol: scan mbam.txt
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.12.01
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Mirek
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 298375
Uplynulý čas: 16 min, 49 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: prosím o kontrolu NB,díky
u MBAM ještě jedu vlastní scan všech disků,jsem zapomněl:D
Re: prosím o kontrolu NB,díky
jo jo. Sken hrozeb neprohlizi cely pocitac, proto chci vlastni sken 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosím o kontrolu NB,díky
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 12.9.2015
Čas skenování: 7:49
Protokol: mbam.txt
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.12.01
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Mirek
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 501317
Uplynulý čas: 3 hod, 13 min, 0 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
RiskWare.Tool.HCK, D:\Fleška\CORSAIR\Ahead.Nero.v7.5.7.0.Multilingual.Incl.Keymaker-EMBRACE\keygen.exe, , [00013df2ccbf2115ed31cd63a9595ea2],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 12.9.2015
Čas skenování: 7:49
Protokol: mbam.txt
Správce: Ano
Verze: 2.1.8.1057
Databáze malwaru: v2015.09.12.01
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x86
Souborový systém: NTFS
Uživatel: Mirek
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 501317
Uplynulý čas: 3 hod, 13 min, 0 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
RiskWare.Tool.HCK, D:\Fleška\CORSAIR\Ahead.Nero.v7.5.7.0.Multilingual.Incl.Keymaker-EMBRACE\keygen.exe, , [00013df2ccbf2115ed31cd63a9595ea2],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: prosím o kontrolu NB,díky
No, s tim crackem si nalozte podle sveho uvazeni. Nikdo vam nerekne, zda je oznacen jen z principu, nebo ma v sobe i nejaky ten nechteny pridavek.
Pak muzete MBAM odinstalovat.
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
Pak muzete MBAM odinstalovat.
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosím o kontrolu NB,díky
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:12-09-2015
Ran by Mirek (administrator) on MIREK-ACER7530G (13-09-2015 10:24:06)
Running from C:\Users\Mirek\Desktop
Loaded Profiles: Mirek (Available Profiles: Mirek)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Opera\Opera.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp.) C:\Users\Mirek\AppData\Local\Temp\RtkBtMnt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Mirek\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7600672 2009-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MobileConnect] => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2328576 2009-07-03] (Vodafone)
HKLM\...\Run: [SpywareTerminator] => "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-09-07] (AVAST Software)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [2859077 2011-03-22] (Informer Technologies, Inc.)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [fsm] => [X]
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [SpywareTerminatorUpdate] => "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-09-07] (AVAST Software)
Startup: C:\Users\Mirek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-07-14]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{02645EE4-FFE3-43E6-95A0-F2488E8FD017}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3A9C4F4B-E9A6-4990-9BEF-D855C25ECC55}: [DhcpNameServer] 217.77.165.81 217.77.161.131
Tcpip\..\Interfaces\{4E22D9A6-C3AE-4C7F-9A3A-DB7C65EC9AC8}: [DhcpNameServer] 192.168.20.20
Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-07] (AVAST Software)
BHO: FDMIECookiesBHO Class -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-03] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2011-07-03] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2011-07-12] (Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2010-12-02] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-04] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-07] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-03]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-01]
CHR Extension: (Dokumenty Google) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-01]
CHR Extension: (Disk Google) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-01]
CHR Extension: (YouTube) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-01]
CHR Extension: (Gmail) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-02]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-07] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-09-07] (Avast Software)
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-07-03] (Vodafone) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 sp_rssrv; "C:\Program Files\Spyware Terminator\sp_rsser.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-09-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-09-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-09-07] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-09-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-09-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-09-07] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-09-07] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-09-07] (AVAST Software)
S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [102912 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-09-07] (AVAST Software)
R3 nuvotoncir; C:\Windows\System32\DRIVERS\nuvotoncir.sys [44544 2009-06-24] (Nuvoton Technology Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-09-07] (Avast Software)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-13 10:24 - 2015-09-13 10:24 - 00010958 _____ C:\Users\Mirek\Desktop\FRST.txt
2015-09-13 10:21 - 2015-09-13 10:24 - 00000000 ____D C:\FRST
2015-09-13 10:21 - 2015-09-13 10:21 - 01692160 _____ (Farbar) C:\Users\Mirek\Desktop\FRST.exe
2015-09-13 10:20 - 2015-09-13 10:20 - 00112640 _____ (forum.viry.cz) C:\Users\Mirek\Desktop\FRSTLauncher.exe
2015-09-12 16:38 - 2015-09-12 16:38 - 00001262 _____ C:\mbam.txt
2015-09-12 08:02 - 2015-09-12 08:02 - 00000000 ____D C:\Users\Mirek\AppData\Local\GWX
2015-09-12 07:47 - 2015-09-12 07:47 - 00001153 _____ C:\scan mbam.txt
2015-09-12 07:28 - 2015-09-12 07:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-12 07:26 - 2015-09-12 07:26 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Mirek\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-12 07:20 - 2015-09-12 07:24 - 00000000 ____D C:\Users\Mirek\Downloads\CrystalDiskInfo5_0_0
2015-09-12 07:19 - 2015-09-12 07:19 - 01496172 _____ C:\Users\Mirek\Downloads\CrystalDiskInfo5_0_0.zip
2015-09-11 15:20 - 2015-09-11 15:20 - 01660416 _____ C:\Users\Mirek\Desktop\adwcleaner_5.007.exe
2015-09-10 19:54 - 2015-09-11 15:23 - 00000000 ____D C:\AdwCleaner
2015-09-09 17:06 - 2015-09-10 19:52 - 00000000 ___SD C:\Windows\system32\GWX
2015-09-09 17:02 - 2015-09-09 17:02 - 00000000 ____D C:\rsit
2015-09-09 17:02 - 2015-09-09 17:02 - 00000000 ____D C:\Program Files\trend micro
2015-09-09 17:01 - 2015-09-09 17:01 - 01107968 _____ C:\Users\Mirek\Downloads\RSIT.exe
2015-09-09 16:44 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-09-09 16:29 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 02953728 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 16:26 - 2015-08-26 19:55 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 16:26 - 2015-08-26 19:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 16:26 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 16:26 - 2015-08-26 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 16:26 - 2015-08-04 19:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 16:26 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 16:26 - 2015-08-04 19:47 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 16:26 - 2015-08-04 19:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 16:26 - 2015-08-04 19:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 16:26 - 2015-08-04 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-09 16:26 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-09-09 16:26 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 16:26 - 2015-07-22 19:57 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-09 16:26 - 2015-07-22 19:57 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-09 16:26 - 2015-07-22 19:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-09 16:26 - 2015-07-22 19:52 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 16:26 - 2015-07-22 19:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 16:26 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-09 16:26 - 2015-07-22 19:52 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-09 16:26 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-09 16:26 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-09 16:26 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-09 16:26 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 16:26 - 2015-07-22 18:38 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 16:26 - 2015-07-22 18:34 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-09 16:26 - 2015-07-22 18:34 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-09 16:26 - 2015-07-22 18:33 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-09 16:26 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-09-09 16:26 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-09-09 16:26 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-09-09 16:26 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-09-09 16:26 - 2014-07-09 03:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-09-09 16:26 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-09-09 16:25 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 16:25 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 16:25 - 2015-09-02 04:48 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 16:25 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 16:25 - 2015-09-02 03:36 - 02384896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 16:25 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 16:25 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 16:25 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 16:25 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 16:25 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 16:25 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 16:25 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 16:25 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 16:25 - 2015-08-15 07:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 16:25 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 16:25 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 16:25 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 16:25 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 16:25 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 16:25 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 16:25 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 16:25 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 16:25 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 16:25 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 16:25 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 16:25 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 16:25 - 2015-08-15 07:29 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 16:25 - 2015-08-15 07:24 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 16:25 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 16:25 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 16:25 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 16:25 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 16:25 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 16:25 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 16:25 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 16:25 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 16:25 - 2015-08-15 07:02 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 16:25 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 16:25 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 16:25 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 16:25 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 16:25 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 16:25 - 2015-08-05 19:41 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 16:25 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 16:25 - 2015-08-05 19:40 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-09 16:25 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 16:25 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 16:25 - 2015-06-25 11:48 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 16:25 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 16:25 - 2015-06-25 11:44 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 16:25 - 2012-02-11 07:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-09-09 16:19 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 15:53 - 2015-09-09 15:53 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-09 15:53 - 2015-09-09 15:53 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-08 19:57 - 2015-09-12 07:15 - 00000504 _____ C:\Windows\setupact.log
2015-09-08 19:57 - 2015-09-08 19:57 - 00000000 _____ C:\Windows\setuperr.log
2015-09-08 19:50 - 2015-09-08 19:50 - 00000973 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-08 19:50 - 2015-09-08 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-08 19:50 - 2015-09-08 19:50 - 00000000 ____D C:\Program Files\CCleaner
2015-09-08 19:49 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-08 19:49 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-08 19:49 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-08 19:49 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-09-08 19:49 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-09-08 19:47 - 2015-09-08 19:48 - 06667640 _____ (Piriform Ltd) C:\Users\Mirek\Downloads\ccsetup509.exe
2015-09-07 21:19 - 2015-01-09 01:44 - 00419936 _____ C:\Windows\system32\locale.nls
2015-09-07 21:08 - 2015-09-09 16:39 - 00000000 ____D C:\Windows\system32\MRT
2015-09-07 20:22 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-09-07 20:22 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-09-07 20:22 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-09-07 20:22 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-09-07 20:07 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-09-07 20:07 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-09-07 20:07 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-09-07 19:54 - 2015-09-07 19:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-09-07 19:54 - 2015-09-07 19:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-09-07 19:53 - 2015-09-07 19:53 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-09-07 19:48 - 2015-09-07 19:48 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-09-07 19:44 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-07 19:44 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-07 19:44 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-07 19:44 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-07 19:44 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-07 19:44 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-07 19:44 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-07 19:44 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-07 19:44 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-09-07 19:44 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-09-07 19:44 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-09-07 19:44 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-09-07 19:44 - 2015-06-03 22:17 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-09-07 19:44 - 2015-06-03 22:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-09-07 19:44 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-09-07 19:44 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-09-07 19:44 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-09-07 19:44 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-09-07 19:44 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-09-07 19:44 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-09-07 19:44 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-09-07 19:44 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-09-07 19:44 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-09-07 19:44 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-09-07 19:44 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-09-07 19:43 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-07 19:43 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-07 19:43 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-07 19:43 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-07 19:43 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-07 19:43 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-09-07 19:43 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-09-07 19:43 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-09-07 19:43 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-09-07 19:43 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-09-07 19:43 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-09-07 19:42 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-07 19:42 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-07 19:42 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-09-07 19:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-07 19:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-07 19:42 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-09-07 19:42 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-07 19:42 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-07 19:42 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-07 19:42 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-07 19:42 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-07 19:42 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-07 19:42 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-07 19:42 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-07 19:42 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-09-07 19:42 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-09-07 19:42 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-09-07 19:42 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-09-07 19:42 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-09-07 19:42 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-09-07 19:42 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-09-07 19:42 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-09-07 19:38 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-09-07 19:18 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-09-07 19:18 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-09-07 19:18 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-09-07 19:18 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-09-07 19:18 - 2012-08-22 19:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-09-07 19:18 - 2012-07-04 21:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-09-07 19:17 - 2014-11-11 03:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-09-07 19:17 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-09-07 19:17 - 2013-02-12 05:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-09-07 19:17 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-09-07 19:16 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-09-07 19:16 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-09-07 19:16 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-09-07 19:16 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-09-07 19:16 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-09-07 19:16 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-09-07 19:16 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-09-07 19:16 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-09-07 19:16 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-09-07 19:16 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-09-07 19:16 - 2013-01-24 06:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-09-07 19:16 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-09-07 19:15 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-09-07 19:15 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-09-07 19:15 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-09-07 19:13 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-09-07 19:13 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-09-07 19:13 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-09-07 19:13 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-09-07 19:13 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-09-07 19:13 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-09-07 19:13 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-09-07 19:13 - 2013-03-19 05:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-09-07 19:12 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-09-07 19:12 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-09-07 19:12 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-09-07 19:12 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-09-07 19:12 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-09-07 19:12 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-09-07 19:12 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-09-07 19:12 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-09-07 19:12 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-09-07 19:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-09-07 19:11 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-09-07 19:11 - 2012-07-04 23:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-09-07 19:11 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-09-07 19:11 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-09-07 19:11 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-09-07 19:10 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-09-07 19:10 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-09-07 19:10 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-09-07 19:10 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-09-07 19:09 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-09-07 19:09 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-09-07 19:09 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-09-07 19:09 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-09-07 19:09 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-09-07 19:09 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-09-07 19:09 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-09-07 19:08 - 2014-12-19 04:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-07 19:08 - 2014-12-11 19:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-09-07 19:08 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-09-07 19:08 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-09-07 19:08 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-09-07 19:08 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-09-07 19:08 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-09-07 19:08 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-09-07 19:08 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-09-07 19:08 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-09-07 19:08 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-09-07 18:54 - 2015-09-07 18:49 - 00095112 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-09-07 18:53 - 2015-09-07 18:50 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-07 18:50 - 2015-09-07 18:50 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-13 10:21 - 2011-07-01 12:01 - 01585025 _____ C:\Windows\WindowsUpdate.log
2015-09-13 10:19 - 2011-07-03 14:07 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-13 10:18 - 2009-07-14 06:34 - 00014832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-13 10:18 - 2009-07-14 06:34 - 00014832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-13 10:11 - 2011-07-12 10:40 - 00000000 ____D C:\Users\Mirek\AppData\Roaming\Software Informer
2015-09-13 10:11 - 2011-07-03 14:07 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-12 07:54 - 2011-07-03 14:07 - 00000000 ____D C:\Users\Mirek\AppData\Local\Google
2015-09-12 07:20 - 2011-07-01 12:27 - 01470062 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-12 07:15 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-11 15:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-09-11 15:23 - 2011-10-13 11:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta
2015-09-10 20:11 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2015-09-10 20:01 - 2015-05-02 23:03 - 00002133 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-09 16:55 - 2009-07-14 06:33 - 00294960 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 16:52 - 2009-07-14 11:20 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 16:46 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-09 15:53 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2015-09-08 19:53 - 2011-07-21 14:49 - 00000000 ____D C:\Users\Mirek\AppData\Roaming\Media Player Classic
2015-09-08 19:53 - 2011-07-12 10:40 - 00000000 ____D C:\Users\Mirek\AppData\Roaming\Free Download Manager
2015-09-08 19:53 - 2011-07-01 12:56 - 00000000 ____D C:\Windows\Panther
2015-09-08 18:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles
2015-09-08 18:50 - 2011-07-01 12:55 - 00064528 _____ C:\Users\Mirek\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-08 15:40 - 2011-10-15 15:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-08 15:21 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-09-08 15:21 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-09-07 22:00 - 2011-10-15 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-07 19:28 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-09-07 18:51 - 2015-05-02 22:01 - 00113592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-09-07 18:51 - 2015-05-02 22:01 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-07 18:51 - 2015-05-02 21:55 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-07 18:51 - 2015-05-02 21:55 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-09-07 18:51 - 2015-05-02 21:55 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-07 18:51 - 2011-07-03 14:07 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-07 18:51 - 2011-07-03 14:07 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-07 18:49 - 2011-07-03 14:07 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-09-05 20:35 - 2011-10-13 11:51 - 00000000 ____D C:\Users\Mirek\AppData\Roaming\Spyware Terminator
2015-09-05 20:35 - 2011-10-13 11:51 - 00000000 ____D C:\Program Files\Spyware Terminator
2015-08-26 18:36 - 2011-07-03 16:10 - 132039072 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2011-07-12 14:48 - 2014-04-19 10:05 - 0067072 _____ () C:\Users\Mirek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-06-16 13:25 - 2009-06-16 13:25 - 0121512 ____R () C:\ProgramData\DeviceManager.xml.rc4
Some files in TEMP:
====================
C:\Users\Mirek\AppData\Local\Temp\ixcahl-y.dll
C:\Users\Mirek\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Mirek\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Mirek\Desktop" je 5178 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Mirek (administrator) on MIREK-ACER7530G (13-09-2015 10:24:06)
Running from C:\Users\Mirek\Desktop
Loaded Profiles: Mirek (Available Profiles: Mirek)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Opera\Opera.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Vodafone) C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp.) C:\Users\Mirek\AppData\Local\Temp\RtkBtMnt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Mirek\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7600672 2009-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [MobileConnect] => C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2328576 2009-07-03] (Vodafone)
HKLM\...\Run: [SpywareTerminator] => "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-09-07] (AVAST Software)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [2859077 2011-03-22] (Informer Technologies, Inc.)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [fsm] => [X]
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [SpywareTerminatorUpdate] => "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-09-07] (AVAST Software)
Startup: C:\Users\Mirek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-07-14]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{02645EE4-FFE3-43E6-95A0-F2488E8FD017}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3A9C4F4B-E9A6-4990-9BEF-D855C25ECC55}: [DhcpNameServer] 217.77.165.81 217.77.161.131
Tcpip\..\Interfaces\{4E22D9A6-C3AE-4C7F-9A3A-DB7C65EC9AC8}: [DhcpNameServer] 192.168.20.20
Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-07] (AVAST Software)
BHO: FDMIECookiesBHO Class -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files\Free Download Manager\iefdm2.dll [2008-12-30] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-03] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [2011-07-03] ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2011-07-12] (Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2010-12-02] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-05-04] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-07] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-07-03]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-01]
CHR Extension: (Dokumenty Google) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-01]
CHR Extension: (Disk Google) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-01]
CHR Extension: (YouTube) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-01]
CHR Extension: (Gmail) - C:\Users\Mirek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-01]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-02]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-07] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3218624 2015-09-07] (Avast Software)
R2 VMCService; C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-07-03] (Vodafone) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 sp_rssrv; "C:\Program Files\Spyware Terminator\sp_rsser.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-09-07] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [76000 2015-09-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-09-07] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-09-07] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [788784 2015-09-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433264 2015-09-07] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [113592 2015-09-07] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [208664 2015-09-07] (AVAST Software)
S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [102912 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R0 ngvss; C:\Windows\system32\Drivers\ngvss.sys [95112 2015-09-07] (AVAST Software)
R3 nuvotoncir; C:\Windows\System32\DRIVERS\nuvotoncir.sys [44544 2009-06-24] (Nuvoton Technology Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-09-07] (Avast Software)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-13 10:24 - 2015-09-13 10:24 - 00010958 _____ C:\Users\Mirek\Desktop\FRST.txt
2015-09-13 10:21 - 2015-09-13 10:24 - 00000000 ____D C:\FRST
2015-09-13 10:21 - 2015-09-13 10:21 - 01692160 _____ (Farbar) C:\Users\Mirek\Desktop\FRST.exe
2015-09-13 10:20 - 2015-09-13 10:20 - 00112640 _____ (forum.viry.cz) C:\Users\Mirek\Desktop\FRSTLauncher.exe
2015-09-12 16:38 - 2015-09-12 16:38 - 00001262 _____ C:\mbam.txt
2015-09-12 08:02 - 2015-09-12 08:02 - 00000000 ____D C:\Users\Mirek\AppData\Local\GWX
2015-09-12 07:47 - 2015-09-12 07:47 - 00001153 _____ C:\scan mbam.txt
2015-09-12 07:28 - 2015-09-12 07:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-12 07:26 - 2015-09-12 07:26 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Mirek\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-12 07:20 - 2015-09-12 07:24 - 00000000 ____D C:\Users\Mirek\Downloads\CrystalDiskInfo5_0_0
2015-09-12 07:19 - 2015-09-12 07:19 - 01496172 _____ C:\Users\Mirek\Downloads\CrystalDiskInfo5_0_0.zip
2015-09-11 15:20 - 2015-09-11 15:20 - 01660416 _____ C:\Users\Mirek\Desktop\adwcleaner_5.007.exe
2015-09-10 19:54 - 2015-09-11 15:23 - 00000000 ____D C:\AdwCleaner
2015-09-09 17:06 - 2015-09-10 19:52 - 00000000 ___SD C:\Windows\system32\GWX
2015-09-09 17:02 - 2015-09-09 17:02 - 00000000 ____D C:\rsit
2015-09-09 17:02 - 2015-09-09 17:02 - 00000000 ____D C:\Program Files\trend micro
2015-09-09 17:01 - 2015-09-09 17:01 - 01107968 _____ C:\Users\Mirek\Downloads\RSIT.exe
2015-09-09 16:44 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-09-09 16:29 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 02953728 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 16:26 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 16:26 - 2015-08-26 19:55 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 16:26 - 2015-08-26 19:55 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 16:26 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 16:26 - 2015-08-26 19:55 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 16:26 - 2015-08-04 19:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 16:26 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 16:26 - 2015-08-04 19:47 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 16:26 - 2015-08-04 19:46 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 16:26 - 2015-08-04 19:46 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 16:26 - 2015-08-04 18:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-09 16:26 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-09-09 16:26 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 16:26 - 2015-07-22 19:57 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-09 16:26 - 2015-07-22 19:57 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-09 16:26 - 2015-07-22 19:54 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-09 16:26 - 2015-07-22 19:53 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-09 16:26 - 2015-07-22 19:52 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 16:26 - 2015-07-22 19:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 16:26 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-09 16:26 - 2015-07-22 19:52 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-09 16:26 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-09 16:26 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-09 16:26 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-09 16:26 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 16:26 - 2015-07-22 18:38 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 16:26 - 2015-07-22 18:34 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-09 16:26 - 2015-07-22 18:34 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-09 16:26 - 2015-07-22 18:33 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-09 16:26 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-09-09 16:26 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-09-09 16:26 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-09-09 16:26 - 2014-07-09 03:29 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-09-09 16:26 - 2014-07-09 03:29 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-09-09 16:26 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-09-09 16:25 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 16:25 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 16:25 - 2015-09-02 04:48 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 16:25 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 16:25 - 2015-09-02 03:36 - 02384896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 16:25 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 16:25 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 16:25 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 16:25 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 16:25 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 16:25 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 16:25 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 16:25 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 16:25 - 2015-08-15 07:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 16:25 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 16:25 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 16:25 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 16:25 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 16:25 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 16:25 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 16:25 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 16:25 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 16:25 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 16:25 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 16:25 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 16:25 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 16:25 - 2015-08-15 07:29 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 16:25 - 2015-08-15 07:24 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 16:25 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 16:25 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 16:25 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 16:25 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 16:25 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 16:25 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 16:25 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 16:25 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 16:25 - 2015-08-15 07:02 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 16:25 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 16:25 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 16:25 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 16:25 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 16:25 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 16:25 - 2015-08-05 19:41 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 16:25 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 16:25 - 2015-08-05 19:40 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-09 16:25 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 16:25 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 16:25 - 2015-06-25 11:48 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 16:25 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 16:25 - 2015-06-25 11:44 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 16:25 - 2012-02-11 07:37 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-09-09 16:19 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 15:53 - 2015-09-09 15:53 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-09-09 15:53 - 2015-09-09 15:53 - 00000000 ____D C:\Windows\system32\appraiser
2015-09-08 19:57 - 2015-09-12 07:15 - 00000504 _____ C:\Windows\setupact.log
2015-09-08 19:57 - 2015-09-08 19:57 - 00000000 _____ C:\Windows\setuperr.log
2015-09-08 19:50 - 2015-09-08 19:50 - 00000973 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-09-08 19:50 - 2015-09-08 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-09-08 19:50 - 2015-09-08 19:50 - 00000000 ____D C:\Program Files\CCleaner
2015-09-08 19:49 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-09-08 19:49 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-09-08 19:49 - 2015-07-30 19:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-09-08 19:49 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-09-08 19:49 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-09-08 19:47 - 2015-09-08 19:48 - 06667640 _____ (Piriform Ltd) C:\Users\Mirek\Downloads\ccsetup509.exe
2015-09-07 21:19 - 2015-01-09 01:44 - 00419936 _____ C:\Windows\system32\locale.nls
2015-09-07 21:08 - 2015-09-09 16:39 - 00000000 ____D C:\Windows\system32\MRT
2015-09-07 20:22 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-09-07 20:22 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-09-07 20:22 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-09-07 20:22 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-09-07 20:07 - 2015-01-09 04:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-09-07 20:07 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-09-07 20:07 - 2015-01-09 04:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-09-07 19:54 - 2015-09-07 19:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-09-07 19:54 - 2015-09-07 19:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-09-07 19:54 - 2015-09-07 19:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-09-07 19:54 - 2015-09-07 19:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-09-07 19:53 - 2015-09-07 19:53 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-09-07 19:51 - 2015-09-07 19:51 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-09-07 19:48 - 2015-09-07 19:48 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-09-07 19:44 - 2015-07-28 22:04 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-09-07 19:44 - 2015-07-28 22:00 - 00952832 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-09-07 19:44 - 2015-07-28 22:00 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-09-07 19:44 - 2015-07-28 22:00 - 00598528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-09-07 19:44 - 2015-07-28 22:00 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-09-07 19:44 - 2015-07-28 22:00 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-09-07 19:44 - 2015-07-28 22:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-09-07 19:44 - 2015-07-28 21:54 - 00934400 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-09-07 19:44 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-09-07 19:44 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-09-07 19:44 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-09-07 19:44 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-09-07 19:44 - 2015-06-03 22:17 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-09-07 19:44 - 2015-06-03 22:17 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-09-07 19:44 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-09-07 19:44 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-09-07 19:44 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-09-07 19:44 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-09-07 19:44 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-09-07 19:44 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-09-07 19:44 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-09-07 19:44 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-09-07 19:44 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-09-07 19:44 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-09-07 19:44 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-09-07 19:43 - 2015-07-15 19:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-09-07 19:43 - 2015-07-15 19:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-09-07 19:43 - 2015-07-15 19:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-09-07 19:43 - 2015-07-15 04:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-09-07 19:43 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-09-07 19:43 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-09-07 19:43 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-09-07 19:43 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-09-07 19:43 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-09-07 19:43 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-09-07 19:43 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-09-07 19:42 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-09-07 19:42 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-09-07 19:42 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-09-07 19:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-09-07 19:42 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-09-07 19:42 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-09-07 19:42 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-09-07 19:42 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-09-07 19:42 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-09-07 19:42 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-07 19:42 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-07 19:42 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-07 19:42 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-07 19:42 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-07 19:42 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-07 19:42 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-09-07 19:42 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-09-07 19:42 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-09-07 19:42 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-09-07 19:42 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-09-07 19:42 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-09-07 19:42 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-09-07 19:42 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-09-07 19:38 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-09-07 19:18 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-09-07 19:18 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-09-07 19:18 - 2013-07-03 05:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-09-07 19:18 - 2013-07-03 05:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-09-07 19:18 - 2012-08-22 19:16 - 00712048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-09-07 19:18 - 2012-07-04 21:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-09-07 19:17 - 2014-11-11 03:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-09-07 19:17 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-09-07 19:17 - 2013-02-12 05:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-09-07 19:17 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-09-07 19:16 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-09-07 19:16 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-09-07 19:16 - 2014-06-16 03:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-09-07 19:16 - 2014-06-16 03:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-09-07 19:16 - 2014-06-16 03:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-09-07 19:16 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-09-07 19:16 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-09-07 19:16 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-09-07 19:16 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-09-07 19:16 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-09-07 19:16 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-09-07 19:16 - 2013-01-24 06:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-09-07 19:16 - 2012-08-21 22:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-09-07 19:15 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-09-07 19:15 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-09-07 19:15 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-09-07 19:13 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-09-07 19:13 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-09-07 19:13 - 2014-01-28 04:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-09-07 19:13 - 2013-08-28 02:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-09-07 19:13 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-09-07 19:13 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-09-07 19:13 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-09-07 19:13 - 2013-03-19 05:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-09-07 19:12 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-09-07 19:12 - 2014-02-04 04:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-09-07 19:12 - 2014-02-04 04:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-09-07 19:12 - 2014-02-04 04:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-09-07 19:12 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-09-07 19:12 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-09-07 19:12 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-09-07 19:12 - 2012-10-03 18:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-09-07 19:12 - 2012-10-03 17:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-09-07 19:11 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-09-07 19:11 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-09-07 19:11 - 2012-07-04 23:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-09-07 19:11 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-09-07 19:11 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-09-07 19:11 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-09-07 19:10 - 2014-01-24 04:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-09-07 19:10 - 2013-10-04 03:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-09-07 19:10 - 2013-10-04 03:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-09-07 19:10 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-09-07 19:09 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-09-07 19:09 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-09-07 19:09 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-09-07 19:09 - 2014-05-30 08:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-09-07 19:09 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-09-07 19:09 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-09-07 19:09 - 2013-11-26 13:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-09-07 19:08 - 2014-12-19 04:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-09-07 19:08 - 2014-12-11 19:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-09-07 19:08 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-09-07 19:08 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-09-07 19:08 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-09-07 19:08 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-09-07 19:08 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-09-07 19:08 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-09-07 19:08 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-09-07 19:08 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-09-07 19:08 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-09-07 19:08 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-09-07 18:54 - 2015-09-07 18:49 - 00095112 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-09-07 18:53 - 2015-09-07 18:50 - 00313472 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-09-07 18:50 - 2015-09-07 18:50 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-13 10:21 - 2011-07-01 12:01 - 01585025 _____ C:\Windows\WindowsUpdate.log
2015-09-13 10:19 - 2011-07-03 14:07 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-13 10:18 - 2009-07-14 06:34 - 00014832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-13 10:18 - 2009-07-14 06:34 - 00014832 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-13 10:11 - 2011-07-12 10:40 - 00000000 ____D C:\Users\Mirek\AppData\Roaming\Software Informer
2015-09-13 10:11 - 2011-07-03 14:07 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-12 07:54 - 2011-07-03 14:07 - 00000000 ____D C:\Users\Mirek\AppData\Local\Google
2015-09-12 07:20 - 2011-07-01 12:27 - 01470062 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-12 07:15 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-11 15:58 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-09-11 15:23 - 2011-10-13 11:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler lišta
2015-09-10 20:11 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2015-09-10 20:01 - 2015-05-02 23:03 - 00002133 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-09 16:55 - 2009-07-14 06:33 - 00294960 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 16:52 - 2009-07-14 11:20 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 16:46 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-09-09 15:53 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\tracing
2015-09-08 19:53 - 2011-07-21 14:49 - 00000000 ____D C:\Users\Mirek\AppData\Roaming\Media Player Classic
2015-09-08 19:53 - 2011-07-12 10:40 - 00000000 ____D C:\Users\Mirek\AppData\Roaming\Free Download Manager
2015-09-08 19:53 - 2011-07-01 12:56 - 00000000 ____D C:\Windows\Panther
2015-09-08 18:52 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\LogFiles
2015-09-08 18:50 - 2011-07-01 12:55 - 00064528 _____ C:\Users\Mirek\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-08 15:40 - 2011-10-15 15:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-08 15:21 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-09-08 15:21 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR
2015-09-08 15:20 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-09-07 22:00 - 2011-10-15 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-07 19:28 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-09-07 18:51 - 2015-05-02 22:01 - 00113592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-09-07 18:51 - 2015-05-02 22:01 - 00024016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-09-07 18:51 - 2015-05-02 21:55 - 00208664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-09-07 18:51 - 2015-05-02 21:55 - 00081728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-09-07 18:51 - 2015-05-02 21:55 - 00049776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-09-07 18:51 - 2011-07-03 14:07 - 00433264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-09-07 18:51 - 2011-07-03 14:07 - 00076000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-09-07 18:49 - 2011-07-03 14:07 - 00788784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-09-05 20:35 - 2011-10-13 11:51 - 00000000 ____D C:\Users\Mirek\AppData\Roaming\Spyware Terminator
2015-09-05 20:35 - 2011-10-13 11:51 - 00000000 ____D C:\Program Files\Spyware Terminator
2015-08-26 18:36 - 2011-07-03 16:10 - 132039072 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2011-07-12 14:48 - 2014-04-19 10:05 - 0067072 _____ () C:\Users\Mirek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-06-16 13:25 - 2009-06-16 13:25 - 0121512 ____R () C:\ProgramData\DeviceManager.xml.rc4
Some files in TEMP:
====================
C:\Users\Mirek\AppData\Local\Temp\ixcahl-y.dll
C:\Users\Mirek\AppData\Local\Temp\RtkBtMnt.exe
C:\Users\Mirek\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Mirek\Desktop" je 5178 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Re: prosím o kontrolu NB,díky
Additional scan result of Farbar Recovery Scan Tool (x86) Version:12-09-2015
Ran by Mirek (2015-09-13 10:25:15)
Running from C:\Users\Mirek\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-07-01 10:33:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2523056422-3418443183-1108585619-500 - Administrator - Disabled)
Guest (S-1-5-21-2523056422-3418443183-1108585619-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2523056422-3418443183-1108585619-1002 - Limited - Enabled)
Mirek (S-1-5-21-2523056422-3418443183-1108585619-1000 - Administrator - Enabled) => C:\Users\Mirek
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
360Amigo System Speedup Free (HKLM\...\360Amigo) (Version: 1.2.1.5500 - 360Amigo System SpeedUp)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.3.183.5 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.3.181.34 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Aladinova lampa 1.50 (HKLM\...\{Aladinova lampa}_is1) (Version: - Špidla Data Processing, s.r.o.)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Ashampoo Home Designer1.0.0 (HKLM\...\{46552BC3-52B6-404c-9B42-CE536AB719FD}_is1) (Version: 1.0.0.0 - Creative Amadeo GmbH)
Ashampoo Photo Commander 8 v.8.5.0 (HKLM\...\Ashampoo Photo Commander 8_is1) (Version: 8.5.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer FREE (HKLM\...\Ashampoo Photo Optimizer FREE_is1) (Version: 1.2.0 - ashampoo GmbH & Co. KG)
Audacity 1.3.12 (Unicode) (HKLM\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)
Cactus (HKLM\...\Cactus) (Version: - )
CamStudio OSS Desktop Recorder (HKLM\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
DesetiPrsty5 5.3 (HKLM\...\DesetiPrsty5) (Version: - )
dm paradies foto 3 (HKLM\...\dm paradies foto 3) (Version: - )
Dobrý náčelník 1.50 (HKLM\...\{Dobry nacelnik}_is1) (Version: - Špidla Data Processing, s.r.o.)
Dopravní pexeso (HKLM\...\Dopravní pexeso_is1) (Version: - Špidla Data Processing, s.r.o.)
Foxit Reader (HKLM\...\Foxit Reader) (Version: 4.3.1.323 - Foxit Corporation)
Free Download Manager 3.0 (HKLM\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (Version: 1.3.21.69 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.13 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.4.55 - Conexant Systems)
Hledači pokladů (HKLM\...\Hledači pokladů) (Version: - )
hott notes 4 (HKLM\...\hott notes 4) (Version: 4.1 - Joel Riley)
IDOS Komplet 2010/2011 (HKLM\...\{7F071BBB-DED3-4C43-A2B2-C4817AD1BF3C}_is1) (Version: - CHAPS spol. s r.o.)
Java(TM) 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.260 - Oracle)
jetAudio 8.0.x Czech Language Pack (HKLM\...\jetAudio 8.0.x Czech Language Pack) (Version: - )
jetAudio Basic VX (HKLM\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.0.11 - COWON)
Kalendář (HKLM\...\Kalendar) (Version: 2.9.3 - Zdeněk Jantač)
Kouzelný mořský svět 2 - Okolo světa 1.50 (HKLM\...\{Kouzelny morsky svet 2 - Okolo sveta}_is1) (Version: - Špidla Data Processing, s.r.o.)
Kouzelný mořský svět 3 - Dobrodružství v Atlantidě v1.6 (HKLM\...\{Kouzelny morsky svet 3 - Dobrodruzstvi v Atlantide}_is1) (Version: - Špidla Data Processing, s.r.o.)
Launch Manager (HKLM\...\LManager) (Version: 2.1.09.W7 - Acer Inc.)
Lingea Lexicon 2002 (HKLM\...\Lexicon 4.0) (Version: - )
Loutkové divadlo - Záhada Štěstíkova 1.50 (HKLM\...\{Loutkove divadlo - Zahada Stestikova}_is1) (Version: - Špidla Data Processing, s.r.o.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Moje cukrárna 3 v1.52 (HKLM\...\{Moje cukrarna 3}_is1) (Version: - Špidla Data Processing, s.r.o.)
Mořské dobrodružství (HKLM\...\Mořské dobrodružství) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Naval Strike (HKLM\...\NavalStrike_is1) (Version: 1.0 - Media Contact LLC)
Nero 9 Essentials (HKLM\...\{f824ab9e-6e0d-4e9f-a1fc-3bde5e2ebfa9}) (Version: - Nero AG)
Nuvoton CIR Device Driver (HKLM\...\{2D3858B1-226A-420D-9C9D-B51864E85429}) (Version: 8.60.1000 - Nuvoton Technology Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenOffice.org 3.3 (HKLM\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Opera 11.50 (HKLM\...\Opera 11.50.1074) (Version: 11.50.1074 - Opera Software ASA)
PEKI dictionary 1.21 (HKLM\...\PEKI dictionary) (Version: 1.21 - Pavel Ponec)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Plane Arcade (HKLM\...\Plane Arcade) (Version: - 3D Games Development)
Prokletý hřbitov - Krkavčí kletba 1.50 (HKLM\...\{Proklety hrbitov - Krkavci kletba}_is1) (Version: - Špidla Data Processing, s.r.o.)
Puzzle pro Tradiční pohádky 1.5 (HKLM\...\Puzzle pro Tradiční pohádky_is1) (Version: - Špidla Data Processing, s.r.o.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5888 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30102 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.40 - Piriform)
Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Rolling Spells (HKLM\...\Rolling Spells_is1) (Version: 1.0 - Media Contact LLC)
Rybičky 2 - Na nové adrese 1.50 (HKLM\...\{Rybicky 2 - Na nove adrese}_is1) (Version: - Špidla Data Processing, s.r.o.)
Software Informer 1.1 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Startup Manager 2.4.2 (HKLM\...\Startup_Manager_is1) (Version: 2.4.2 - Glenn Van Loon)
Tibet volá 1.50 (HKLM\...\{Tibet vola}_is1) (Version: - Špidla Data Processing, s.r.o.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Turistické trasy PPK 2010 (HKLM\...\Turistické trasy PPK 2010) (Version: - )
UnPowerIt Now! 1.06 (HKLM\...\UnPowerItNow_is1) (Version: - Dmitriy Apraksin)
Upgrade Kit (HKLM\...\{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}) (Version: 1.00.3002 - Acer Inc.)
Veselé motory (HKLM\...\Veselé motory_is1) (Version: - Špidla Data Processing, s.r.o.)
VLC media player 1.1.8 (HKLM\...\VLC media player) (Version: 1.1.8 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM\...\{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}) (Version: 9.4.3.16284 - Vodafone)
Windows Essentials Media Codec Pack 3.4 (HKLM\...\Windows Essentials Media Codec Pack) (Version: 3.4 - Media Codec)
Zoner Photo Studio 10 (HKLM\...\ZonerPhotoStudio10_CZ_is1) (Version: - ZONER software)
Zoner Photo Studio 12 (HKLM\...\ZonerPhotoStudio12_CZ_is1) (Version: - ZONER software)
Zoner Photo Studio 9 (HKLM\...\Zoner Photo Studio 9_is1) (Version: - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 12\Program\SHELLEXT.DLL (ZONER software)
==================== Restore Points =========================
09-07-2012 17:30:01 Naplánovaný kontrolní bod
31-07-2012 12:17:17 Naplánovaný kontrolní bod
05-09-2012 19:23:07 Naplánovaný kontrolní bod
05-10-2012 14:33:06 Naplánovaný kontrolní bod
26-10-2012 13:08:09 Naplánovaný kontrolní bod
13-12-2012 17:15:57 Naplánovaný kontrolní bod
21-05-2013 15:33:15 Naplánovaný kontrolní bod
10-08-2013 20:53:25 Naplánovaný kontrolní bod
08-04-2014 07:48:11 Naplánovaný kontrolní bod
09-02-2015 15:49:02 Installed Kryštofova dobrodružství
01-05-2015 11:24:08 avast! antivirus system restore point
01-05-2015 12:30:04 Installed Microsoft Fix it 50123
01-05-2015 21:26:45 Operace obnovení
02-05-2015 21:56:46 avast! antivirus system restore point
02-05-2015 22:27:14 Windows Update
02-05-2015 23:16:30 Windows Update
17-06-2015 15:54:39 Windows Update
17-06-2015 21:20:33 Revo Uninstaller's restore point - Spyware Terminator
17-06-2015 21:24:45 Revo Uninstaller's restore point - Spyware Terminator
17-06-2015 23:31:30 Windows Update
07-09-2015 18:42:27 avast! antivirus system restore point
07-09-2015 19:19:51 Windows Update
07-09-2015 19:45:57 Windows Update
08-09-2015 20:32:21 Windows Update
09-09-2015 16:27:15 Windows Update
09-09-2015 17:05:33 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CA03771-BAFE-4742-85DB-F45533369C3B} - System32\Tasks\{269040D0-9EB7-42A6-8EE2-66D7C5AA4415} => pcalua.exe -a "C:\Program Files\Spyware Terminator\unins000.exe"
Task: {1CFC27F1-73E3-4ADE-B794-12813DEB2EF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-02] (Google Inc.)
Task: {29BD9408-BD50-42C4-A4C4-8F934241C68A} - System32\Tasks\{1C6244E2-AB20-4552-B9E3-F06B55D2B40E} => pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller"
Task: {3B34BE69-EE43-4F87-9657-F4372D3E43EE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-02] (Google Inc.)
Task: {5E67F0BB-1AB1-4B8F-B89E-B988E4716412} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {6110430C-7610-49D3-80B4-2EF2C1ECF443} - System32\Tasks\{5821B47F-AAFD-48DB-9B57-607858AF9411} => C:\Program Files\Medvěd Míša ve vesmíru\Medvěd Míša ve vesmíru Start.exe
Task: {A6D9D12C-36B9-4C74-9A13-759717C0E7F8} - System32\Tasks\Windows Codec Update Service => C:\Program Files\Essentials Codec Pack\WECPUpdate.exe [2011-02-27] (MediaCodec.Org)
Task: {AAC09696-E11A-466E-8ECC-8A48BBA679FF} - System32\Tasks\{6998857F-1AD5-4C81-91E7-24D8A9B8E32E} => pcalua.exe -a "C:\Program Files\Plane Arcade\Plane Arcade.exe" -d "C:\Program Files\Plane Arcade"
Task: {BDACC478-A73F-4D65-B139-88BE2089392B} - System32\Tasks\{D89EB4EA-9AD8-4F83-9A76-9A1D0D6E8D30} => C:\Program Files\Medvěd Míša ve vesmíru\Medvěd Míša ve vesmíru Start.exe
Task: {BF855D4B-A902-4354-BF3A-8181C46CF929} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-07] (AVAST Software)
Task: {E2886925-7557-47D1-B391-E499EE863164} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-09-07 18:50 - 2015-09-07 18:50 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-09-07 18:50 - 2015-09-07 18:50 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-11 15:19 - 2015-09-11 15:19 - 02962944 _____ () C:\Program Files\AVAST Software\Avast\defs\15091100\algo.dll
2015-09-13 10:11 - 2015-09-13 10:11 - 02962944 _____ () C:\Program Files\AVAST Software\Avast\defs\15091205\algo.dll
2015-05-02 22:01 - 2015-05-02 22:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-01-17 16:19 - 2011-07-14 21:42 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2015-09-10 19:59 - 2015-08-28 02:17 - 01501512 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-10 19:59 - 2015-08-28 02:17 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.85\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4791 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mirek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{11ABDDE4-D761-4CBC-B3F8-3FC6490BB92E}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{54DC95D7-9240-40B0-824C-41C5CA3C823B}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{A3DD962F-F6DF-4EBF-A663-194E182FF381}C:\program files\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{F94097A3-D07B-4BCB-9BBD-4CA197DC9318}C:\program files\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{E748CED7-140F-4916-A98D-BFCCC7EC9C68}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{F5E9E2FB-C99C-4600-8526-7A25399406FB}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{FCBDF4A2-EB8B-475E-AE16-7610677F00B4}C:\program files\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{56D2DBEE-C3A2-4531-9347-AF6D21C61990}C:\program files\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [{9A88D60E-EE4E-4FA7-A540-07ABF0FA44C5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{07605FDE-74EA-4F83-9B83-E4AF58A18DAA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{9FDEDB8D-657B-451F-831D-15F9358C45C5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/12/2015 07:15:42 AM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (09/11/2015 03:25:14 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (09/11/2015 03:20:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 851868.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (09/11/2015 03:20:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... B9AD8E.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (09/11/2015 03:20:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 851868.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (09/11/2015 03:14:11 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (09/10/2015 07:52:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... B9AD8E.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (09/10/2015 07:52:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 851868.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (09/10/2015 07:52:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... B9AD8E.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (09/10/2015 07:52:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 851868.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
System errors:
=============
Error: (09/12/2015 07:15:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spyware Terminator Realtime Shield Service neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (09/11/2015 03:24:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spyware Terminator Realtime Shield Service neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (09/11/2015 03:23:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (09/11/2015 03:23:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (09/11/2015 03:23:32 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (09/11/2015 03:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (09/11/2015 03:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (09/11/2015 03:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (09/11/2015 03:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Vodafone Mobile Connect Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (09/11/2015 03:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Nero BackItUp Scheduler 4.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.
Microsoft Office:
=========================
Error: (09/12/2015 07:15:42 AM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (09/11/2015 03:25:14 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (09/11/2015 03:20:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 68.crtDaná operace se vrátila, protože vypršel časový limit.
Error: (09/11/2015 03:20:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 8E.crtDaná operace se vrátila, protože vypršel časový limit.
Error: (09/11/2015 03:20:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 68.crtDaná operace se vrátila, protože vypršel časový limit.
Error: (09/11/2015 03:14:11 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (09/10/2015 07:52:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 8E.crtDaná operace se vrátila, protože vypršel časový limit.
Error: (09/10/2015 07:52:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 68.crtDaná operace se vrátila, protože vypršel časový limit.
Error: (09/10/2015 07:52:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 8E.crtDaná operace se vrátila, protože vypršel časový limit.
Error: (09/10/2015 07:52:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 68.crtDaná operace se vrátila, protože vypršel časový limit.
==================== Memory info ===========================
Processor: AMD Athlon(tm) X2 Dual-Core QL-64
Percentage of memory in use: 64%
Total physical RAM: 2558.43 MB
Available physical RAM: 913.84 MB
Total Virtual: 5115.16 MB
Available Virtual: 3494.95 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:144.04 GB) (Free:81.51 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:144.04 GB) (Free:29.63 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 2C74BADC)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=144 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Mirek (2015-09-13 10:25:15)
Running from C:\Users\Mirek\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2011-07-01 10:33:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2523056422-3418443183-1108585619-500 - Administrator - Disabled)
Guest (S-1-5-21-2523056422-3418443183-1108585619-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2523056422-3418443183-1108585619-1002 - Limited - Enabled)
Mirek (S-1-5-21-2523056422-3418443183-1108585619-1000 - Administrator - Enabled) => C:\Users\Mirek
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
360Amigo System Speedup Free (HKLM\...\360Amigo) (Version: 1.2.1.5500 - 360Amigo System SpeedUp)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.3.183.5 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.3.181.34 - Adobe Systems Incorporated)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Aladinova lampa 1.50 (HKLM\...\{Aladinova lampa}_is1) (Version: - Špidla Data Processing, s.r.o.)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Ashampoo Home Designer1.0.0 (HKLM\...\{46552BC3-52B6-404c-9B42-CE536AB719FD}_is1) (Version: 1.0.0.0 - Creative Amadeo GmbH)
Ashampoo Photo Commander 8 v.8.5.0 (HKLM\...\Ashampoo Photo Commander 8_is1) (Version: 8.5.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer FREE (HKLM\...\Ashampoo Photo Optimizer FREE_is1) (Version: 1.2.0 - ashampoo GmbH & Co. KG)
Audacity 1.3.12 (Unicode) (HKLM\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)
Avast Free Antivirus (HKLM\...\avast) (Version: 10.3.2225 - AVAST Software)
Cactus (HKLM\...\Cactus) (Version: - )
CamStudio OSS Desktop Recorder (HKLM\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.09 - Piriform)
DesetiPrsty5 5.3 (HKLM\...\DesetiPrsty5) (Version: - )
dm paradies foto 3 (HKLM\...\dm paradies foto 3) (Version: - )
Dobrý náčelník 1.50 (HKLM\...\{Dobry nacelnik}_is1) (Version: - Špidla Data Processing, s.r.o.)
Dopravní pexeso (HKLM\...\Dopravní pexeso_is1) (Version: - Špidla Data Processing, s.r.o.)
Foxit Reader (HKLM\...\Foxit Reader) (Version: 4.3.1.323 - Foxit Corporation)
Free Download Manager 3.0 (HKLM\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google Update Helper (Version: 1.3.21.69 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.13 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.4.55 - Conexant Systems)
Hledači pokladů (HKLM\...\Hledači pokladů) (Version: - )
hott notes 4 (HKLM\...\hott notes 4) (Version: 4.1 - Joel Riley)
IDOS Komplet 2010/2011 (HKLM\...\{7F071BBB-DED3-4C43-A2B2-C4817AD1BF3C}_is1) (Version: - CHAPS spol. s r.o.)
Java(TM) 6 Update 26 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.260 - Oracle)
jetAudio 8.0.x Czech Language Pack (HKLM\...\jetAudio 8.0.x Czech Language Pack) (Version: - )
jetAudio Basic VX (HKLM\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.0.11 - COWON)
Kalendář (HKLM\...\Kalendar) (Version: 2.9.3 - Zdeněk Jantač)
Kouzelný mořský svět 2 - Okolo světa 1.50 (HKLM\...\{Kouzelny morsky svet 2 - Okolo sveta}_is1) (Version: - Špidla Data Processing, s.r.o.)
Kouzelný mořský svět 3 - Dobrodružství v Atlantidě v1.6 (HKLM\...\{Kouzelny morsky svet 3 - Dobrodruzstvi v Atlantide}_is1) (Version: - Špidla Data Processing, s.r.o.)
Launch Manager (HKLM\...\LManager) (Version: 2.1.09.W7 - Acer Inc.)
Lingea Lexicon 2002 (HKLM\...\Lexicon 4.0) (Version: - )
Loutkové divadlo - Záhada Štěstíkova 1.50 (HKLM\...\{Loutkove divadlo - Zahada Stestikova}_is1) (Version: - Špidla Data Processing, s.r.o.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Moje cukrárna 3 v1.52 (HKLM\...\{Moje cukrarna 3}_is1) (Version: - Špidla Data Processing, s.r.o.)
Mořské dobrodružství (HKLM\...\Mořské dobrodružství) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Naval Strike (HKLM\...\NavalStrike_is1) (Version: 1.0 - Media Contact LLC)
Nero 9 Essentials (HKLM\...\{f824ab9e-6e0d-4e9f-a1fc-3bde5e2ebfa9}) (Version: - Nero AG)
Nuvoton CIR Device Driver (HKLM\...\{2D3858B1-226A-420D-9C9D-B51864E85429}) (Version: 8.60.1000 - Nuvoton Technology Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenOffice.org 3.3 (HKLM\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Opera 11.50 (HKLM\...\Opera 11.50.1074) (Version: 11.50.1074 - Opera Software ASA)
PEKI dictionary 1.21 (HKLM\...\PEKI dictionary) (Version: 1.21 - Pavel Ponec)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Plane Arcade (HKLM\...\Plane Arcade) (Version: - 3D Games Development)
Prokletý hřbitov - Krkavčí kletba 1.50 (HKLM\...\{Proklety hrbitov - Krkavci kletba}_is1) (Version: - Špidla Data Processing, s.r.o.)
Puzzle pro Tradiční pohádky 1.5 (HKLM\...\Puzzle pro Tradiční pohádky_is1) (Version: - Špidla Data Processing, s.r.o.)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5888 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30102 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.40 - Piriform)
Revo Uninstaller 1.92 (HKLM\...\Revo Uninstaller) (Version: 1.92 - VS Revo Group)
Rolling Spells (HKLM\...\Rolling Spells_is1) (Version: 1.0 - Media Contact LLC)
Rybičky 2 - Na nové adrese 1.50 (HKLM\...\{Rybicky 2 - Na nove adrese}_is1) (Version: - Špidla Data Processing, s.r.o.)
Software Informer 1.1 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Startup Manager 2.4.2 (HKLM\...\Startup_Manager_is1) (Version: 2.4.2 - Glenn Van Loon)
Tibet volá 1.50 (HKLM\...\{Tibet vola}_is1) (Version: - Špidla Data Processing, s.r.o.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Turistické trasy PPK 2010 (HKLM\...\Turistické trasy PPK 2010) (Version: - )
UnPowerIt Now! 1.06 (HKLM\...\UnPowerItNow_is1) (Version: - Dmitriy Apraksin)
Upgrade Kit (HKLM\...\{1D0FDD6D-3C5E-4588-8ED0-02DC88014BF2}) (Version: 1.00.3002 - Acer Inc.)
Veselé motory (HKLM\...\Veselé motory_is1) (Version: - Špidla Data Processing, s.r.o.)
VLC media player 1.1.8 (HKLM\...\VLC media player) (Version: 1.1.8 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM\...\{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}) (Version: 9.4.3.16284 - Vodafone)
Windows Essentials Media Codec Pack 3.4 (HKLM\...\Windows Essentials Media Codec Pack) (Version: 3.4 - Media Codec)
Zoner Photo Studio 10 (HKLM\...\ZonerPhotoStudio10_CZ_is1) (Version: - ZONER software)
Zoner Photo Studio 12 (HKLM\...\ZonerPhotoStudio12_CZ_is1) (Version: - ZONER software)
Zoner Photo Studio 9 (HKLM\...\Zoner Photo Studio 9_is1) (Version: - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 12\Program\SHELLEXT.DLL (ZONER software)
==================== Restore Points =========================
09-07-2012 17:30:01 Naplánovaný kontrolní bod
31-07-2012 12:17:17 Naplánovaný kontrolní bod
05-09-2012 19:23:07 Naplánovaný kontrolní bod
05-10-2012 14:33:06 Naplánovaný kontrolní bod
26-10-2012 13:08:09 Naplánovaný kontrolní bod
13-12-2012 17:15:57 Naplánovaný kontrolní bod
21-05-2013 15:33:15 Naplánovaný kontrolní bod
10-08-2013 20:53:25 Naplánovaný kontrolní bod
08-04-2014 07:48:11 Naplánovaný kontrolní bod
09-02-2015 15:49:02 Installed Kryštofova dobrodružství
01-05-2015 11:24:08 avast! antivirus system restore point
01-05-2015 12:30:04 Installed Microsoft Fix it 50123
01-05-2015 21:26:45 Operace obnovení
02-05-2015 21:56:46 avast! antivirus system restore point
02-05-2015 22:27:14 Windows Update
02-05-2015 23:16:30 Windows Update
17-06-2015 15:54:39 Windows Update
17-06-2015 21:20:33 Revo Uninstaller's restore point - Spyware Terminator
17-06-2015 21:24:45 Revo Uninstaller's restore point - Spyware Terminator
17-06-2015 23:31:30 Windows Update
07-09-2015 18:42:27 avast! antivirus system restore point
07-09-2015 19:19:51 Windows Update
07-09-2015 19:45:57 Windows Update
08-09-2015 20:32:21 Windows Update
09-09-2015 16:27:15 Windows Update
09-09-2015 17:05:33 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CA03771-BAFE-4742-85DB-F45533369C3B} - System32\Tasks\{269040D0-9EB7-42A6-8EE2-66D7C5AA4415} => pcalua.exe -a "C:\Program Files\Spyware Terminator\unins000.exe"
Task: {1CFC27F1-73E3-4ADE-B794-12813DEB2EF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-02] (Google Inc.)
Task: {29BD9408-BD50-42C4-A4C4-8F934241C68A} - System32\Tasks\{1C6244E2-AB20-4552-B9E3-F06B55D2B40E} => pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller"
Task: {3B34BE69-EE43-4F87-9657-F4372D3E43EE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-02] (Google Inc.)
Task: {5E67F0BB-1AB1-4B8F-B89E-B988E4716412} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-08-20] (Piriform Ltd)
Task: {6110430C-7610-49D3-80B4-2EF2C1ECF443} - System32\Tasks\{5821B47F-AAFD-48DB-9B57-607858AF9411} => C:\Program Files\Medvěd Míša ve vesmíru\Medvěd Míša ve vesmíru Start.exe
Task: {A6D9D12C-36B9-4C74-9A13-759717C0E7F8} - System32\Tasks\Windows Codec Update Service => C:\Program Files\Essentials Codec Pack\WECPUpdate.exe [2011-02-27] (MediaCodec.Org)
Task: {AAC09696-E11A-466E-8ECC-8A48BBA679FF} - System32\Tasks\{6998857F-1AD5-4C81-91E7-24D8A9B8E32E} => pcalua.exe -a "C:\Program Files\Plane Arcade\Plane Arcade.exe" -d "C:\Program Files\Plane Arcade"
Task: {BDACC478-A73F-4D65-B139-88BE2089392B} - System32\Tasks\{D89EB4EA-9AD8-4F83-9A76-9A1D0D6E8D30} => C:\Program Files\Medvěd Míša ve vesmíru\Medvěd Míša ve vesmíru Start.exe
Task: {BF855D4B-A902-4354-BF3A-8181C46CF929} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-09-07] (AVAST Software)
Task: {E2886925-7557-47D1-B391-E499EE863164} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-09-07 18:50 - 2015-09-07 18:50 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-09-07 18:50 - 2015-09-07 18:50 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-11 15:19 - 2015-09-11 15:19 - 02962944 _____ () C:\Program Files\AVAST Software\Avast\defs\15091100\algo.dll
2015-09-13 10:11 - 2015-09-13 10:11 - 02962944 _____ () C:\Program Files\AVAST Software\Avast\defs\15091205\algo.dll
2015-05-02 22:01 - 2015-05-02 22:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-01-17 16:19 - 2011-07-14 21:42 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2015-09-10 19:59 - 2015-08-28 02:17 - 01501512 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-10 19:59 - 2015-08-28 02:17 - 00081224 _____ () C:\Program Files\Google\Chrome\Application\45.0.2454.85\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4791 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Mirek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{11ABDDE4-D761-4CBC-B3F8-3FC6490BB92E}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{54DC95D7-9240-40B0-824C-41C5CA3C823B}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{A3DD962F-F6DF-4EBF-A663-194E182FF381}C:\program files\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{F94097A3-D07B-4BCB-9BBD-4CA197DC9318}C:\program files\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{E748CED7-140F-4916-A98D-BFCCC7EC9C68}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{F5E9E2FB-C99C-4600-8526-7A25399406FB}C:\program files\opera\opera.exe] => (Allow) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{FCBDF4A2-EB8B-475E-AE16-7610677F00B4}C:\program files\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{56D2DBEE-C3A2-4531-9347-AF6D21C61990}C:\program files\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [{9A88D60E-EE4E-4FA7-A540-07ABF0FA44C5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{07605FDE-74EA-4F83-9B83-E4AF58A18DAA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{9FDEDB8D-657B-451F-831D-15F9358C45C5}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/12/2015 07:15:42 AM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (09/11/2015 03:25:14 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (09/11/2015 03:20:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 851868.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (09/11/2015 03:20:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... B9AD8E.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (09/11/2015 03:20:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 851868.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (09/11/2015 03:14:11 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (09/10/2015 07:52:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... B9AD8E.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (09/10/2015 07:52:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 851868.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (09/10/2015 07:52:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... B9AD8E.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
Error: (09/10/2015 07:52:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Selhalo načtení automatické aktualizace kořenového certifikátu jiného výrobce z: <http://ctldl.windowsupdate.com/msdownlo ... 851868.crt>. Došlo k chybě Daná operace se vrátila, protože vypršel časový limit.
.
System errors:
=============
Error: (09/12/2015 07:15:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spyware Terminator Realtime Shield Service neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (09/11/2015 03:24:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Spyware Terminator Realtime Shield Service neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (09/11/2015 03:23:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056
Error: (09/11/2015 03:23:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
%%1069
Error: (09/11/2015 03:23:32 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50
Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).
Error: (09/11/2015 03:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (09/11/2015 03:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.
Error: (09/11/2015 03:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.
Error: (09/11/2015 03:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Vodafone Mobile Connect Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (09/11/2015 03:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Nero BackItUp Scheduler 4.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.
Microsoft Office:
=========================
Error: (09/12/2015 07:15:42 AM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (09/11/2015 03:25:14 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (09/11/2015 03:20:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 68.crtDaná operace se vrátila, protože vypršel časový limit.
Error: (09/11/2015 03:20:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 8E.crtDaná operace se vrátila, protože vypršel časový limit.
Error: (09/11/2015 03:20:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 68.crtDaná operace se vrátila, protože vypršel časový limit.
Error: (09/11/2015 03:14:11 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (09/10/2015 07:52:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 8E.crtDaná operace se vrátila, protože vypršel časový limit.
Error: (09/10/2015 07:52:18 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 68.crtDaná operace se vrátila, protože vypršel časový limit.
Error: (09/10/2015 07:52:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 8E.crtDaná operace se vrátila, protože vypršel časový limit.
Error: (09/10/2015 07:52:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: http://ctldl.windowsupdate.com/msdownlo ... 68.crtDaná operace se vrátila, protože vypršel časový limit.
==================== Memory info ===========================
Processor: AMD Athlon(tm) X2 Dual-Core QL-64
Percentage of memory in use: 64%
Total physical RAM: 2558.43 MB
Available physical RAM: 913.84 MB
Total Virtual: 5115.16 MB
Available Virtual: 3494.95 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:144.04 GB) (Free:81.51 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:144.04 GB) (Free:29.63 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 2C74BADC)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=144 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=144 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: prosím o kontrolu NB,díky
Vypnete trvale Windows Defender.***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Mirek\Desktop" je 5178 MB.
Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [SpywareTerminator] => "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [fsm] => [X]
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [SpywareTerminatorUpdate] => "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
C:\Program Files\Spyware Terminator
S2 sp_rssrv; "C:\Program Files\Spyware Terminator\sp_rsser.exe" [X]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-02 107848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-02 107848]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
2015-09-12 07:47 - 2015-09-12 07:47 - 00001153 _____ C:\scan mbam.txt
2015-09-12 07:28 - 2015-09-12 07:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-12 07:26 - 2015-09-12 07:26 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Mirek\Downloads\mbam-setup-2.1.8.1057.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: prosím o kontrolu NB,díky
Fix result of Farbar Recovery Scan Tool (x86) Version:13-09-2015 01
Ran by Mirek (2015-09-13 19:04:39) Run:1
Running from C:\Users\Mirek\Desktop
Loaded Profiles: Mirek (Available Profiles: Mirek)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [SpywareTerminator] => "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [fsm] => [X]
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [SpywareTerminatorUpdate] => "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
C:\Program Files\Spyware Terminator
S2 sp_rssrv; "C:\Program Files\Spyware Terminator\sp_rsser.exe" [X]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-02 107848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-02 107848]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
2015-09-12 07:47 - 2015-09-12 07:47 - 00001153 _____ C:\scan mbam.txt
2015-09-12 07:28 - 2015-09-12 07:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-12 07:26 - 2015-09-12 07:26 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Mirek\Downloads\mbam-setup-2.1.8.1057.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminator => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM => value removed successfully.
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Software\Microsoft\Windows\CurrentVersion\Run\\fsm => value removed successfully.
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdate => value removed successfully.
C:\Program Files\Spyware Terminator => moved successfully
sp_rssrv => service removed successfully.
Nero BackItUp Scheduler 4.0 => Service stopped successfully.
Nero BackItUp Scheduler 4.0 => service removed successfully.
gupdate => service removed successfully.
gupdatem => service removed successfully.
gusvc => service removed successfully.
C:\scan mbam.txt => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Users\Mirek\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 266 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 19:06:03 ====
Ran by Mirek (2015-09-13 19:04:39) Run:1
Running from C:\Users\Mirek\Desktop
Loaded Profiles: Mirek (Available Profiles: Mirek)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Run: [SpywareTerminator] => "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696 2011-04-08] (Sun Microsystems, Inc.)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [ISUSPM] => C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032 2006-09-11] (Macrovision Corporation)
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [fsm] => [X]
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\...\Run: [SpywareTerminatorUpdate] => "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe"
C:\Program Files\Spyware Terminator
S2 sp_rssrv; "C:\Program Files\Spyware Terminator\sp_rsser.exe" [X]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-20 935208]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-02 107848]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-02 107848]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-11 136120]
2015-09-12 07:47 - 2015-09-12 07:47 - 00001153 _____ C:\scan mbam.txt
2015-09-12 07:28 - 2015-09-12 07:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-12 07:26 - 2015-09-12 07:26 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Mirek\Downloads\mbam-setup-2.1.8.1057.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminator => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM => value removed successfully.
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Software\Microsoft\Windows\CurrentVersion\Run\\fsm => value removed successfully.
HKU\S-1-5-21-2523056422-3418443183-1108585619-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpywareTerminatorUpdate => value removed successfully.
C:\Program Files\Spyware Terminator => moved successfully
sp_rssrv => service removed successfully.
Nero BackItUp Scheduler 4.0 => Service stopped successfully.
Nero BackItUp Scheduler 4.0 => service removed successfully.
gupdate => service removed successfully.
gupdatem => service removed successfully.
gusvc => service removed successfully.
C:\scan mbam.txt => moved successfully
C:\ProgramData\Malwarebytes => moved successfully
C:\Users\Mirek\Downloads\mbam-setup-2.1.8.1057.exe => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 266 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 19:06:03 ====
Re: prosím o kontrolu NB,díky
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak to s pc vypada.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?