Prosim o kontrolu

[Matthi]

Dobry den prosim o kontrolu, zda se mi ze ve hrach ztracim vykon, tak treba se Vam podari zjistit cim to je :

Logfile of random's system information tool 1.10 (written by random/random)
Run by Zbynda at 2015-09-20 08:39:56
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 40 GB (13%) free of 305 GB
Total RAM: 8174 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:40:00, on 20.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe
C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Program Files\trend micro\Zbynda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 159.253.18.161 account.tera-europe.com
O1 - Hosts: 159.253.18.161 download.frogster-online.com
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [WindowsDriverScan86] C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk
O4 - HKLM\..\Run: [WindowsDriverScan64] C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BlackBerry Device Manager - BlackBerry Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - H:\Games\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11047 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 1656
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"taskhost.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/Zbynda/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="3972.0.1047590728\1970413813" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3972 "\\.\pipe\gecko-crash-server-pipe.3972" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --proxy-stub-channel=Flash4880.690AD388.9156 --host-broker-channel=Flash4880.690AD388.8918 --host-pid=4880 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --channel=4940.006EF7F8.1803540973 --proxy-stub-channel=Flash4880.690AD388.9156 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll" --host-npapi-version=28 --type=renderer
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\vssvc.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Zbynda\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Zbynda\AppData\Roaming\Mozilla\Firefox\Profiles\iws04ci7.default-1436811615587

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program F [2012-09-01 6516280]
"Akamai NetSession Interface"=C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe [2015-07-23 4691384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program F [2012-09-01 6516280]
"RIMBBLaunchAgent.exe"=C:\Program F [2012-09-01 6516280]
"WindowsDriverScan86"=C:\Program F [2012-09-01 6516280]
"WindowsDriverScan64"=C:\Program F [2012-09-01 6516280]
"amd_dc_opt"=C:\Program F [2012-09-01 6516280]
"SunJavaUpdateSched"=C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-20 08:39:57 ----D---- C:\Program Files\trend micro
2015-09-20 08:39:56 ----D---- C:\rsit
2015-09-20 08:31:27 ----D---- C:\FRST
2015-09-11 18:28:41 ----D---- C:\Program Files (x86)\Razer
2015-09-11 18:28:39 ----D---- C:\ProgramData\Razer
2015-09-09 11:12:45 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 11:12:45 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 11:12:45 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 11:12:44 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 11:12:35 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 11:12:35 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 11:12:31 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 11:12:30 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 11:12:30 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 11:12:30 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 11:12:19 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 11:12:19 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 11:12:18 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 11:12:18 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 11:12:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 11:12:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 11:12:18 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 11:12:17 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 11:12:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 11:12:17 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 11:12:17 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 11:12:17 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 11:12:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 11:12:16 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 11:12:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 11:12:16 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 11:12:15 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 11:12:15 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 11:12:15 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 11:12:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 11:12:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 11:12:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 11:12:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 11:12:14 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 11:12:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 11:12:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 11:12:13 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 11:12:13 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 11:12:13 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 11:12:12 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 11:12:12 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 11:12:12 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 11:12:12 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 11:12:12 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 11:12:12 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 11:12:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 11:12:10 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 11:12:09 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 11:11:38 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 11:11:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 11:11:38 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 11:11:37 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 11:11:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 11:11:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 11:11:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 11:11:37 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 11:11:37 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 11:11:37 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 11:11:37 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 11:11:37 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\smss.exe
2015-09-09 11:11:36 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 11:11:36 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 11:11:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 11:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 11:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 11:11:36 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 11:11:36 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 11:11:36 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 11:11:36 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 11:11:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 11:11:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 11:11:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 11:11:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 11:11:34 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 11:11:34 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 11:11:34 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 11:11:34 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 11:11:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 11:11:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 11:11:33 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 11:11:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 11:11:32 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 11:11:30 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 11:11:30 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 11:11:29 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 11:11:29 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 11:11:29 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 11:11:29 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 11:11:03 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 11:11:03 ----A---- C:\Windows\system32\consent.exe
2015-09-09 11:11:03 ----A---- C:\Windows\system32\authui.dll
2015-09-09 11:11:03 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 11:10:56 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 11:10:56 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 11:10:55 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 11:10:55 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 11:10:55 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 11:10:55 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 11:10:55 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 11:10:55 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 11:10:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 11:10:31 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 11:10:31 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 11:10:31 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 11:10:31 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 11:10:31 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 11:10:31 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 11:10:15 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 11:10:14 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 11:10:14 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 11:10:14 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 11:10:14 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 11:10:14 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 11:10:14 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 11:10:14 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 11:10:14 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 11:10:14 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 11:10:14 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 11:10:07 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 11:10:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 11:10:06 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 11:10:06 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 11:10:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 11:10:06 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wups.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-09-06 11:36:03 ----D---- C:\Users\Zbynda\AppData\Roaming\Trove
2015-09-02 10:18:37 ----ASH---- C:\pagefile.sys
2015-08-30 13:49:52 ----D---- C:\Users\Zbynda\AppData\Roaming\Sun
2015-08-30 10:17:39 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-30 09:57:59 ----A---- C:\Windows\system32\drivers\ngvss.sys
2015-08-30 09:57:27 ----A---- C:\Windows\system32\aswBoot.exe
2015-08-30 09:56:19 ----A---- C:\Windows\avastSS.scr
2015-08-25 21:49:07 ----RD---- C:\Program Files (x86)\Skype

======List of files/folders modified in the last 1 month======

2015-09-20 08:39:58 ----D---- C:\Windows\Temp
2015-09-20 08:39:57 ----D---- C:\Program Files
2015-09-20 08:37:22 ----D---- C:\Windows
2015-09-20 08:16:23 ----D---- C:\ProgramData\NVIDIA
2015-09-19 21:33:39 ----D---- C:\Program Files (x86)\Steam
2015-09-19 20:59:35 ----D---- C:\Windows\Prefetch
2015-09-19 20:52:59 ----D---- C:\Windows\system32\config
2015-09-19 20:47:14 ----D---- C:\Windows\system32\catroot2
2015-09-19 11:20:57 ----D---- C:\Users\Zbynda\AppData\Roaming\Skype
2015-09-19 11:19:53 ----SHD---- C:\Windows\Installer
2015-09-19 11:19:51 ----D---- C:\Windows\system32\drivers
2015-09-19 11:19:33 ----D---- C:\ProgramData\Skype
2015-09-19 11:19:04 ----RD---- C:\Program Files (x86)
2015-09-18 19:01:36 ----SHD---- C:\System Volume Information
2015-09-17 10:29:36 ----D---- C:\Windows\System32
2015-09-17 10:29:36 ----D---- C:\Windows\inf
2015-09-17 10:29:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-15 22:12:13 ----D---- C:\Windows\Microsoft.NET
2015-09-15 22:11:28 ----RSD---- C:\Windows\assembly
2015-09-15 21:36:02 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-09-15 21:33:10 ----D---- C:\Program Files\Microsoft Office 15
2015-09-13 07:51:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-09-11 18:28:39 ----HD---- C:\ProgramData
2015-09-10 00:10:50 ----D---- C:\ProgramData\Package Cache
2015-09-09 14:33:18 ----D---- C:\Windows\rescache
2015-09-09 13:20:52 ----D---- C:\Windows\winsxs
2015-09-09 13:15:23 ----D---- C:\Windows\SysWOW64
2015-09-09 13:15:23 ----D---- C:\Program Files\Windows Journal
2015-09-09 13:15:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 13:15:22 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 13:15:22 ----D---- C:\Windows\ehome
2015-09-09 13:15:21 ----D---- C:\Program Files\Internet Explorer
2015-09-09 13:15:20 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 13:15:18 ----D---- C:\Windows\system32\en-US
2015-09-09 13:15:18 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 13:15:15 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 13:15:07 ----D---- C:\Windows\AppPatch
2015-09-09 13:15:03 ----D---- C:\Windows\system32\Boot
2015-09-09 11:46:44 ----D---- C:\Windows\system32\MRT
2015-08-31 11:29:13 ----D---- C:\Windows\SYSWOW64\vbox
2015-08-31 11:29:13 ----D---- C:\Windows\system32\vbox
2015-08-31 10:40:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-30 13:50:34 ----D---- C:\Program Files (x86)\Common Files
2015-08-30 13:49:21 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-08-30 13:48:38 ----D---- C:\Program Files\Java
2015-08-30 09:59:08 ----D---- C:\Windows\system32\Tasks
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-08-30 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-08-30 274808]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-08-30 115152]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-08-30 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-08-30 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-08-30 447944]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-09 283200]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-08-30 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-08-30 90968]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-03-17 42696]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program F [2012-09-01 6516280]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-10-27 196384]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-06-08 82816]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-08-30 150672]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-03-17 310728]
S3 1394hub;1394 Enabled Hub; C:\Windows\syswow64\svchost.exe [2009-07-14 20992]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2013-12-02 79872]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program F [2012-09-01 6516280]
R2 avast! Antivirus;Avast Antivirus; C:\Program F [2012-09-01 6516280]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program F [2012-09-01 6516280]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-04-17 76888]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2015-08-11 189248]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program F [2012-09-01 6516280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program F [2012-09-01 6516280]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program F [2012-09-01 6516280]
R3 BlackBerry Device Manager;BlackBerry Device Manager; C:\Program F [2012-09-01 6516280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program F [2012-09-01 6516280]
S2 SkypeUpdate;Skype Updater; C:\Program F [2012-09-01 6516280]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11 269000]
S3 IDriverT;InstallDriver Table Manager; C:\Program F [2012-09-01 6516280]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program F [2012-09-01 6516280]
S3 Origin Client Service;Origin Client Service; H:\Games\Origin\OriginClientService.exe [2015-08-11 2007048]
S3 ose;Office Source Engine; C:\Program F [2012-09-01 6516280]
S3 osppsvc;Office Software Protection Platform; C:\Program F [2012-09-01 6516280]
S3 Steam Client Service;Steam Client Service; C:\Program F [2012-09-01 6516280]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

Diky moc predem
S pozdravem
Matthi

[Márty84]

Zdravim

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

[Matthi]

Dobry den, dekuji a posilam log

# AdwCleaner v5.008 - Logfile created 20/09/2015 at 13:45:07
# Updated 18/09/2015 by Xplode
# Database : 2015-09-17.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Zbynda - MATTHI
# Running from : C:\Users\Zbynda\Desktop\adwcleaner_5.008.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\SimilarSites
Folder Found : C:\Program Files (x86)\Optimizer Pro
Folder Found : C:\ProgramData\Ask
Folder Found : C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
Folder Found : C:\Users\Hanka\AppData\Roaming\SimilarSites
Folder Found : C:\Users\Zbynda\AppData\LocalLow\AskToolbar

***** [ Files ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
File Found : C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olakgnkoldmagdblaalodobkmeokmgjj_0.localstorage
File Found : C:\Users\Zbynda\AppData\Local\Temp\OptimizerPro.exe

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Classes\SDP
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DA60568C-C30E-4680-ADEA-89BF1DD050EA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5777FB26-1203-4D16-A47F-24B3FF5E0476}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{71AC0D70-4274-4B53-8101-26F7249EAFE4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{67C605D7-71E7-40B7-AF78-8E382E039E8B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0A4376DD-C64A-4499-86BA-54578FD3BE3E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1E66D651-C63F-4B5A-8DBB-4C093647BF9B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3E3BEAE8-5B73-4AA4-8191-6AAD3E17D7CC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E1700B22-E107-4EC6-943E-5FBBADF213B3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C71EA797-7B15-438B-894A-9AB54D752430}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0CD3C780-F128-4E7F-BA5C-A7B4FE0B904E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6DBD484A-FAA1-4E09-9D82-5B472D9774E8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{76A9FB77-FA97-4656-8B91-25848DC7BFD6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3C4E958B-177E-4B3A-A998-4B0263A9564D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{638B87E0-5EF3-45FA-ACB8-2C7C67958665}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6A1F6969-2069-4036-A0AB-07D4628DF5A1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6F776034-C1E7-41CB-B099-839FCA62E732}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F4D12989-AF1C-4363-BFCF-B9AD96D18B0F}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\BI
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\usyndication.com
Key Found : HKCU\Software\USyndication
Key Found : HKCU\Software\SereneScreen
Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\SOFTWARE\PIP
Key Found : HKLM\SOFTWARE\SystemK
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\BI
Key Found : [x64] HKCU\Software\PIP
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\usyndication.com
Key Found : [x64] HKCU\Software\USyndication
Key Found : [x64] HKCU\Software\SereneScreen
Key Found : [x64] HKCU\Software\Linkey
Key Found : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll

***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6365 bytes] ##########

[Márty84]

To je log po skenu. Ja chtel az po odstraneni. Nechal jste nalezy i odstranit kliknutim na Cleaning? Pokud ne, udelejte to.


Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

[Matthi]

tak zde po scanu:
# AdwCleaner v5.008 - Logfile created 20/09/2015 at 19:54:28
# Updated 18/09/2015 by Xplode
# Database : 2015-09-20.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Zbynda - MATTHI
# Running from : C:\Users\Zbynda\Desktop\adwcleaner_5.008.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\SimilarSites
[-] Folder Deleted : C:\Program Files (x86)\Optimizer Pro
[-] Folder Deleted : C:\ProgramData\Ask
[-] Folder Deleted : C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
[-] Folder Deleted : C:\Users\Hanka\AppData\Roaming\SimilarSites
[-] Folder Deleted : C:\Users\Zbynda\AppData\LocalLow\AskToolbar

***** [ Files ] *****

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml
[-] File Deleted : C:\Users\Hanka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olakgnkoldmagdblaalodobkmeokmgjj_0.localstorage
[-] File Deleted : C:\Users\Zbynda\AppData\Local\Temp\OptimizerPro.exe

***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\SDP
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DA60568C-C30E-4680-ADEA-89BF1DD050EA}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5777FB26-1203-4D16-A47F-24B3FF5E0476}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{71AC0D70-4274-4B53-8101-26F7249EAFE4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{67C605D7-71E7-40B7-AF78-8E382E039E8B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0A4376DD-C64A-4499-86BA-54578FD3BE3E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1E66D651-C63F-4B5A-8DBB-4C093647BF9B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E3BEAE8-5B73-4AA4-8191-6AAD3E17D7CC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1700B22-E107-4EC6-943E-5FBBADF213B3}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C71EA797-7B15-438B-894A-9AB54D752430}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0CD3C780-F128-4E7F-BA5C-A7B4FE0B904E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DBD484A-FAA1-4E09-9D82-5B472D9774E8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{76A9FB77-FA97-4656-8B91-25848DC7BFD6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3C4E958B-177E-4B3A-A998-4B0263A9564D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{638B87E0-5EF3-45FA-ACB8-2C7C67958665}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6A1F6969-2069-4036-A0AB-07D4628DF5A1}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6F776034-C1E7-41CB-B099-839FCA62E732}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4D12989-AF1C-4363-BFCF-B9AD96D18B0F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\BI
[-] Key Deleted : HKCU\Software\PIP
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\usyndication.com
[-] Key Deleted : HKCU\Software\USyndication
[-] Key Deleted : HKCU\Software\SereneScreen
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
[-] Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\SystemK
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
[!] Key Not Deleted : [x64] HKCU\Software\APN PIP
[!] Key Not Deleted : [x64] HKCU\Software\BI
[!] Key Not Deleted : [x64] HKCU\Software\PIP
[!] Key Not Deleted : [x64] HKCU\Software\Softonic
[!] Key Not Deleted : [x64] HKCU\Software\usyndication.com
[!] Key Not Deleted : [x64] HKCU\Software\USyndication
[!] Key Not Deleted : [x64] HKCU\Software\SereneScreen
[!] Key Not Deleted : [x64] HKCU\Software\Linkey
[-] Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]

***** [ Web browsers ] *****


*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6876 bytes] ##########

[Márty84]

Fajn, pokracujte s MBAM

[Matthi]

tak to trochu trvalo , nize posilam

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 20.9.2015
Čas skenování: 20:06
Protokol: vysledek.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.09.20.03
Databáze rootkitů: v2015.09.18.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Zbynda

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 1180187
Uplynulý čas: 4 hod, 19 min, 14 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 5
PUP.Optional.Bundler, HKU\S-1-5-21-3550665229-1753511206-2917141256-1004_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, , [1c074de586058da953871d1b3bcad030],
PUP.Optional.Bundler, HKU\S-1-5-21-3550665229-1753511206-2917141256-1004_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, , [1c074de586058da953871d1b3bcad030],
PUP.Optional.MindSpark, HKU\S-1-5-21-3550665229-1753511206-2917141256-1003\SOFTWARE\APPDATALOW\SOFTWARE\MarineAquarium3Free_57, , [a87bc56d7813fc3a4a87367110f440c0],
PUP.Optional.MindSpark, HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\SOFTWARE\APPDATALOW\SOFTWARE\MarineAquarium3Free_57, , [37ec44eedab18caaa32ef0b7d43048b8],
PUP.Optional.MindSpark, HKU\S-1-5-21-3550665229-1753511206-2917141256-1005\SOFTWARE\APPDATALOW\SOFTWARE\MarineAquarium3Free_57, , [cf5466cc32591d19527f1196e91b748c],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 46
JokeTool.Stressreducer, D:\Hanka\Hry\potrestanie-obrazovky\potrestanie.exe, , [d05359d9abe079bd9950535421e138c8],
Trojan.Agent, H:\Hry\Hry nove 2013\Call of duty 2\Call-of-duty-2-keygen.exe, , [2201f2405b30da5c98a10c2960a2d42c],
Malware.Packer.Krunchy, H:\Hry\Hry nove 2013\pat-a-mat-hra-game\NFOviewer.exe, , [f42f50e21f6c87af5ed46ff920e06c94],
Trojan.Agent, H:\Hry\Warcraft III\warcraft3 keygen.exe, , [6cb749e9cdbe3bfb3a45af71c63c23dd],
Adware.Agent, C:\C\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\QM27UUNN\upgrade[1] (2).cab, , [32f1dd554249dc5abd1825f841c4c63a],
Adware.Agent, C:\C\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\QM27UUNN\upgrade[1].cab, , [9e85e44edcaf5adcb12421fcd82d956b],
PUP.Optional.OptimizePro, C:\AdwCleaner\Quarantine\C\Users\Zbynda\AppData\Local\Temp\OptimizerPro.exe.vir, , [66bdf43e652671c5115eb2a6e917e31d],
PUP.Optional.APNToolBar, C:\Users\Hanka\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A270VS3L\PIPInstaller_PTV_[1].exe, , [6fb477bb206b8fa7e07518a16899c13f],
PUP.Optional.InstallRex, C:\Users\Hanka\AppData\Local\Temp\vjkTAe45.exe.part, , [3be809295f2ca49289309423926f9070],
PUP.Optional.MusicToolBar, C:\Users\Hanka\AppData\Local\Temp\wDP1RWnB.exe.part, , [74af92a0cdbe3afcde07b4096d94a957],
PUP.Optional.OpenCandy, C:\Users\Hanka\AppData\Local\Temp\DTLite4461-0328.exe, , [24ff9a98fe8d90a66b15b0e813f2da26],
PUP.Optional.SofTonic, C:\Users\Hanka\AppData\Local\Temp\KMP_3.4.0.59.exe, , [b46f250dc2c9eb4b751a576860a1e020],
PUP.Optional.SofTonic, C:\Users\Hanka\AppData\Local\Temp\KMP_3.6.0.87.exe, , [b96a959ddbb01026ce142d8ba75ac739],
PUP.Optional.SofTonic, C:\Users\Hanka\AppData\Local\Temp\KMP_3.7.0.109.exe, , [fc27959de1aaff37ecf6eeca70911ae6],
PUP.Optional.SofTonic, C:\Users\Hanka\AppData\Local\Temp\KMP_3.8.0.120.exe, , [fa29cf638efdbc7ab9d60eb19c65e719],
PUP.Optional.SofTonic, C:\Users\Hanka\AppData\Local\Temp\KMP_3.9.0.124.exe, , [51d242f091fadf5768278a35ae53e61a],
PUP.Optional.SofTonic, C:\Users\Hanka\AppData\Local\Temp\KMP_3.9.0.126.exe, , [b56e1c1627640531c122cfe9c63b4eb2],
PUP.Optional.Bundler, C:\Users\Hanka\AppData\Local\Temp\f779E78D.exe, , [1c074de586058da953871d1b3bcad030],
PUP.Optional.APNToolBar, C:\Users\Hanka\AppData\Local\Temp\nsdF187.tmp-2\APN_ATU3_.exe, , [f72c42f0f29962d4ba9b3881e61b36ca],
PUP.Optional.APNToolBar, C:\Users\Hanka\AppData\Local\Temp\nsfC9AE.tmp-2\APN_ATU3_.exe, , [fb28f240404b41f586cf02b77f8204fc],
PUP.Optional.APNToolBar, C:\Users\Hanka\AppData\Local\Temp\nsm1150.tmp-2\APN_ATU3_.exe, , [38ebee444d3e5fd7e174992015eca15f],
PUP.Optional.Bundler, C:\Users\Hanka\AppData\Local\Temp\Bf824\temp\DDLValley.rocks_Greys.Anatomy.S11E07.720p.HDTV.X264-DIMENSION.mkv.exe, , [c261af836328fb3beaf0d860e12428d8],
PUP.Optional.InstallRex, C:\Users\Hanka\Downloads\Hermanos Inglesos - Wanderland feat MeMe.exe, , [190acc663b504ceaf6c3eccb907104fc],
PUP.Optional.Bundler, C:\Users\Hanka\Downloads\DDLValley.rocks_Greys.Anatomy.S11E07.720p.HDTV.X264-DIMENSION.mkv.exe, , [6eb5939f454616204595f64272931ce4],
PUP.Optional.SofTonic, C:\Users\Romca\AppData\Local\Temp\KMP_3.4.0.59.exe, , [b46fb082b9d254e2e0af02bdaa57b34d],
PUP.Optional.Somoto, C:\Users\Zbynda\AppData\Local\Application Data\Bundled software uninstaller\biclient.exe, , [44dfc86a117abe783569f4cbc53c7c84],
PUP.Optional.BrowseFox, C:\Users\Zbynda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IXRR1WVU\EnhanceEmpire_20140718105110_1626[1].exe, , [a083dc56642774c24e955337ed140ef2],
PUP.Optional.APNToolBar, C:\Users\Zbynda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LX4AD04A\Offercast2802_PTV_[1].exe, , [b17273bfa5e6b08600556b4e04fdad53],
PUP.Optional.SettingsManager, C:\Users\Zbynda\AppData\Local\Temp\SettingsManagerSetup.exe, , [f3303cf65437c670a49f6c5334cdd12f],
PUP.Optional.SweetIM, C:\Users\Zbynda\AppData\Local\Temp\BundleSweetIMSetup.exe, , [7aa965cd72190a2cec14b3a66799a759],
PUP.Optional.Somoto, C:\Users\Zbynda\AppData\Local\Temp\UpdateCheckerSetup.exe, , [d54e5fd3c7c4c86e5942ba051be633cd],
Adware.InstallBrain, C:\Users\Zbynda\AppData\Local\Temp\UPDF1034143.exe, , [e53e43efe8a394a2cfc8e6fb7f81ec14],
PUP.Optional.SofTonic, C:\Users\Zbynda\AppData\Local\Temp\KMP_3.3.0.33.exe, , [958e280a7813ec4ad9b69d22bf4217e9],
PUP.Optional.SofTonic, C:\Users\Zbynda\AppData\Local\Temp\KMP_3.4.0.59.exe, , [c063e84aa1ea66d04b44ebd424dde31d],
PUP.Optional.SofTonic, C:\Users\Zbynda\AppData\Local\Temp\KMP_3.6.0.87.exe, , [9d86e44ea0eb71c5d50d5c5c52afb44c],
PUP.Optional.SofTonic, C:\Users\Zbynda\AppData\Local\Temp\KMP_3.8.0.121.exe, , [c3609999bdce00361c73d7e8837e659b],
PUP.Optional.SofTonic, C:\Users\Zbynda\AppData\Local\Temp\KMP_3.9.0.124.exe, , [31f246ec3556c5710c83dae5dd24fb05],
PUP.Optional.SofTonic, C:\Users\Zbynda\AppData\Local\Temp\KMP_3.9.0.125.exe, , [0e159e94f7940e28f19ea7187c85dd23],
Adware.InstallBrain, C:\Users\Zbynda\AppData\Local\Temp\yph+2XUN.exe.part, , [0d1681b1008bdf57e3b423be08f806fa],
PUP.Optional.APNToolBar, C:\Users\Zbynda\AppData\Local\Temp\PIPInstaller_PTV_.exe, , [5ec5cd65e5a670c634215168e91826da],
PUP.Optional.FileScout, C:\Users\Zbynda\AppData\Local\Temp\ibtmpe0c3674\component_600, , [958edc567b1063d381d56b501de46c94],
PUP.Optional.7Go, C:\Users\Zbynda\AppData\Local\Temp\ibtmpe0c3674\component_613, , [d35062d0286354e2aa8b9b1eea17b34d],
PUP.Optional.BestToolBars, C:\Users\Zbynda\AppData\Local\Temp\ibtmpe0c3674\component_652, , [eb38310198f3d660225a4c6ddc25a65a],
PUP.Optional.BitCoinMiner, C:\Windows\SysWOW64\acumncpeqq.exe, , [c06341f12467eb4b95720a8fc63c26da],
Trojan.BitCoinMiner, C:\Windows\SysWOW64\dcgmncpeqq.exe, , [ca59230f6229ed490d387920c63c8b75],
PUP.BitCoinMiner, C:\Windows\SysWOW64\lcpmncpeqq.exe, , [d74c151da7e4db5bd14a45a029d7be42],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)

[Márty84]

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

[Matthi]

Tak uspesne dokonceno a zadna nova hrozba

[Márty84]

MBAM muzete odinstalovat.

Dejte novy log z RSIT

a k tomu

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

[Matthi]

tak prikladam:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Zbynda at 2015-09-21 20:43:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 39 GB (13%) free of 305 GB
Total RAM: 8174 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:11, on 21.9.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)
Boot mode: Normal

Running processes:
C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe
C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
C:\Program Files\trend micro\Zbynda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 159.253.18.161 account.tera-europe.com
O1 - Hosts: 159.253.18.161 download.frogster-online.com
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [WindowsDriverScan86] C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk
O4 - HKLM\..\Run: [WindowsDriverScan64] C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [20150107] C:\Program Files\AVAST Software\Avast\setup\emupdate\7d08095b-416a-465b-810e-9635b42a7bb6.exe /check
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3550665229-1753511206-2917141256-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3550665229-1753511206-2917141256-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-3550665229-1753511206-2917141256-1004\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User 'Hanka')
O4 - HKUS\S-1-5-21-3550665229-1753511206-2917141256-1005\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun (User 'Romca')
O4 - S-1-5-21-3550665229-1753511206-2917141256-1004 Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (User 'Hanka')
O4 - S-1-5-21-3550665229-1753511206-2917141256-1004 User Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (User 'Hanka')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BlackBerry Device Manager - BlackBerry Limited - C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - H:\Games\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12325 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2164
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\servicing\TrustedInstaller.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/Zbynda/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4420 CREDAT:267521 /prefetch:2

"C:\Program Files\Internet Explorer\iexplore.exe"
C:\Windows\system32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4384 CREDAT:726312 /prefetch:2
"taskhost.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="4612.0.1947081635\2038111797" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 4612 "\\.\pipe\gecko-crash-server-pipe.4612" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe" --proxy-stub-channel=Flash5920.62ABD388.32091 --host-broker-channel=Flash5920.62ABD388.13067 --host-pid=5920 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe" --channel=5400.0030F714.1789602625 --proxy-stub-channel=Flash5920.62ABD388.32091 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll" --host-npapi-version=28 --type=renderer
"C:\Users\Zbynda\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Zbynda\AppData\Roaming\Mozilla\Firefox\Profiles\iws04ci7.default-1436811615587

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe� Flash� Player 19.0.0.185 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]
"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers
"Path"=C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe� Flash� Player 19.0.0.185 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.60.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.60.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program F [2012-09-01 6516280]
"Akamai NetSession Interface"=C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe [2015-07-23 4691384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program F [2012-09-01 6516280]
"RIMBBLaunchAgent.exe"=C:\Program F [2012-09-01 6516280]
"WindowsDriverScan86"=C:\Program F [2012-09-01 6516280]
"WindowsDriverScan64"=C:\Program F [2012-09-01 6516280]
"amd_dc_opt"=C:\Program F [2012-09-01 6516280]
"SunJavaUpdateSched"=C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"20150107"=C:\Program F [2012-09-01 6516280]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-20 20:04:23 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-09-20 20:04:13 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-09-20 20:04:13 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-09-20 20:04:12 ----D---- C:\ProgramData\Malwarebytes
2015-09-20 20:04:12 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-20 20:04:12 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-09-20 13:45:05 ----D---- C:\AdwCleaner
2015-09-20 08:39:57 ----D---- C:\Program Files\trend micro
2015-09-20 08:39:56 ----D---- C:\rsit
2015-09-20 08:31:27 ----D---- C:\FRST
2015-09-11 18:28:41 ----D---- C:\Program Files (x86)\Razer
2015-09-11 18:28:39 ----D---- C:\ProgramData\Razer
2015-09-09 11:12:45 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-09-09 11:12:45 ----A---- C:\Windows\system32\jnwmon.dll
2015-09-09 11:12:45 ----A---- C:\Windows\system32\InkEd.dll
2015-09-09 11:12:44 ----A---- C:\Windows\system32\schedsvc.dll
2015-09-09 11:12:35 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-09-09 11:12:35 ----A---- C:\Windows\system32\tzres.dll
2015-09-09 11:12:31 ----A---- C:\Windows\system32\dwmcore.dll
2015-09-09 11:12:30 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-09-09 11:12:30 ----A---- C:\Windows\SYSWOW64\dwmapi.dll
2015-09-09 11:12:30 ----A---- C:\Windows\system32\dwmapi.dll
2015-09-09 11:12:19 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-09-09 11:12:19 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-09-09 11:12:18 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-09-09 11:12:18 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 11:12:18 ----A---- C:\Windows\system32\iernonce.dll
2015-09-09 11:12:18 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-09-09 11:12:18 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-09-09 11:12:18 ----A---- C:\Windows\system32\ie4uinit.exe
2015-09-09 11:12:17 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-09-09 11:12:17 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-09-09 11:12:17 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-09-09 11:12:17 ----A---- C:\Windows\system32\urlmon.dll
2015-09-09 11:12:17 ----A---- C:\Windows\system32\iedkcs32.dll
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-09-09 11:12:16 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-09-09 11:12:16 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 11:12:16 ----A---- C:\Windows\system32\msfeeds.dll
2015-09-09 11:12:16 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 11:12:16 ----A---- C:\Windows\system32\dxtrans.dll
2015-09-09 11:12:15 ----A---- C:\Windows\system32\iesetup.dll
2015-09-09 11:12:15 ----A---- C:\Windows\system32\iertutil.dll
2015-09-09 11:12:15 ----A---- C:\Windows\system32\ieapfltr.dll
2015-09-09 11:12:14 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-09-09 11:12:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-09-09 11:12:14 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-09-09 11:12:14 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-09-09 11:12:14 ----A---- C:\Windows\system32\vbscript.dll
2015-09-09 11:12:14 ----A---- C:\Windows\system32\jsproxy.dll
2015-09-09 11:12:14 ----A---- C:\Windows\system32\ieUnatt.exe
2015-09-09 11:12:13 ----A---- C:\Windows\system32\ieui.dll
2015-09-09 11:12:13 ----A---- C:\Windows\system32\ieframe.dll
2015-09-09 11:12:13 ----A---- C:\Windows\system32\dxtmsft.dll
2015-09-09 11:12:12 ----A---- C:\Windows\system32\wininet.dll
2015-09-09 11:12:12 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-09-09 11:12:12 ----A---- C:\Windows\system32\mshtmled.dll
2015-09-09 11:12:12 ----A---- C:\Windows\system32\jscript9diag.dll
2015-09-09 11:12:12 ----A---- C:\Windows\system32\jscript9.dll
2015-09-09 11:12:12 ----A---- C:\Windows\system32\jscript.dll
2015-09-09 11:12:11 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-09-09 11:12:10 ----A---- C:\Windows\system32\msrating.dll
2015-09-09 11:12:09 ----A---- C:\Windows\system32\mshtml.dll
2015-09-09 11:11:38 ----A---- C:\Windows\system32\UtcResources.dll
2015-09-09 11:11:38 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-09-09 11:11:38 ----A---- C:\Windows\system32\diagtrack.dll
2015-09-09 11:11:37 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-09-09 11:11:37 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-09-09 11:11:37 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-09-09 11:11:37 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-09-09 11:11:37 ----A---- C:\Windows\system32\tdh.dll
2015-09-09 11:11:37 ----A---- C:\Windows\system32\ntdll.dll
2015-09-09 11:11:37 ----A---- C:\Windows\system32\KernelBase.dll
2015-09-09 11:11:37 ----A---- C:\Windows\system32\kernel32.dll
2015-09-09 11:11:37 ----A---- C:\Windows\system32\advapi32.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 11:11:36 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-09-09 11:11:36 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\wow64win.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\wow64cpu.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\wow64.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\winsrv.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\wdigest.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\TSpkg.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\sspisrv.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\sspicli.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\srcore.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\srclient.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\smss.exe
2015-09-09 11:11:36 ----A---- C:\Windows\system32\schannel.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\secur32.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\rstrui.exe
2015-09-09 11:11:36 ----A---- C:\Windows\system32\rpcrt4.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\ntvdm64.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\ncrypt.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\msv1_0.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\lsass.exe
2015-09-09 11:11:36 ----A---- C:\Windows\system32\lsasrv.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\kerberos.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-09-09 11:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-09-09 11:11:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-09-09 11:11:36 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-09-09 11:11:36 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-09-09 11:11:36 ----A---- C:\Windows\system32\csrsrv.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\cryptbase.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\credssp.dll
2015-09-09 11:11:36 ----A---- C:\Windows\system32\conhost.exe
2015-09-09 11:11:36 ----A---- C:\Windows\system32\auditpol.exe
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 11:11:35 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 11:11:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 11:11:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 11:11:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 11:11:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 11:11:34 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 11:11:34 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-09-09 11:11:34 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-09-09 11:11:34 ----A---- C:\Windows\system32\apisetschema.dll
2015-09-09 11:11:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 11:11:33 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 11:11:33 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 11:11:33 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 11:11:32 ----A---- C:\Windows\SYSWOW64\user.exe
2015-09-09 11:11:30 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-09-09 11:11:30 ----A---- C:\Windows\system32\adtschema.dll
2015-09-09 11:11:29 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-09-09 11:11:29 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-09-09 11:11:29 ----A---- C:\Windows\system32\msobjs.dll
2015-09-09 11:11:29 ----A---- C:\Windows\system32\msaudite.dll
2015-09-09 11:11:03 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-09-09 11:11:03 ----A---- C:\Windows\system32\consent.exe
2015-09-09 11:11:03 ----A---- C:\Windows\system32\authui.dll
2015-09-09 11:11:03 ----A---- C:\Windows\system32\appinfo.dll
2015-09-09 11:10:56 ----A---- C:\Windows\system32\msxml6.dll
2015-09-09 11:10:56 ----A---- C:\Windows\system32\msxml3.dll
2015-09-09 11:10:55 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2015-09-09 11:10:55 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-09-09 11:10:55 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-09-09 11:10:55 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-09-09 11:10:55 ----A---- C:\Windows\system32\msxml6r.dll
2015-09-09 11:10:55 ----A---- C:\Windows\system32\msxml3r.dll
2015-09-09 11:10:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 11:10:31 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-09-09 11:10:31 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-09-09 11:10:31 ----A---- C:\Windows\system32\drivers\appid.sys
2015-09-09 11:10:31 ----A---- C:\Windows\system32\appidsvc.dll
2015-09-09 11:10:31 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 11:10:31 ----A---- C:\Windows\system32\appidapi.dll
2015-09-09 11:10:15 ----A---- C:\Windows\system32\win32k.sys
2015-09-09 11:10:14 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-09-09 11:10:14 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-09-09 11:10:14 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-09-09 11:10:14 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-09-09 11:10:14 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-09-09 11:10:14 ----A---- C:\Windows\system32\lpk.dll
2015-09-09 11:10:14 ----A---- C:\Windows\system32\fontsub.dll
2015-09-09 11:10:14 ----A---- C:\Windows\system32\dciman32.dll
2015-09-09 11:10:14 ----A---- C:\Windows\system32\atmlib.dll
2015-09-09 11:10:14 ----A---- C:\Windows\system32\atmfd.dll
2015-09-09 11:10:07 ----A---- C:\Windows\system32\wuaueng.dll
2015-09-09 11:10:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-09-09 11:10:06 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-09-09 11:10:06 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-09-09 11:10:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-09-09 11:10:06 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wuwebv.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wups2.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wups.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wudriver.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wucltux.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wuauclt.exe
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wuapp.exe
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wuapi.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 11:10:06 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-09-06 11:36:03 ----D---- C:\Users\Zbynda\AppData\Roaming\Trove
2015-09-02 10:18:37 ----ASH---- C:\pagefile.sys
2015-08-30 13:49:52 ----D---- C:\Users\Zbynda\AppData\Roaming\Sun
2015-08-30 10:17:39 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-30 09:57:59 ----A---- C:\Windows\system32\drivers\ngvss.sys
2015-08-30 09:57:27 ----A---- C:\Windows\system32\aswBoot.exe
2015-08-30 09:56:19 ----A---- C:\Windows\avastSS.scr
2015-08-25 21:49:07 ----RD---- C:\Program Files (x86)\Skype

======List of files/folders modified in the last 1 month======

2015-09-21 20:43:11 ----D---- C:\Windows\Prefetch
2015-09-21 20:43:10 ----D---- C:\Windows\Temp
2015-09-21 20:22:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-09-21 13:32:40 ----D---- C:\Windows\system32\config
2015-09-21 13:28:40 ----D---- C:\ProgramData\NVIDIA
2015-09-21 13:28:27 ----D---- C:\Windows\system32\drivers
2015-09-21 13:26:58 ----D---- C:\Windows\SysWOW64
2015-09-20 20:04:12 ----RD---- C:\Program Files (x86)
2015-09-20 20:04:12 ----HD---- C:\ProgramData
2015-09-20 13:48:18 ----D---- C:\Program Files (x86)\Steam
2015-09-20 08:39:57 ----D---- C:\Program Files
2015-09-20 08:37:22 ----D---- C:\Windows
2015-09-19 20:47:14 ----D---- C:\Windows\system32\catroot2
2015-09-19 11:20:57 ----D---- C:\Users\Zbynda\AppData\Roaming\Skype
2015-09-19 11:19:53 ----SHD---- C:\Windows\Installer
2015-09-19 11:19:33 ----D---- C:\ProgramData\Skype
2015-09-18 19:01:36 ----SHD---- C:\System Volume Information
2015-09-17 10:29:36 ----D---- C:\Windows\System32
2015-09-17 10:29:36 ----D---- C:\Windows\inf
2015-09-17 10:29:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-09-15 22:12:13 ----D---- C:\Windows\Microsoft.NET
2015-09-15 22:11:28 ----RSD---- C:\Windows\assembly
2015-09-15 21:36:02 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-09-15 21:33:10 ----D---- C:\Program Files\Microsoft Office 15
2015-09-13 07:51:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-09-10 00:10:50 ----D---- C:\ProgramData\Package Cache
2015-09-09 14:33:18 ----D---- C:\Windows\rescache
2015-09-09 13:20:52 ----D---- C:\Windows\winsxs
2015-09-09 13:15:23 ----D---- C:\Program Files\Windows Journal
2015-09-09 13:15:22 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-09-09 13:15:22 ----D---- C:\Windows\system32\cs-CZ
2015-09-09 13:15:22 ----D---- C:\Windows\ehome
2015-09-09 13:15:21 ----D---- C:\Program Files\Internet Explorer
2015-09-09 13:15:20 ----D---- C:\Windows\SYSWOW64\en-US
2015-09-09 13:15:18 ----D---- C:\Windows\system32\en-US
2015-09-09 13:15:18 ----D---- C:\Windows\PolicyDefinitions
2015-09-09 13:15:15 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-09 13:15:07 ----D---- C:\Windows\AppPatch
2015-09-09 13:15:03 ----D---- C:\Windows\system32\Boot
2015-09-09 11:46:44 ----D---- C:\Windows\system32\MRT
2015-08-31 11:29:13 ----D---- C:\Windows\SYSWOW64\vbox
2015-08-31 11:29:13 ----D---- C:\Windows\system32\vbox
2015-08-31 10:40:17 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-30 13:50:34 ----D---- C:\Program Files (x86)\Common Files
2015-08-30 13:49:21 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-08-30 13:48:38 ----D---- C:\Program Files\Java
2015-08-30 09:59:08 ----D---- C:\Windows\system32\Tasks
2015-08-26 18:37:02 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-08-30 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-08-30 274808]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-08-30 115152]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-08-30 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-08-30 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-08-30 447944]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-02-09 283200]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-08-30 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-08-30 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-08-30 150672]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2012-03-17 42696]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program F [2012-09-01 6516280]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-06-18 25816]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-10-27 196384]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-06-08 82816]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [2012-12-10 44544]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2012-03-17 310728]
S3 1394hub;1394 Enabled Hub; C:\Windows\syswow64\svchost.exe [2009-07-14 20992]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-06-18 63704]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2013-12-02 79872]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program F [2012-09-01 6516280]
R2 avast! Antivirus;Avast Antivirus; C:\Program F [2012-09-01 6516280]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program F [2012-09-01 6516280]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2015-04-17 76888]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2015-08-11 189248]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program F [2012-09-01 6516280]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program F [2012-09-01 6516280]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program F [2012-09-01 6516280]
R3 BlackBerry Device Manager;BlackBerry Device Manager; C:\Program F [2012-09-01 6516280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 MBAMService;MBAMService; C:\Program F [2012-09-01 6516280]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program F [2012-09-01 6516280]
S2 SkypeUpdate;Skype Updater; C:\Program F [2012-09-01 6516280]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21 269000]
S3 IDriverT;InstallDriver Table Manager; C:\Program F [2012-09-01 6516280]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-08-15 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program F [2012-09-01 6516280]
S3 Origin Client Service;Origin Client Service; H:\Games\Origin\OriginClientService.exe [2015-08-11 2007048]
S3 ose;Office Source Engine; C:\Program F [2012-09-01 6516280]
S3 osppsvc;Office Software Protection Platform; C:\Program F [2012-09-01 6516280]
S3 Steam Client Service;Steam Client Service; C:\Program F [2012-09-01 6516280]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-04 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Matthi]

+ log

can result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by Zbynda (administrator) on MATTHI (21-09-2015 20:49:36)
Running from C:\Users\Zbynda\Desktop
Loaded Profiles: Zbynda & UpdatusUser & Hanka & Romca (Available Profiles: Zbynda & UpdatusUser & Hanka & Romca)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Akamai Technologies, Inc.) C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_18_0_0_232_ActiveX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(forum.viry.cz) C:\Users\Zbynda\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-30] (AVAST Software)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-01-21] (BlackBerry Limited)
HKLM-x32\...\Run: [WindowsDriverScan86] => C:\Program Files (x86)\Adobe Arkalis\Arkalis86.lnk
HKLM-x32\...\Run: [WindowsDriverScan64] => C:\Program Files (x86)\Adobe Arkalis\Arkalis.lnk
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\7d08095b-416a-465b-810e-9635b42a7bb6.exe [183232 2015-09-21] (AVAST Software)
HKU\S-1-5-21-3550665229-1753511206-2917141256-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3550665229-1753511206-2917141256-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3550665229-1753511206-2917141256-1005\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-30] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation)
Startup: C:\Users\Hanka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2012-03-06]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{5F10931D-0407-41ED-A892-F821C58BAB24}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Internet Explorer:
==================
HKU\S-1-5-21-3550665229-1753511206-2917141256-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.reerd.com
HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
SearchScopes: HKU\S-1-5-21-3550665229-1753511206-2917141256-1004 -> {097406EF-5EE7-4BEC-8BF5-E8570D1C18FF} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=PTV&o=15184&src=kw&q={searchTerms}&locale=&apn_ptnrs=^RY&apn_dtid=^YYYYYY^V3^CZ&apn_uid=5db9c517-0c13-4b22-a5b0-d71c6287aec4&apn_sauid=E4111E80-A304-4ECF-840A-5333F2A1AD90
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-30] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-08-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-30] (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-08-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-08-12] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Zbynda\AppData\Roaming\Mozilla\Firefox\Profiles\iws04ci7.default-1436811615587
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-25] (ESN Social Software AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-08-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-03-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-03-14] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2014-01-30] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3550665229-1753511206-2917141256-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Zbynda\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-29] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3550665229-1753511206-2917141256-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-05-05] (The Happy Cloud)
FF Plugin HKU\S-1-5-21-3550665229-1753511206-2917141256-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-09-09] ()
FF Plugin HKU\S-1-5-21-3550665229-1753511206-2917141256-1004: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Hanka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3550665229-1753511206-2917141256-1005: @nsroblox.roblox.com/launcher -> C:\Users\Romca\AppData\Local\Roblox\Versions\version-b155910bba974e13\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3550665229-1753511206-2917141256-1005: @nsroblox.roblox.com/launcher64 -> C:\Users\Romca\AppData\Local\Roblox\Versions\version-b155910bba974e13\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-3550665229-1753511206-2917141256-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Romca\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-02]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-30] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-30] (Avast Software)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2768472 2015-08-11] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Origin Client Service; H:\Games\Origin\OriginClientService.exe [2007048 2015-08-11] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-04-17] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2015-08-11] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394hub; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-30] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-30] (AVAST Software)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2012-03-17] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-09] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2012-03-17] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-30] (AVAST Software)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-30] (Avast Software)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-21 20:49 - 2015-09-21 20:49 - 00018359 _____ C:\Users\Zbynda\Desktop\FRST.txt
2015-09-21 20:47 - 2015-09-21 20:48 - 00112640 _____ (forum.viry.cz) C:\Users\Zbynda\Desktop\FRSTLauncher.exe
2015-09-21 06:45 - 2015-09-21 06:45 - 00007850 _____ C:\Users\Zbynda\Desktop\vysledek.txt
2015-09-20 20:04 - 2015-09-21 14:15 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-20 20:04 - 2015-09-20 20:04 - 00001117 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-20 20:04 - 2015-09-20 20:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-20 20:04 - 2015-09-20 20:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-20 20:04 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-09-20 20:04 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-09-20 20:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-09-20 20:03 - 2015-09-20 20:03 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Zbynda\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-20 13:45 - 2015-09-20 19:54 - 00000000 ____D C:\AdwCleaner
2015-09-20 13:44 - 2015-09-20 13:44 - 01662976 _____ C:\Users\Zbynda\Desktop\adwcleaner_5.008.exe
2015-09-20 08:39 - 2015-09-21 20:43 - 00000000 ____D C:\Program Files\trend micro
2015-09-20 08:39 - 2015-09-20 08:40 - 00000000 ____D C:\rsit
2015-09-20 08:39 - 2015-09-20 08:39 - 01222144 _____ C:\Users\Zbynda\Desktop\RSITx64.exe
2015-09-20 08:31 - 2015-09-21 20:49 - 00000000 ____D C:\FRST
2015-09-20 08:29 - 2015-09-20 08:29 - 02191360 _____ (Farbar) C:\Users\Zbynda\Desktop\FRST64.exe
2015-09-11 18:37 - 2015-09-12 10:21 - 00000000 ____D C:\Users\Zbynda\AppData\Local\Razer_Inc
2015-09-11 18:37 - 2015-09-11 18:37 - 00000000 ____D C:\Users\Zbynda\Documents\Razer
2015-09-11 18:30 - 2015-09-19 11:20 - 00000000 ____D C:\Users\Zbynda\AppData\Local\Razer
2015-09-11 18:28 - 2015-09-19 11:19 - 00000000 ____D C:\ProgramData\Razer
2015-09-11 18:28 - 2015-09-19 11:19 - 00000000 ____D C:\Program Files (x86)\Razer
2015-09-10 00:11 - 2015-09-10 00:11 - 00000000 ____D C:\Users\Zbynda\Documents\WB Games
2015-09-09 22:54 - 2015-09-09 22:54 - 00000222 _____ C:\Users\Zbynda\Desktop\Mad Max.url
2015-09-09 11:12 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-09 11:12 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-09 11:12 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-09 11:12 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-09 11:12 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-09 11:12 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-09 11:12 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-09 11:12 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-09 11:12 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-09 11:12 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-09 11:12 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-09 11:12 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-09 11:12 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-09 11:12 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-09 11:12 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-09 11:12 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-09 11:12 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-09 11:12 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-09 11:12 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-09 11:12 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-09 11:12 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-09 11:12 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-09 11:12 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-09 11:12 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-09 11:12 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-09 11:12 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-09 11:12 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-09 11:12 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-09 11:12 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-09 11:12 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-09 11:12 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-09 11:12 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-09 11:12 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-09 11:12 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-09 11:12 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-09 11:12 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-09 11:12 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-09 11:12 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-09 11:12 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-09 11:12 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-09 11:12 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-09 11:12 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-09 11:12 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-09 11:12 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-09 11:12 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-09 11:12 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-09 11:12 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-09 11:12 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-09 11:12 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-09 11:12 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-09 11:12 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-09 11:12 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-09 11:12 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-09 11:12 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-09 11:12 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-09 11:12 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-09 11:12 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-09 11:12 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-09 11:12 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-09 11:12 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-09 11:12 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-09 11:12 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-09 11:12 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-09 11:12 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-09 11:12 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-09 11:12 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-09 11:12 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-09 11:12 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-09 11:12 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-09 11:12 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-09 11:11 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-09 11:11 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-09 11:11 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-09 11:11 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-09 11:11 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-09 11:11 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-09 11:11 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-09 11:11 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-09 11:11 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-09 11:11 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-09 11:11 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-09 11:11 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-09 11:11 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-09 11:11 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-09 11:11 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-09 11:11 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-09 11:11 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-09 11:11 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-09 11:11 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-09 11:11 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-09 11:11 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-09 11:11 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-09 11:11 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-09 11:11 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-09 11:11 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-09 11:11 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-09 11:11 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-09 11:11 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-09 11:11 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-09 11:11 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-09 11:11 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-09 11:11 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-09 11:11 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-09 11:11 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-09 11:11 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-09 11:11 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-09 11:11 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-09 11:11 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-09 11:11 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-09 11:11 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-09 11:11 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-09 11:10 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-09 11:10 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-09 11:10 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-09 11:10 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-09 11:10 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-09 11:10 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-09 11:10 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-09 11:10 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-09 11:10 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-09 11:10 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-09 11:10 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-09 11:10 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-09 11:10 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-09 11:10 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-09 11:10 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-09 11:10 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-09 11:10 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-09 11:10 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-09 11:10 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-09 11:10 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-09 11:10 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-09 11:10 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-09 11:10 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-09 11:10 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-09 11:10 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-09 11:10 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-09 11:10 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-09 11:10 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-09 11:10 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-09 11:10 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-09 11:10 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-09 11:10 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-09 11:10 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-09 11:10 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-09 11:10 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-09 11:10 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-09 11:10 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-09 11:10 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-09 11:10 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-09 11:10 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-09 11:10 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-09 11:10 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-09 11:10 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-09 11:10 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-07 10:40 - 2015-09-07 10:40 - 00000000 ____D C:\Users\Hanka\AppData\Local\CEF
2015-09-06 11:36 - 2015-09-06 11:36 - 00000000 ____D C:\Users\Zbynda\AppData\Roaming\Trove
2015-09-06 11:14 - 2015-09-06 11:14 - 00000222 _____ C:\Users\Zbynda\Desktop\Trove.url
2015-08-30 21:20 - 2015-08-30 21:20 - 00000000 ____D C:\Users\Hanka\AppData\Roaming\Sun
2015-08-30 21:20 - 2015-08-30 21:20 - 00000000 ____D C:\Users\Hanka\.oracle_jre_usage
2015-08-30 13:49 - 2015-08-30 13:49 - 00000000 ____D C:\Users\Zbynda\AppData\Roaming\Sun
2015-08-30 13:49 - 2015-08-30 13:49 - 00000000 ____D C:\Users\Zbynda\.oracle_jre_usage
2015-08-30 10:17 - 2015-08-31 10:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-30 09:57 - 2015-08-30 09:56 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-30 09:57 - 2015-08-30 09:55 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-08-30 09:56 - 2015-08-30 09:56 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-25 21:49 - 2015-08-25 21:49 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-25 21:49 - 2015-08-25 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-09-21 20:22 - 2013-01-13 17:28 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 20:22 - 2013-01-13 17:28 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-21 20:22 - 2012-04-03 19:17 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-21 20:22 - 2012-03-06 20:06 - 00000000 ____D C:\Users\Zbynda\AppData\Local\Adobe
2015-09-21 20:22 - 2012-03-02 20:52 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-21 20:10 - 2012-03-02 19:43 - 01956350 _____ C:\Windows\WindowsUpdate.log
2015-09-21 13:42 - 2009-07-14 06:45 - 00028144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-21 13:42 - 2009-07-14 06:45 - 00028144 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-21 13:28 - 2012-03-02 20:22 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-21 13:28 - 2010-11-21 05:47 - 00440838 _____ C:\Windows\PFRO.log
2015-09-21 13:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-21 13:28 - 2009-07-14 06:51 - 00209915 _____ C:\Windows\setupact.log
2015-09-20 13:48 - 2013-10-15 21:26 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-19 11:20 - 2012-03-04 20:40 - 00000000 ____D C:\Users\Zbynda\AppData\Roaming\Skype
2015-09-19 11:19 - 2012-03-04 20:39 - 00000000 ____D C:\ProgramData\Skype
2015-09-19 10:25 - 2012-12-23 09:30 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-09-17 10:29 - 2011-04-12 10:34 - 00668882 _____ C:\Windows\system32\perfh005.dat
2015-09-17 10:29 - 2011-04-12 10:34 - 00141542 _____ C:\Windows\system32\perfc005.dat
2015-09-17 10:29 - 2009-07-14 07:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-15 21:33 - 2013-08-01 21:43 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-13 07:51 - 2012-03-02 20:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-12 10:13 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-09-10 00:10 - 2014-12-27 00:44 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-09 14:33 - 2015-06-10 09:43 - 00000000 ____D C:\Windows\rescache
2015-09-09 13:20 - 2009-07-14 06:45 - 00535560 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 13:15 - 2011-04-12 10:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 13:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-09 11:46 - 2013-08-17 02:22 - 00000000 ____D C:\Windows\system32\MRT
2015-08-31 11:29 - 2014-11-30 10:57 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-08-31 11:29 - 2014-11-30 10:57 - 00000000 ____D C:\Windows\system32\vbox
2015-08-31 10:40 - 2013-12-23 21:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-30 21:20 - 2012-03-02 23:07 - 00000000 ____D C:\Users\Hanka
2015-08-30 13:49 - 2014-08-24 09:37 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-08-30 13:49 - 2014-08-24 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-30 13:49 - 2012-03-02 20:07 - 00000000 ____D C:\Users\Zbynda
2015-08-30 13:48 - 2014-08-24 09:37 - 00000000 ____D C:\Program Files\Java
2015-08-30 09:59 - 2012-03-02 20:46 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-30 09:56 - 2014-08-02 08:58 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-30 09:56 - 2014-08-02 08:58 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-30 09:56 - 2013-03-20 19:10 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-30 09:56 - 2013-03-20 19:09 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-30 09:56 - 2012-03-02 20:46 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-30 09:56 - 2012-03-02 20:46 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-30 09:56 - 2012-03-02 20:46 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-26 18:37 - 2012-03-04 12:04 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-25 21:49 - 2012-03-04 20:39 - 00002731 _____ C:\Users\Public\Desktop\Skype.lnk

==================== Files in the root of some directories =======

2014-09-06 19:32 - 2014-09-06 19:32 - 0071327 _____ () C:\Users\Zbynda\AppData\Roaming\icarus-dxdiag.xml
2012-06-08 08:58 - 2012-06-08 08:58 - 0099384 _____ () C:\Users\Zbynda\AppData\Roaming\inst.exe
2015-01-17 00:03 - 2015-01-17 00:03 - 0000098 _____ () C:\Users\Zbynda\AppData\Roaming\LauncherSettings_live.cfg
2012-06-08 08:58 - 2012-06-08 08:58 - 0007859 _____ () C:\Users\Zbynda\AppData\Roaming\pcouffin.cat
2012-06-08 08:58 - 2012-06-08 08:58 - 0001167 _____ () C:\Users\Zbynda\AppData\Roaming\pcouffin.inf
2012-06-08 08:58 - 2012-06-08 08:58 - 0000034 _____ () C:\Users\Zbynda\AppData\Roaming\pcouffin.log
2012-06-08 08:58 - 2012-06-08 08:58 - 0082816 _____ (VSO Software) C:\Users\Zbynda\AppData\Roaming\pcouffin.sys
2012-11-12 20:29 - 2015-08-09 23:38 - 0000462 _____ () C:\Users\Zbynda\AppData\Roaming\Rim.Desktop.Exception.log
2012-11-12 20:26 - 2014-03-13 22:18 - 0003174 _____ () C:\Users\Zbynda\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-11-12 20:29 - 2015-08-09 23:38 - 0000462 _____ () C:\Users\Zbynda\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-03-13 23:19 - 2015-08-09 23:38 - 0000385 _____ () C:\Users\Zbynda\AppData\Roaming\Rim.Transcoder.Exception.log
2015-01-16 23:22 - 2015-01-16 23:24 - 0000040 _____ () C:\Users\Zbynda\AppData\Roaming\TheHunterSettings_steam_live.cfg
2014-03-13 23:19 - 2014-06-20 18:29 - 0004608 _____ () C:\Users\Zbynda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-08-29 20:06 - 2013-03-23 14:03 - 0007600 _____ () C:\Users\Zbynda\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Hanka\AppData\Local\Temp\i4jdel0.exe
C:\Users\Hanka\AppData\Local\Temp\install_flashplayer13x32au_mssd_aaa_aih.exe
C:\Users\Hanka\AppData\Local\Temp\KMP_3.9.1.133.exe
C:\Users\Hanka\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Hanka\AppData\Local\Temp\SIInvoker.exe
C:\Users\Hanka\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Hanka\AppData\Local\Temp\vrgo77dy.dll
C:\Users\Hanka\AppData\Local\Temp\~30EF.exe
C:\Users\Romca\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Romca\AppData\Local\Temp\i4jdel0.exe
C:\Users\Romca\AppData\Local\Temp\i4jdel1.exe
C:\Users\Romca\AppData\Local\Temp\mslwdb66.dll
C:\Users\Zbynda\AppData\Local\Temp\AutoRun.exe
C:\Users\Zbynda\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Zbynda\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Zbynda\AppData\Local\Temp\drm_dyndata_7380007.dll
C:\Users\Zbynda\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Zbynda\AppData\Local\Temp\drm_dyndata_7390005.dll
C:\Users\Zbynda\AppData\Local\Temp\drm_dyndata_7390006.dll
C:\Users\Zbynda\AppData\Local\Temp\EAInstall.dll
C:\Users\Zbynda\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Zbynda\AppData\Local\Temp\GameuxInstallHelper.dll
C:\Users\Zbynda\AppData\Local\Temp\hcuninstaller_20140920_134139_1428.exe
C:\Users\Zbynda\AppData\Local\Temp\htmlayout.dll
C:\Users\Zbynda\AppData\Local\Temp\i4jdel0.exe
C:\Users\Zbynda\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Zbynda\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Zbynda\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\Zbynda\AppData\Local\Temp\jre-8u25-windows-au.exe
C:\Users\Zbynda\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Zbynda\AppData\Local\Temp\KMP_3.9.0.126.exe
C:\Users\Zbynda\AppData\Local\Temp\KMP_4.0.0.0.exe
C:\Users\Zbynda\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Zbynda\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Zbynda\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Zbynda\AppData\Local\Temp\nvStInst.exe
C:\Users\Zbynda\AppData\Local\Temp\ochelper.exe
C:\Users\Zbynda\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Zbynda\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Zbynda\AppData\Local\Temp\sonarinst.exe
C:\Users\Zbynda\AppData\Local\Temp\sqlite3.dll
C:\Users\Zbynda\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Zbynda\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Zbynda\AppData\Local\Temp\VSUSetup.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-09-21 07:30

==================== End of FRST.txt ============================



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Nový svazek) (Fixed) (Total:298.09 GB) (Free:37.59 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Nový svazek) (Fixed) (Total:465.76 GB) (Free:28.87 GB) NTFS
Drive e: (Tenda) (CDROM) (Total:0.51 GB) (Free:0 GB) CDFS
Drive f: (Stronghold 3) (CDROM) (Total:3.53 GB) (Free:0 GB) CDFS
Drive h: (Nový svazek) (Fixed) (Total:931.51 GB) (Free:138.2 GB) NTFS

Available physical RAM: 4154.25 MB
Total physical RAM: 8174.3 MB
Percentage of memory in use: 49%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: AB4F5E33)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F71E35AC)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4BC5E25B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:F6E5C7FB

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Zbynda\Desktop" je 1423 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

a + rar soubor v predchozi zprave, puvodne melo byt dohromady a bylo to moc dlouhe

[Márty84]

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Zbynda\Desktop" je 1423 MB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku



Vypnete trvale Windows Defender.



Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3550665229-1753511206-2917141256-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3550665229-1753511206-2917141256-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3550665229-1753511206-2917141256-1005\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)

HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.reerd.com
HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
SearchScopes: HKU\S-1-5-21-3550665229-1753511206-2917141256-1004 -> {097406EF-5EE7-4BEC-8BF5-E8570D1C18FF} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^RY&apn_dtid=^YYYYYY^V3^CZ&apn_uid=5db9c517-0c13-4b22-a5b0-d71c6287aec4&apn_sauid=E4111E80-A304-4ECF-840A-5333F2A1AD90
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[Matthi]

Tak tady to je, jen defender jsem vypnul az po fixu pokud to nevadi?

Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Zbynda (2015-09-22 17:57:52) Run:1
Running from C:\Users\Zbynda\Desktop
Loaded Profiles: Zbynda (Available Profiles: Zbynda & UpdatusUser & Hanka & Romca)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3550665229-1753511206-2917141256-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3550665229-1753511206-2917141256-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Zbynda\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3550665229-1753511206-2917141256-1005\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)

HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.reerd.com
HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
SearchScopes: HKU\S-1-5-21-3550665229-1753511206-2917141256-1004 -> {097406EF-5EE7-4BEC-8BF5-E8570D1C18FF} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=^RY&apn_dtid=^YYYYYY^V3^CZ&apn_uid=5db9c517-0c13-4b22-a5b0-d71c6287aec4&apn_sauid=E4111E80-A304-4ECF-840A-5333F2A1AD90
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3550665229-1753511206-2917141256-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-3550665229-1753511206-2917141256-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value not found.
HKU\S-1-5-21-3550665229-1753511206-2917141256-1005\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value not found.
HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value not found.
HKU\S-1-5-21-3550665229-1753511206-2917141256-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{097406EF-5EE7-4BEC-8BF5-E8570D1C18FF} => key not found.
HKCR\CLSID\{097406EF-5EE7-4BEC-8BF5-E8570D1C18FF} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => key removed successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 11.8 GB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 18:04:47 ====

[Márty84]

jen defender jsem vypnul az po fixu pokud to nevadi?

Nevadi


Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak to s pc vypada.