Dobrý den
jeden z poskytovatelů internetového připojení mi sdělil, že z mého notebooku se odesílá velké množství dat.
Antivirový program AVG ani později změněný na Avast mi nic nehlásil. Zkusil NTB proskenovat programem
Spyware Terminator. Ten mi identifikoval Adware W32.Virtumonde.KB na knihovně KBDBUG.DLL. Tu nelze mě
žádnými známými prostředky vyléčit.
V současné době mám již nainstalovaný OS Windows 10 64bit, antivir Avast.
Prosím o pomoc s vyřešením tohoto problému. Přikládám log z RSIT
Děkuji
Karásek
Nevím jestli to dělám takto dobřepřidávám log přímo sem.
Logfile of random's system information tool 1.10 (written by random/random)
Run by JirkaK at 2015-10-01 09:25:15
Microsoft Windows 10 Pro
System drive C: has 51 GB (49%) free of 105 GB
Total RAM: 3982 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:25:17, on 1. 10. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Users\JirkaK\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\WPR\Video\Photo Studio 15\Program32\ZPSTray.exe
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Servis\Explorery\Totalcmd\TOTALCMD.EXE
C:\Program Files\trend micro\JirkaK.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://karaji.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Adobe Reader Synchronizer] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\JirkaK\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] C:\WPR\VIDEO\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: ImageBrowser EX Agent.lnk = C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Odeslat do Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Odeslat do Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (file missing) (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ASUS InstantOn Service (ASUS InstantOn) - ASUS - C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @oem14.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Unknown owner - C:\WINDOWS\system32\DptfParticipantProcessorService.exe (file missing)
O23 - Service: @oem14.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application (DptfPolicyConfigTDPService) - Unknown owner - C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee OOBE Service (McOobeSv) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11245 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-53451483-47bc-46b1-b062-255994e5b5d2 -SystemEventPortName:HostProcess-066ebe1d-250a-4068-b53d-f0a8401a2a08 -IoCancelEventPortName:HostProcess-c942ee24-b4bc-44a9-bb96-94c351f294e0 -NonStateChangingEventPortName:HostProcess-b302c0f7-efbd-49ee-91e3-f87dcdbd6364 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:72ba8703-4353-42f2-900c-8d22851f5ef5 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
dashost.exe {8418db8f-1759-48b1-b5e6639eb3193f14}
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\DptfParticipantProcessorService.exe
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\Windows\SysWOW64\irstrtsv.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
KBFiltr.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
igfxEM.exe
igfxHK.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe"
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"C:\Users\JirkaK\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\WPR\Video\Photo Studio 15\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe"
"C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" /FORCE
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.3.9211.0_x64__8wekyb3d8bbwe\Solitaire.exe" -ServerName:App.AppXx8xn0rs58sab7mvbtxgdhw97cpm1dzhb.mca
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Servis\Explorery\Totalcmd\TOTALCMD.EXE"
"C:\Users\JirkaK\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http:/karaji.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe� Flash� Player 19.0.0.185 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe� Flash� Player 19.0.0.185 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-16 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01 2133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-16 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01 1724032]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-08-20 13192848]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 3933496]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2015-07-30 393632]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe []
"Persistence"=C:\WINDOWS\system32\igfxpers.exe []
"ACMON"=C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-08-24 107192]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2010-07-25 2782096]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-30 6501656]
"Adobe Reader Synchronizer"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [2015-06-27 1104288]
"OneDrive"=C:\Users\JirkaK\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-09-15 405584]
"Zoner Photo Studio Autoupdate"=C:\WPR\VIDEO\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [2014-03-13 779776]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2015-06-27 40336]
"ASUSWebStorage"=C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe [2012-08-28 3417984]
"CanonSolutionMenuEx"=C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [2010-09-14 1213848]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2010-09-09 452016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-18 6134544]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
ImageBrowser EX Agent.lnk - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
Microsoft Office.lnk - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.mjpg"=pvmjpgx40.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-09-24 05:27:44 ----D---- C:\Program Files (x86)\7-Zip
2015-09-19 20:46:07 ----D---- C:\ProgramData\ASUS Smart Gesture
2015-09-19 20:43:38 ----A---- C:\WINDOWS\system32\ASGCoInstaller_x64.dll
2015-09-18 15:58:16 ----A---- C:\WINDOWS\system32\aswBoot.exe
2015-09-18 15:58:15 ----A---- C:\WINDOWS\avastSS.scr
2015-09-16 17:35:26 ----D---- C:\Users\JirkaK\AppData\Roaming\AVAST Software
2015-09-16 17:35:03 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2015-09-16 17:35:03 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2015-09-16 17:35:03 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2015-09-16 17:35:03 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2015-09-16 17:35:03 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2015-09-16 17:35:03 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2015-09-16 17:35:03 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2015-09-16 17:35:03 ----A---- C:\WINDOWS\system32\drivers\aswHwid.sys
2015-09-16 17:33:52 ----D---- C:\Program Files\AVAST Software
2015-09-16 17:33:15 ----D---- C:\ProgramData\AVAST Software
2015-09-14 17:50:42 ----D---- C:\rsit
2015-09-14 17:50:42 ----D---- C:\Program Files\trend micro
2015-09-09 05:18:34 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-09-09 05:18:32 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-09-09 05:18:30 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-09-09 05:18:28 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-09-09 05:18:26 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-09-09 05:18:25 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-09-09 05:18:23 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-09-09 05:18:22 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2015-09-09 05:18:22 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 05:18:22 ----A---- C:\WINDOWS\system32\authui.dll
2015-09-09 05:18:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2015-09-09 05:18:21 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-09-09 05:18:19 ----A---- C:\WINDOWS\SYSWOW64\SettingSync.dll
2015-09-09 05:18:19 ----A---- C:\WINDOWS\system32\SettingSync.dll
2015-09-09 05:18:19 ----A---- C:\WINDOWS\system32\jscript.dll
2015-09-09 05:18:19 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-09-09 05:18:18 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-09-09 05:18:18 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-09-09 05:18:18 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2015-09-09 05:18:18 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-09-09 05:18:18 ----A---- C:\WINDOWS\system32\schedsvc.dll
2015-09-09 05:18:17 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-09-09 05:18:17 ----A---- C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 05:18:17 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-09-09 05:18:17 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-09-09 05:18:17 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 05:18:17 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-09-09 05:18:16 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2015-09-09 05:18:16 ----A---- C:\WINDOWS\system32\shacct.dll
2015-09-09 05:18:16 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-09-09 05:18:14 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-09-09 05:18:14 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-09-05 20:26:17 ----D---- C:\WINDOWS\system32\SleepStudy
2015-09-04 08:53:27 ----SHD---- C:\Recovery
2015-09-04 08:53:26 ----DC---- C:\WINDOWS\Panther
2015-09-04 08:51:52 ----D---- C:\Windows.old
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Editing.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\PlayToManager.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\mfsrcsnk.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\MCRecvSrc.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\GamePanel.exe
2015-09-04 08:51:14 ----A---- C:\WINDOWS\SYSWOW64\bcastdvr.exe
2015-09-04 08:51:14 ----A---- C:\WINDOWS\system32\winmde.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\system32\mfsvr.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\system32\mfsrcsnk.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\system32\mfplat.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-09-04 08:51:14 ----A---- C:\WINDOWS\system32\MCRecvSrc.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\MFPlay.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\fwpolicyiomgr.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\bcd.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\wpncore.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\wpnapps.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\wpccpl.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\wmpmde.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\wmp.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\mfps.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\MFPlay.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\LocationPermissions.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\LocationGeofences.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\ieproxy.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\Chakra.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\drivers\wpcfltr.sys
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\bcd.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\AudioSes.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\AudioEng.dll
2015-09-04 08:51:13 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-09-04 08:51:09 ----A---- C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-09-04 08:51:09 ----A---- C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Search.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BlockedShutdown.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.BioFeedback.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\wimgapi.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\wfdprov.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\wcnwiz.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\UserMgrProxy.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\UIRibbon.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\systemcpl.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\srumsvc.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\spbcd.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\sendmail.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\ReInfo.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\ReAgent.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\NetSetupShim.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\msiexec.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\LogonController.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\LockAppHost.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\fdWCN.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\efscore.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\calc.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\SYSWOW64\ActionCenter.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\wuuhext.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\wlansvc.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\winresume.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\winload.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\wininet.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\Windows.UI.Search.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\wfdprov.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\wcnwiz.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\WcnNetsh.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\WcnApi.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\vaultsvc.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\uxtheme.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\usocore.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\UserMgrProxy.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\UIRibbon.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\twinui.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\TabSvc.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\systemcpl.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\syncutil.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\stobject.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\sppcomapi.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\spbcd.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\shutdownux.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\shell32.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\setbcdlocale.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\SensorDataService.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\sendmail.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\reseteng.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\ReInfo.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\RecoveryDrive.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\ReAgent.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\rdbui.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\ntshrui.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\notepad.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\NetworkStatus.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\ncsi.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\msctfuimanager.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\MbaeParserTask.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\LogonController.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\hal.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\GamePanel.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\fdWCN.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\efscore.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\drivers\wof.sys
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\drivers\tunnel.sys
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\drivers\rdyboost.sys
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\drivers\dam.sys
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\dosvc.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\diagtrack_win.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\dafWCN.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\d3d9.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\ConsoleLogon.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\ConhostV2.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\comdlg32.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\ClipUp.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\calc.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\BootMenuUX.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\bcdedit.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\bcdboot.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\aitstatic.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\system32\ActionCenter.dll
2015-09-04 08:51:08 ----A---- C:\WINDOWS\notepad.exe
2015-09-04 08:51:08 ----A---- C:\WINDOWS\explorer.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Import.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\VoiceActivationManager.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\VEDataLayerHelpers.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\tetheringclient.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\SensorsNativeApi.V2.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\PackageStateRoaming.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\NotificationObjFactory.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\InputService.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\hmkd.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\DisplayManager.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\WWAHost.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\wintrust.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\wininit.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\winhttp.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\windows.storage.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\Windows.Media.Import.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\wimserv.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\wimgapi.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\wer.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\VoiceActivationManager.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\UserDataService.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\Unistore.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\unenrollhook.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\tquery.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\tetheringclient.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\storewuauth.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\srumsvc.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\SharedStartModelShim.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\SensorService.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\psmsrv.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\provhandlers.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\provengine.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\PlayToManager.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\PackageStateRoaming.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\omadmprc.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\omadmclient.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\OmaDmAgent.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\NotificationController.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\MusNotification.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\mssrch.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\mssprxy.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\msiexec.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\msi.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\msftedit.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\mos.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\mf.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\MapsStore.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\lsasrv.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\LicenseManagerApi.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\InputService.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\hmkd.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\gdi32.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\dxgi.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\DisplayManager.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\diagtrack.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\coredpus.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\ContactApis.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\configmanager2.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\cloudAP.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\ci.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\BthRadioMedia.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\BingMaps.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\AppContracts.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-09-04 08:51:03 ----A---- C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Bluetooth.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\msctfuimanager.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\dwmcore.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\dwmapi.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\dwmcore.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\dwmapi.dll
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\drivers\UcmUcsi.sys
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\drivers\msgpiowin32.sys
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\drivers\bthhfenum.sys
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2015-09-04 08:51:02 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2015-09-04 08:48:20 ----D---- C:\WINDOWS\SYSWOW64\XPSViewer
2015-09-04 08:48:20 ----D---- C:\Program Files\Reference Assemblies
2015-09-04 08:48:20 ----D---- C:\Program Files\MSBuild
2015-09-04 08:48:20 ----D---- C:\Program Files (x86)\Reference Assemblies
2015-09-04 08:48:20 ----D---- C:\Program Files (x86)\MSBuild
2015-09-04 08:48:00 ----A---- C:\WINDOWS\SYSWOW64\TsWpfWrp.exe
2015-09-04 08:48:00 ----A---- C:\WINDOWS\SYSWOW64\PresentationNative_v0300.dll
2015-09-04 08:48:00 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-04 08:47:59 ----A---- C:\WINDOWS\system32\TsWpfWrp.exe
2015-09-04 08:47:59 ----A---- C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-09-04 08:47:59 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-04 08:21:03 ----D---- C:\ProgramData\SetupTPDriver
2015-09-04 08:17:36 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-09-04 08:14:16 ----D---- C:\ProgramData\Microsoft OneDrive
2015-09-04 08:12:24 ----A---- C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-09-04 08:09:39 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-04 07:59:57 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2015-09-04 07:59:45 ----SD---- C:\Users\JirkaK\AppData\Roaming\Microsoft
2015-09-04 07:58:12 ----D---- C:\WINDOWS\SYSWOW64\RTCOM
2015-09-04 07:58:12 ----D---- C:\Program Files\Realtek
2015-09-04 07:58:10 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.DLL
2015-09-04 07:58:10 ----A---- C:\WINDOWS\system32\OpenCL.DLL
2015-09-04 07:58:09 ----D---- C:\Program Files\Intel
2015-09-04 07:58:02 ----D---- C:\WINDOWS\SYSWOW64\sda
2015-09-04 07:56:56 ----D---- C:\WINDOWS\Prefetch
2015-09-03 18:41:59 ----HD---- C:\$Windows.~WS
======List of files/folders modified in the last 1 month======
2015-10-01 09:24:00 ----D---- C:\WINDOWS\system32\sru
2015-10-01 09:00:01 ----D---- C:\WINDOWS\Temp
2015-10-01 08:59:57 ----D---- C:\Users\JirkaK\AppData\Roaming\Spyware Terminator
2015-10-01 08:59:54 ----D---- C:\Program Files (x86)\Spyware Terminator
2015-10-01 08:44:16 ----D---- C:\WINDOWS\System32
2015-10-01 08:27:37 ----D---- C:\WINDOWS\AppReadiness
2015-10-01 08:27:33 ----HD---- C:\Program Files\WindowsApps
2015-10-01 08:26:08 ----D---- C:\WINDOWS\INF
2015-10-01 08:23:53 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2015-09-30 21:17:14 ----D---- C:\Users\JirkaK\AppData\Roaming\Skype
2015-09-30 12:34:17 ----D---- C:\WINDOWS\Microsoft.NET
2015-09-24 12:31:54 ----D---- C:\WINDOWS\system32\config
2015-09-24 10:39:34 ----D---- C:\WINDOWS\debug
2015-09-24 05:57:04 ----SHD---- C:\System Volume Information
2015-09-24 05:48:52 ----SHDC---- C:\WINDOWS\Installer
2015-09-24 05:48:52 ----D---- C:\ProgramData\Skype
2015-09-24 05:46:28 ----D---- C:\WINDOWS\SoftwareDistribution
2015-09-24 05:46:28 ----D---- C:\Windows
2015-09-24 05:27:44 ----RD---- C:\Program Files (x86)
2015-09-24 05:21:36 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-09-23 20:15:08 ----D---- C:\WINDOWS\WinSxS
2015-09-23 18:06:22 ----D---- C:\WINDOWS\SysWOW64
2015-09-22 19:25:50 ----D---- C:\WINDOWS\CbsTemp
2015-09-21 21:36:47 ----D---- C:\WINDOWS\system32\catroot2
2015-09-20 21:32:51 ----D---- C:\Users\JirkaK\AppData\Roaming\KeePass
2015-09-20 21:14:31 ----D---- C:\WINDOWS\system32\drivers\UMDF
2015-09-20 09:16:30 ----D---- C:\WINDOWS\system32\drivers
2015-09-19 20:46:07 ----HD---- C:\ProgramData
2015-09-19 20:44:04 ----D---- C:\WINDOWS\system32\CatRoot
2015-09-19 20:43:56 ----D---- C:\WINDOWS\system32\Tasks
2015-09-19 20:43:55 ----D---- C:\Program Files\DIFX
2015-09-19 20:43:54 ----D---- C:\WINDOWS\system32\DriverStore
2015-09-19 20:43:51 ----D---- C:\Program Files (x86)\ASUS
2015-09-16 20:34:45 ----RD---- C:\Program Files (x86)\Skype
2015-09-16 20:34:45 ----D---- C:\Program Files (x86)\Common Files
2015-09-16 18:42:13 ----D---- C:\Servis
2015-09-16 18:37:53 ----D---- C:\ProgramData\Spyware Terminator
2015-09-16 17:33:52 ----RD---- C:\Program Files
2015-09-16 17:31:37 ----D---- C:\ProgramData\MFAData
2015-09-16 17:29:06 ----SD---- C:\ProgramData\Microsoft
2015-09-16 17:29:05 ----D---- C:\Program Files (x86)\Microsoft Office
2015-09-16 17:26:43 ----HD---- C:\WINDOWS\ELAMBKUP
2015-09-16 17:23:17 ----D---- C:\WINDOWS\system32\drivers\etc
2015-09-15 19:31:06 ----D---- C:\WINDOWS\system32\WDI
2015-09-15 18:12:10 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-09-13 19:56:23 ----D---- C:\WINDOWS\Logs
2015-09-11 07:59:48 ----RD---- C:\WINDOWS\assembly
2015-09-10 06:26:19 ----D---- C:\WINDOWS\SYSWOW64\config
2015-09-09 10:29:26 ----D---- C:\WINDOWS\system32\appraiser
2015-09-09 10:29:26 ----D---- C:\WINDOWS\AppPatch
2015-09-09 10:29:26 ----D---- C:\Program Files\Windows Journal
2015-09-09 07:04:13 ----D---- C:\WINDOWS\system32\MRT
2015-09-07 14:09:13 ----D---- C:\WINDOWS\rescache
2015-09-07 05:28:19 ----D---- C:\WINDOWS\system32\LogFiles
2015-09-05 05:17:13 ----D---- C:\WINDOWS\appcompat
2015-09-04 08:55:29 ----D---- C:\Users\JirkaK\AppData\Roaming\ClassicShell
2015-09-04 08:51:47 ----D---- C:\WINDOWS\SYSWOW64\oobe
2015-09-04 08:51:47 ----D---- C:\WINDOWS\SYSWOW64\Dism
2015-09-04 08:51:47 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-09-04 08:51:47 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-09-04 08:51:47 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-09-04 08:51:47 ----D---- C:\WINDOWS\system32\Dism
2015-09-04 08:51:47 ----D---- C:\WINDOWS\system32\Boot
2015-09-04 08:51:46 ----D---- C:\WINDOWS\Provisioning
2015-09-04 08:51:46 ----D---- C:\Program Files\Internet Explorer
2015-09-04 08:51:46 ----D---- C:\Program Files (x86)\Internet Explorer
2015-09-04 08:49:22 ----D---- C:\WINDOWS\system32\restore
2015-09-04 08:48:59 ----SD---- C:\WINDOWS\system32\Microsoft
2015-09-04 08:48:20 ----D---- C:\WINDOWS\SYSWOW64\MUI
2015-09-04 08:48:20 ----D---- C:\WINDOWS\system32\MUI
2015-09-04 08:18:07 ----RD---- C:\WINDOWS\DevicesFlow
2015-09-04 08:17:24 ----HD---- C:\ProgramData\Common Files
2015-09-04 08:12:39 ----RD---- C:\WINDOWS\PurchaseDialog
2015-09-04 08:12:39 ----RD---- C:\WINDOWS\PrintDialog
2015-09-04 08:12:39 ----RD---- C:\WINDOWS\MiracastView
2015-09-04 08:12:35 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2015-09-04 08:08:48 ----D---- C:\Program Files\Windows NT
2015-09-04 08:08:42 ----D---- C:\WINDOWS\system32\wbem
2015-09-04 08:07:42 ----D---- C:\WINDOWS\Registration
2015-09-04 08:06:33 ----D---- C:\Program Files\Common Files\AV
2015-09-04 08:05:39 ----RSD---- C:\WINDOWS\Media
2015-09-04 08:03:59 ----D---- C:\WINDOWS\system32\FxsTmp
2015-09-04 08:03:55 ----D---- C:\WINDOWS\SYSWOW64\drivers
2015-09-04 08:03:55 ----D---- C:\WINDOWS\system32\STRING
2015-09-04 08:03:54 ----RSD---- C:\WINDOWS\Fonts
2015-09-04 08:03:54 ----D---- C:\WINDOWS\system32\CodeIntegrity
2015-09-04 08:03:54 ----D---- C:\WINDOWS\LiveKernelReports
2015-09-04 08:03:53 ----D---- C:\WINDOWS\Tasks
2015-09-04 08:01:41 ----D---- C:\WINDOWS\twain_32
2015-09-04 08:01:40 ----D---- C:\WINDOWS\SYSWOW64\migwiz
2015-09-04 08:01:40 ----D---- C:\WINDOWS\SYSWOW64\IME
2015-09-04 08:01:40 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2015-09-04 08:01:38 ----HD---- C:\WINDOWS\system32\WLANProfiles
2015-09-04 08:01:38 ----D---- C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-09-04 08:01:38 ----D---- C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-09-04 08:01:38 ----D---- C:\WINDOWS\system32\spool
2015-09-04 08:01:37 ----D---- C:\WINDOWS\system32\oobe
2015-09-04 08:01:36 ----D---- C:\WINDOWS\system32\NDF
2015-09-04 08:01:36 ----D---- C:\WINDOWS\system32\migration
2015-09-04 08:01:36 ----D---- C:\WINDOWS\system32\InputMethod
2015-09-04 08:01:36 ----D---- C:\WINDOWS\system32\IME
2015-09-04 08:01:36 ----D---- C:\WINDOWS\system32\en-US
2015-09-04 08:01:36 ----D---- C:\WINDOWS\system32\cs-CZ
2015-09-04 08:01:18 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-09-04 08:01:18 ----D---- C:\WINDOWS\system32\appmgmt
2015-09-04 08:01:16 ----D---- C:\WINDOWS\ShellNew
2015-09-04 08:01:16 ----D---- C:\WINDOWS\MediaViewer
2015-09-04 08:01:15 ----D---- C:\WINDOWS\InputMethod
2015-09-04 08:01:14 ----D---- C:\WINDOWS\Help
2015-09-04 08:01:14 ----D---- C:\WINDOWS\ADFS
2015-09-04 08:01:11 ----RD---- C:\Users
2015-09-04 08:01:11 ----D---- C:\ProgramData\PRICache
2015-09-04 08:01:08 ----D---- C:\ProgramData\Intel
2015-09-04 08:01:08 ----D---- C:\Program Files (x86)\Windows Mail
2015-09-04 08:01:08 ----D---- C:\Program Files (x86)\Intel
2015-09-04 08:01:07 ----D---- C:\Program Files\Windows Mail
2015-09-04 08:01:07 ----D---- C:\Program Files\Intel Corporation
2015-09-04 08:01:07 ----D---- C:\Program Files\Common Files\microsoft shared
2015-09-04 08:01:07 ----D---- C:\Program Files\Common Files\Intel
2015-09-04 08:01:07 ----D---- C:\Program Files\Common Files
2015-09-04 08:00:55 ----D---- C:\WINDOWS\system32\Recovery
2015-09-04 07:58:50 ----D---- C:\WINDOWS\system32\Sysprep
2015-09-04 07:41:52 ----HD---- C:\$Windows.~BT
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-09-18 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-09-18 274808]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-07-24 645952]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-09-18 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-09-18 1049880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-09-18 448968]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-09-18 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-09-18 90968]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-09-18 153744]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R3 acpials;@sensorsalsdriver.inf,%kbfiltr.SvcDesc%;Filtr zařízení ALS Sensor; C:\WINDOWS\system32\DRIVERS\acpials.sys [2015-07-10 11264]
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [2012-07-24 17152]
R3 AMPPAL;@oem7.inf,%AMPPAL.SVCDESC%;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed; C:\WINDOWS\System32\drivers\AMPPAL.sys [2012-09-13 162344]
R3 ATP;@oem29.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\WINDOWS\System32\drivers\AsusTP.sys [2015-08-23 100776]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-07-10 105984]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]
R3 DptfDevDram;DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [2012-07-13 107328]
R3 DptfDevFan;DptfDevFan; C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys [2012-07-13 42816]
R3 DptfDevGen;DptfDevGen; C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys [2012-07-13 64832]
R3 DptfDevPch;DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [2012-07-13 96064]
R3 DptfDevProc;DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [2012-07-13 228672]
R3 DptfManager;DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [2012-07-13 361792]
R3 HIDSwitch;@oem30.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-05-13 19976]
R3 ibtfltcoex;@oem33.inf,%PROVIDER_NAME%;Intel Corporation; C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys [2015-07-01 79632]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-07-30 3797960]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-08-21 4106256]
R3 IntcDAud;@oem27.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 irstrtdv;@oem13.inf,%Irstrt.DispName%;Intel(R) Rapid Start Technology Driver; C:\WINDOWS\System32\drivers\irstrtdv.sys [2012-07-30 43800]
R3 iwdbus;@oem24.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-06-26 39480]
R3 kbfiltr;@oem5.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\WINDOWS\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem21.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 NETwNe64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\System32\drivers\NETwew01.sys [2015-07-10 3354384]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]
R3 RTSUER;@oem32.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2015-07-08 410880]
R3 SensorsAlsDriver;@sensorsalsdriver.inf,%WudfSensorsAlsDriverDisplayName%;Služba Reflektor UMDF pro knihovnu SensorsAlsDriver; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [2015-07-10 214016]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-04 929280]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-07-10 32256]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 intaud_WaveExtensible;@oem1.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-06-26 50232]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-09-04 934752]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952]
S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-09-04 46080]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2015-07-10 245088]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-07-10 94048]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-07-10 127840]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2012-09-11 106880]
R2 ASUS InstantOn;ASUS InstantOn Service; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-04-13 277120]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-18 146600]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-05-01 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-05-01 1772672]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 DptfParticipantProcessorService;@oem14.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [2012-07-30 29056]
R2 DptfPolicyConfigTDPService;@oem14.inf,%WIN32_DPTF_POLICY_CONFIGTDP_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Config TDP Service Application; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [2012-07-30 30592]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-07-30 328608]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
R2 irstrtsv;Intel(R) Rapid Start Technology Service; C:\Windows\SysWOW64\irstrtsv.exe [2012-07-30 193576]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 OneSyncSvc_Session1;Hostitel synchronizace_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 sp_rssrv;Spyware Terminator Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\sp_rsser.exe [2014-12-22 1097216]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-05-11 200728]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-23 269000]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-07-30 290208]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session1;Data kontaktů_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-09-04 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 UnistoreSvc_Session1;Úložiště uživatelských dat_Session1; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
W32.Virtumonde.KB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
W32.Virtumonde.KB
Naposledy upravil(a) karaji dne 01 říj 2015 08:57, celkem upraveno 1 x.
Re: W32.Virtumonde.KB
Zdravim 
Nejak tu RSIT nevidim. Pokud je moc velky, tak jej rozdelte do vice prispevku...
Nejak tu RSIT nevidim. Pokud je moc velky, tak jej rozdelte do vice prispevku...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: W32.Virtumonde.KB
Zdravím
log jsem dal do prvního příspěvku a odeslal znovu.
log jsem dal do prvního příspěvku a odeslal znovu.
Re: W32.Virtumonde.KB
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner[C?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: W32.Virtumonde.KB
# AdwCleaner v5.010 - Logfile created 05/10/2015 at 17:19:42
# Updated 04/10/2015 by Xplode
# Database : 2015-10-05.1 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : JirkaK - JIRKA
# Running from : C:\Users\JirkaK\Desktop\adwcleaner_5.010.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\ValueApps
***** [ Files ] *****
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[-] File Deleted : C:\WINDOWS\SysWOW64\drivers\sp_rsdrv2.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{525F116F-04AD-40A2-AE2F-A0C4E1AFEF98}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9852A670-F845-491B-9BE6-EBD841B8A613}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ACE4747B-35BD-4E97-9DD7-1D4245B0695C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE77C59C-CFD2-429F-868C-8B04D23F94CA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F544E0F5-CA3C-47EA-A64D-35FCF1602396}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Avg Secure Update
[!] Key Not Deleted : [x64] HKCU\Software\AVG Secure Search
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
***** [ Web browsers ] *****
[-] [C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[-] [C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\prefs.js] [Preference] Deleted : user_pref("valueApps.autoDisableScopes", -1);
[-] [C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\prefs.js] [Preference] Deleted : user_pref("valueApps.storage.mam_gk_currentVersion", "312E31332E302E3137");
[-] [C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\prefs.js] [Preference] Deleted : user_pref("valueApps.storage.mam_gk_userId", "62346561656162632D393165642D343965642D613866642D346330353265633139653532");
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [5181 bytes] ##########
# Updated 04/10/2015 by Xplode
# Database : 2015-10-05.1 [Server]
# Operating system : Windows 10 Pro (x64)
# Username : JirkaK - JIRKA
# Running from : C:\Users\JirkaK\Desktop\adwcleaner_5.010.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\ValueApps
***** [ Files ] *****
[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
[-] File Deleted : C:\WINDOWS\SysWOW64\drivers\sp_rsdrv2.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F63AAEDC-3602-49EF-AA45-262380A98980}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98ED0D10-F1FC-4113-A095-9BD7F96040C9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B162A975-6C7C-4202-9167-306028913A3D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DEF4ED0D-E666-4631-A35A-A634332F0550}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{525F116F-04AD-40A2-AE2F-A0C4E1AFEF98}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9852A670-F845-491B-9BE6-EBD841B8A613}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ACE4747B-35BD-4E97-9DD7-1D4245B0695C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE77C59C-CFD2-429F-868C-8B04D23F94CA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F544E0F5-CA3C-47EA-A64D-35FCF1602396}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{93DBF2BB-A2B3-4683-A92E-57E60751F346}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Avg Secure Update
[!] Key Not Deleted : [x64] HKCU\Software\AVG Secure Search
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\Avg Secure Update
***** [ Web browsers ] *****
[-] [C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[-] [C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\prefs.js] [Preference] Deleted : user_pref("valueApps.autoDisableScopes", -1);
[-] [C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\prefs.js] [Preference] Deleted : user_pref("valueApps.storage.mam_gk_currentVersion", "312E31332E302E3137");
[-] [C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\prefs.js] [Preference] Deleted : user_pref("valueApps.storage.mam_gk_userId", "62346561656162632D393165642D343965642D613866642D346330353265633139653532");
*************************
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [5181 bytes] ##########
Re: W32.Virtumonde.KB
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: W32.Virtumonde.KB
Zoek.exe v5.0.0.1 Updated 04-October-2015
Tool run by JirkaK on po 05. 10. 2015 at 19:39:51,00.
Microsoft Windows 10 Pro 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JirkaK\Desktop\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]
==== System Restore Info ======================
5. 10. 2015 19:41:09 Zoek.exe System Restore Point Created Successfully.
==== Empty Folders Check ======================
Tool run by JirkaK on po 05. 10. 2015 at 19:39:51,00.
Microsoft Windows 10 Pro 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JirkaK\Desktop\zoek.exe [Scan all users] [Quick Scan] [Auto Clean]
==== System Restore Info ======================
5. 10. 2015 19:41:09 Zoek.exe System Restore Point Created Successfully.
==== Empty Folders Check ======================
Naposledy upravil(a) karaji dne 05 říj 2015 20:04, celkem upraveno 1 x.
Re: W32.Virtumonde.KB
Teď je to správný log.
Zoek.exe v5.0.0.1 Updated 04-October-2015
Tool run by JirkaK on po 05. 10. 2015 at 20:17:48,56.
Microsoft Windows 10 Pro 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JirkaK\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2015-10-05-181312.log 44259 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\prefs.js:
user_pref("browser.startup.homepage", "http:/karaji.cz");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [18. 09. 2015 15:58]
==== Firefox Extensions ======================
ProfilePath: C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default
95812430959AE88CDD0301AB3A71913B - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash
1A62BB86D17B8DC0D4339BACC8D60635 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[16. 09. 2015 17:34]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://karaji.cz/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://karaji.cz/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6AF6B17C-9DF8-4AE9-8677-808781EBB2EB}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{6AF6B17C-9DF8-4AE9-8677-808781EBB2EB} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JirkaK\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JirkaK\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JirkaK\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\JirkaK\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\JirkaK\AppData\Local\Mozilla\Firefox\Profiles\agqnvu2y.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=6 folders=1 15940 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\JirkaK\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on po 05. 10. 2015 at 20:38:35,57 ======================
Zoek.exe v5.0.0.1 Updated 04-October-2015
Tool run by JirkaK on po 05. 10. 2015 at 20:17:48,56.
Microsoft Windows 10 Pro 10.0.10240 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JirkaK\Desktop\zoek.exe [Scan all users] [Script inserted]
==== Older Logs ======================
C:\zoek-results2015-10-05-181312.log 44259 bytes
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\prefs.js:
user_pref("browser.startup.homepage", "http:/karaji.cz");
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [18. 09. 2015 15:58]
==== Firefox Extensions ======================
ProfilePath: C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
==== Firefox Plugins ======================
Profilepath: C:\Users\JirkaK\AppData\Roaming\Mozilla\Firefox\Profiles\agqnvu2y.default
95812430959AE88CDD0301AB3A71913B - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll - Shockwave Flash
1A62BB86D17B8DC0D4339BACC8D60635 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll - Shockwave Flash
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[16. 09. 2015 17:34]
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://karaji.cz/"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://karaji.cz/"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6AF6B17C-9DF8-4AE9-8677-808781EBB2EB}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{6AF6B17C-9DF8-4AE9-8677-808781EBB2EB} Google Url="http://www.google.com/search?q={searchT ... utEncoding?}"
==== Reset Google Chrome ======================
Nothing found to reset
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\JirkaK\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JirkaK\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\JirkaK\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\JirkaK\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
C:\Users\JirkaK\AppData\Local\Mozilla\Firefox\Profiles\agqnvu2y.default\cache2 emptied successfully
==== Empty Chrome Cache ======================
No Chrome User Data found
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=6 folders=1 15940 bytes)
==== Empty Temp Folders ======================
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\JirkaK\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on po 05. 10. 2015 at 20:38:35,57 ======================
Re: W32.Virtumonde.KB
Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
- Ulozte nejlepe na Plochu a rozbalte
- Spustte kliknutim na mbar
- Nyni postupne kliknete na Next a Update
- Po dokonceni update (aktualizace) databaze kliknete opet na Next
- Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC
- Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko
- Tez zkontrolujte, jetsli je zatrzitko u Create Restore point
- Nyni kliknete na CleanUp cimz nalezenou infekci odstranime
- PC bude restartovan
- Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: W32.Virtumonde.KB
Dobrý den
postupoval jsem podle pokynů. Výsledek scanování: Scan Finished: No malware found!
Spyware Terminátor bohužel stále hlásí nález.
postupoval jsem podle pokynů. Výsledek scanování: Scan Finished: No malware found!
Spyware Terminátor bohužel stále hlásí nález.
Re: W32.Virtumonde.KB
Muzete mi prosim dat screen nalezu Terminatora kde jej hlasi
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: W32.Virtumonde.KB
Výsledek z Terminátoru v příloze.
- Terminátor výsledek.JPG (50.08 KiB) Zobrazeno 2407 x
Re: W32.Virtumonde.KB
Nasledujici soubory otestujte na VirusTotalu https://www.virustotal.com/cs/
- c:\windows\system32\kbdbug.dll
- Kliknete na Choose file
- Soubor nehledejte, jen vlozte cestu souboru, ktery chci otestovat
- Kliknete na Scan It
- Pokud na Vas vyskoci obrazovka jako je nize, tak kliknete na ReAnalyse
- Vysledek analyzy sem vlozte (jako odkaz)
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: W32.Virtumonde.KB
Snad to je dobře, už v tom trochu tápu.
https://www.virustotal.com/cs/file/a39f ... 444666245/
https://www.virustotal.com/cs/file/a39f ... 444666245/
Re: W32.Virtumonde.KB
Soubor je cisty, je to falesna detekce Terminatora
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?