Zdravím, potřebovala bych zkontrolovat počítač, protože mívám problém s prohlížeči. Jednou za čas se mi stane to, že když potřebuju v prohlížeči něco napsat (kamkoliv), tak to nejde, jako bych na té stránce ani nebyla, takže pořád na stránku musím klikat a psát po písmenku (křížek na zavření prohlížeče ani není červený,ale má barvu pozadí plochy). Vždycky mi na to pomůže CCleaner, ale jen asi na 15 minut, než mi to začne dělat znova a já musím opět zapnout CCleaner. Ten mi taky píše, že mám pořád zapnutý prohlížeč a jestli chci vynutit jeho vypnutí (i když prohlížeč zapnutý nemám). Díky za pomoc.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Barbora at 2015-12-21 14:06:40
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 186 GB (39%) free of 477 GB
Total RAM: 3948 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:06:49, on 21.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe
C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe
C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Barbora.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
--
End of file - 10413 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe"
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\WLANExt.exe 1325792
"C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
\??\C:\Windows\system32\conhost.exe "1655390876927814410-905573415-1092620110-1754939552471572086-346362621-2144589193
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2440
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
taskeng.exe {50A102F6-CA5B-413F-97BC-0038FE7F4308}
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/Barbora/AppData/Local/Akamai/netsession_win.exe" --client
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
szndesktop.exe default start
"C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "20464852722137963525-1359464900-9875830541584501729-2116908430-576953725-343549553
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cachedir="C:\Users\Barbora\AppData\Local\Steam\htmlcache" -steampid=3472 -buildid=1450127196 -steamid="0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-widevine-cdm --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-1360c0b5-0e4e-410c-bc9c-c15bc2f56ca3 -SystemEventPortName:HostProcess-39e0a6b3-c206-4642-ba02-e7658e98dd61 -IoCancelEventPortName:HostProcess-6d867bfd-f403-44b7-8784-0f458402f21a -NonStateChangingEventPortName:HostProcess-6fdfb28f-7edb-4499-9a0d-3b1531483637 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:57dd27fa-0cbe-4150-b1ab-9d327fefcdbe -DeviceGroupId:
"C:\Program Files\SYNAPTICS\SYNTP\SYNTPENH.EXE"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
taskeng.exe {F6032722-DDAE-40C3-AD8C-7A03B7B79407}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4932.0.2072733471\302449748" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,23,51 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2345 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="4932.2.1410453280\1526787215" --font-cache-shared-handle=2008 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="4932.3.1116196367\696022737" --font-cache-shared-handle=3796 /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 512 516 524 65536 520
"C:\Users\Barbora\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Security Scan for Barbora.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
=========Mozilla firefox=========
ProfilePath - C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/?clid=12454"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=Quicksearch_12454&q="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default\searchplugins\
default.xml
firmycz.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-05-26 2471744]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-11-12 2757424]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"=C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2014-04-21 2295584]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"WebcamMaxAutoRun"=C:\Program Files (x86)\WebcamMax\wcmmon.exe [2011-07-17 1038848]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-27 5583120]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-12-14 3013712]
"Akamai NetSession Interface"=C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]
"cz.seznam.software.autoupdate"=C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"=C:\Windows\system32\cmd.exe [2010-11-20 345088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
c:\program files (x86)\microsoft office\office14\bcssync.exe [2012-11-05 89184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
c:\windows\system32\hkcmd.exe [2011-03-31 392216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
c:\program files\intel\intel(r) rapid storage technology\iastoriconlaunch.exe [2013-11-21 36352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
c:\windows\system32\igfxtray.exe [2011-03-31 167960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelPAN]
c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe [2011-01-18 1934608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelPROSet]
c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe [2011-01-18 1934608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncowkgoSrv]
c:\windows\inf\mncowkgo.vbe [2014-01-19 1342]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp]
c:\windows\system32\msstp.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
c:\program files (x86)\nvidia corporation\update core\nvbackend.exe [2015-11-12 2757424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
c:\windows\system32\igfxpers.exe [2011-03-31 415768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
c:\program files (x86)\common files\spigot\search settings\searchsettings.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
c:\windows\system32\nvspcap64.dll,shadowplayonsystemstart []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\synaptics\syntp\syntpenh.exe [2012-03-01 2886416]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-26 385024]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-21 14:06:41 ----D---- C:\Program Files\trend micro
2015-12-21 14:06:40 ----D---- C:\rsit
2015-12-18 14:19:11 ----D---- C:\Users\Barbora\AppData\Roaming\freepicturesolutions
2015-12-13 01:58:28 ----D---- C:\Program Files (x86)\MSXML 4.0
2015-12-11 16:35:01 ----D---- C:\ProgramData\Pinnacle Studio Ultimate
2015-12-11 16:26:05 ----D---- C:\ProgramData\Studio 15
2015-12-11 16:26:05 ----D---- C:\ProgramData\Pinnacle Studio Plus
2015-12-11 16:26:04 ----D---- C:\Program Files (x86)\Pinnacle
2015-12-11 16:22:30 ----D---- C:\ProgramData\Pinnacle
2015-12-11 14:56:45 ----D---- C:\Fraps
2015-12-10 14:07:24 ----D---- C:\Program Files (x86)\Seznam.cz
2015-12-10 14:06:17 ----D---- C:\Users\Barbora\AppData\Roaming\Seznam.cz
2015-12-09 14:19:30 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-12-09 14:19:30 ----A---- C:\Windows\system32\tzres.dll
2015-12-09 14:19:13 ----A---- C:\Windows\SYSWOW64\usp10.dll
2015-12-09 14:19:13 ----A---- C:\Windows\system32\usp10.dll
2015-12-09 14:19:10 ----A---- C:\Windows\system32\DWrite.dll
2015-12-09 14:19:09 ----A---- C:\Windows\system32\win32k.sys
2015-12-09 14:19:09 ----A---- C:\Windows\system32\FntCache.dll
2015-12-09 14:19:07 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-12-09 14:19:07 ----A---- C:\Windows\system32\user32.dll
2015-12-09 14:19:02 ----A---- C:\Windows\SYSWOW64\user32.dll
2015-12-09 14:18:56 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-09 14:18:55 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2015-12-09 14:18:55 ----A---- C:\Windows\system32\wshrm.dll
2015-12-09 14:18:54 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-09 14:18:54 ----A---- C:\Windows\system32\catsrvut.dll
2015-12-09 14:18:53 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2015-12-09 14:18:52 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2015-12-09 14:18:42 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-12-09 14:18:42 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-12-09 14:18:42 ----A---- C:\Windows\system32\iertutil.dll
2015-12-09 14:18:42 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-12-09 14:18:42 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-12-09 14:18:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-12-09 14:18:41 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-12-09 14:18:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-12-09 14:18:39 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-12-09 14:18:39 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-12-09 14:18:39 ----A---- C:\Windows\system32\iernonce.dll
2015-12-09 14:18:39 ----A---- C:\Windows\system32\ie4uinit.exe
2015-12-09 14:18:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-12-09 14:18:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-12-09 14:18:38 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-12-09 14:18:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-12-09 14:18:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-12-09 14:18:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-12-09 14:18:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 14:18:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-12-09 14:18:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-12-09 14:18:33 ----A---- C:\Windows\system32\occache.dll
2015-12-09 14:18:33 ----A---- C:\Windows\system32\iedkcs32.dll
2015-12-09 14:18:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-12-09 14:18:32 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-12-09 14:18:32 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-12-09 14:18:32 ----A---- C:\Windows\system32\urlmon.dll
2015-12-09 14:18:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 14:18:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-12-09 14:18:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 14:18:31 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-09 14:18:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-12-09 14:18:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-12-09 14:18:30 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-09 14:18:28 ----A---- C:\Windows\system32\iesetup.dll
2015-12-09 14:18:28 ----A---- C:\Windows\system32\ieapfltr.dll
2015-12-09 14:18:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-12-09 14:18:24 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-12-09 14:18:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-12-09 14:18:24 ----A---- C:\Windows\system32\vbscript.dll
2015-12-09 14:18:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-12-09 14:18:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-12-09 14:18:22 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-12-09 14:18:22 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-09 14:18:20 ----A---- C:\Windows\system32\ieui.dll
2015-12-09 14:18:20 ----A---- C:\Windows\system32\ieframe.dll
2015-12-09 14:18:20 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-09 14:18:18 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-09 14:18:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-12-09 14:18:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-09 14:18:16 ----A---- C:\Windows\system32\webcheck.dll
2015-12-09 14:18:16 ----A---- C:\Windows\system32\jscript9diag.dll
2015-12-09 14:18:16 ----A---- C:\Windows\system32\jscript.dll
2015-12-09 14:18:15 ----A---- C:\Windows\system32\jscript9.dll
2015-12-09 14:18:14 ----A---- C:\Windows\system32\wininet.dll
2015-12-09 14:18:12 ----A---- C:\Windows\system32\msrating.dll
2015-12-09 14:18:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-12-09 14:18:10 ----A---- C:\Windows\system32\mshtml.dll
2015-12-09 14:16:17 ----A---- C:\Windows\SYSWOW64\els.dll
2015-12-09 14:16:17 ----A---- C:\Windows\system32\els.dll
2015-12-02 16:51:22 ----A---- C:\Windows\system32\wups2.dll
2015-12-02 16:51:22 ----A---- C:\Windows\system32\wuauclt.exe
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wuwebv.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wups.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wudriver.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wucltux.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wuaueng.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wuapp.exe
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wuapi.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-29 15:43:24 ----D---- C:\Program Files (x86)\World of Warcraft
2015-11-29 15:43:24 ----D---- C:\Data
2015-11-27 21:17:03 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2015-11-27 21:17:03 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2015-11-27 21:17:03 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2015-11-27 21:17:03 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2015-11-27 21:17:03 ----A---- C:\Windows\system32\nlsbres.dll
2015-11-27 21:17:03 ----A---- C:\Windows\system32\kbdgeoqw.dll
2015-11-27 21:17:03 ----A---- C:\Windows\system32\KBDAZEL.DLL
2015-11-27 21:17:03 ----A---- C:\Windows\system32\KBDAZE.DLL
2015-11-22 23:32:00 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
======List of files/folders modified in the last 1 month======
2015-12-21 14:06:45 ----D---- C:\Windows\Temp
2015-12-21 14:06:41 ----RD---- C:\Program Files
2015-12-21 13:49:04 ----D---- C:\Windows
2015-12-21 13:44:52 ----D---- C:\Windows\system32\config
2015-12-21 13:42:27 ----D---- C:\Program Files (x86)\Steam
2015-12-21 13:41:57 ----D---- C:\Windows\system32\catroot2
2015-12-21 13:41:23 ----D---- C:\ProgramData\NVIDIA
2015-12-20 15:42:52 ----D---- C:\Windows\inf
2015-12-20 15:18:44 ----SHD---- C:\Boot
2015-12-19 22:40:41 ----SHD---- C:\Windows\Installer
2015-12-19 22:40:40 ----SHD---- C:\Config.Msi
2015-12-19 22:40:38 ----RD---- C:\Program Files (x86)
2015-12-19 22:39:40 ----SHD---- C:\System Volume Information
2015-12-19 22:36:30 ----D---- C:\Users\Barbora\AppData\Roaming\vlc
2015-12-19 22:32:32 ----D---- C:\The KMPlayer
2015-12-19 15:54:16 ----D---- C:\Program Files (x86)\Battle.net
2015-12-19 15:30:14 ----D---- C:\Users\Barbora\AppData\Roaming\TS3Client
2015-12-18 14:55:02 ----D---- C:\Windows\winsxs
2015-12-18 14:54:53 ----SD---- C:\Windows\SYSWOW64\GWX
2015-12-18 14:54:53 ----SD---- C:\Windows\system32\GWX
2015-12-18 14:17:51 ----D---- C:\ProgramData\WebcamMax
2015-12-18 12:10:04 ----D---- C:\Users\Barbora\AppData\Roaming\uTorrent
2015-12-18 01:45:34 ----D---- C:\Windows\SysWOW64
2015-12-18 01:45:34 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-12-18 01:45:14 ----D---- C:\Windows\System32
2015-12-18 01:45:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-17 11:57:14 ----D---- C:\Program Files (x86)\Hearthstone
2015-12-16 14:18:19 ----D---- C:\ProgramData\ProductData
2015-12-11 16:38:43 ----D---- C:\Windows\system32\DriverStore
2015-12-11 16:36:56 ----D---- C:\Windows\system32\drivers
2015-12-11 16:36:28 ----D---- C:\Program Files (x86)\Common Files
2015-12-11 16:35:01 ----HD---- C:\ProgramData
2015-12-11 16:30:32 ----RSD---- C:\Windows\Fonts
2015-12-11 14:55:12 ----D---- C:\Windows\Microsoft.NET
2015-12-11 00:05:59 ----RSD---- C:\Windows\assembly
2015-12-10 21:04:48 ----D---- C:\Windows\debug
2015-12-10 12:09:26 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-12-10 12:09:26 ----D---- C:\Windows\system32\cs-CZ
2015-12-10 12:09:24 ----D---- C:\Windows\ehome
2015-12-10 12:09:19 ----D---- C:\Program Files\Internet Explorer
2015-12-10 12:09:18 ----D---- C:\Windows\SYSWOW64\en-US
2015-12-10 12:09:15 ----D---- C:\Windows\system32\en-US
2015-12-10 12:09:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-10 00:42:50 ----D---- C:\ProgramData\Microsoft Help
2015-12-10 00:40:20 ----D---- C:\Windows\system32\MRT
2015-12-10 00:32:41 ----A---- C:\Windows\system32\MRT.exe
2015-12-09 22:34:40 ----D---- C:\ProgramData\NVIDIA Corporation
2015-12-09 22:34:40 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-12-09 22:34:38 ----D---- C:\Program Files\NVIDIA Corporation
2015-12-09 04:39:31 ----N---- C:\Windows\system32\MpSigStub.exe
2015-12-08 23:36:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-12-06 11:47:54 ----D---- C:\Windows\SoftwareDistribution
2015-12-05 15:23:42 ----D---- C:\Windows\Tasks
2015-11-29 15:49:10 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-11-22 15:35:32 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-11-21 632168]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-11-21 28008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-02-08 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-28 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2014-02-08 300320]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-02 2380448]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-04-09 30352]
R3 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys); C:\Windows\System32\Drivers\FPSensor.sys [2011-09-15 36656]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-26 12222080]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-07-18 129224]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-02-28 99288]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2014-01-07 359128]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-01 425232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
S1 MpKsl811a367f;MpKsl811a367f; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F6B4043C-9906-4ACB-BCB1-DAD03C05D5C3}\MpKsl811a367f.sys []
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2014-02-28 21712]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-18 1515792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-21 15720]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 923936]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-18 845584]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-02-08 411936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R2 ZcfgSvc7;Intel(R) PROSet/Wireless ZeroConfig Service; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [2011-01-18 992256]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1272592]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-18 107848]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-30 2909472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-18 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-08 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-27 149160]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-18 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-28 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Problém s prohlížeči
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Problém s prohlížeči
ahoj 
1. odinstaluj tento nezmysel Advanced SystemCare 7 - skor ako Ti rozhasi cely pocitac
2. vycisti PC s MBAM + ADWCleaner
logy vloz pozriem zajtra
1. odinstaluj tento nezmysel Advanced SystemCare 7 - skor ako Ti rozhasi cely pocitac
2. vycisti PC s MBAM + ADWCleaner
logy vloz pozriem zajtra
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Problém s prohlížeči
Logfile of random's system information tool 1.10 (written by random/random)
Run by Barbora at 2015-12-21 17:14:15
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 185 GB (39%) free of 477 GB
Total RAM: 3948 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:14:25, on 21.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe
C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe
C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Barbora.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
--
End of file - 10434 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 3295952
\??\C:\Windows\system32\conhost.exe "9010298081752975392-535336865-1007083391-149869566810576136443550009812122950606
"C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
taskeng.exe {895BA79F-CAC8-4051-85DD-6795519C53EF}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2704
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
"C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/Barbora/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
szndesktop.exe default start
"C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "20502158141632067618-1109941115-239731905-656173433406306346-1610926941-388434659
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3772.0.1666009152\1395290629" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,23,51 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2345 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3772.2.57585106\1855590985" --font-cache-shared-handle=2088 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3772.3.2080471894\1020768427" --font-cache-shared-handle=2012 /prefetch:673131151
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3772.4.683593940\1269920539" --font-cache-shared-handle=4256 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3772.5.243031703\813547052" --font-cache-shared-handle=896 /prefetch:673131151
"C:\Users\Barbora\Downloads\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Security Scan for Barbora.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
=========Mozilla firefox=========
ProfilePath - C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "keyword.URL" - "https://www.google.com/search?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default\searchplugins\
firmycz.xml
google-avast.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-21 885152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-21 664184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-11-12 2757424]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"WebcamMaxAutoRun"=C:\Program Files (x86)\WebcamMax\wcmmon.exe [2011-07-17 1038848]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-27 5583120]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-12-14 3013712]
"Akamai NetSession Interface"=C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]
"cz.seznam.software.autoupdate"=C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"=C:\Windows\system32\cmd.exe [2010-11-20 345088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
c:\program files (x86)\microsoft office\office14\bcssync.exe [2012-11-05 89184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
c:\windows\system32\hkcmd.exe [2011-03-31 392216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
c:\program files\intel\intel(r) rapid storage technology\iastoriconlaunch.exe [2013-11-21 36352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
c:\windows\system32\igfxtray.exe [2011-03-31 167960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelPAN]
c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe [2011-01-18 1934608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelPROSet]
c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe [2011-01-18 1934608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncowkgoSrv]
c:\windows\inf\mncowkgo.vbe [2014-01-19 1342]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp]
c:\windows\system32\msstp.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
c:\program files (x86)\nvidia corporation\update core\nvbackend.exe [2015-11-12 2757424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
c:\windows\system32\igfxpers.exe [2011-03-31 415768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
c:\program files (x86)\common files\spigot\search settings\searchsettings.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
c:\windows\system32\nvspcap64.dll,shadowplayonsystemstart []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\synaptics\syntp\syntpenh.exe [2012-03-01 2886416]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-12-21 7021880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-26 385024]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-21 16:09:17 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-12-21 16:08:45 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-21 16:08:45 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-12-21 16:08:45 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-12-21 16:08:45 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-12-21 15:31:00 ----A---- C:\Windows\system32\aswBoot.exe
2015-12-21 15:25:16 ----D---- C:\Users\Barbora\AppData\Roaming\AVAST Software
2015-12-21 15:23:15 ----D---- C:\Program Files\Common Files\AV
2015-12-21 15:22:52 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-12-21 15:22:52 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-12-21 15:22:51 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-12-21 15:22:49 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-12-21 15:22:48 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-12-21 15:22:48 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-12-21 15:22:47 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-12-21 15:22:44 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-12-21 15:22:07 ----A---- C:\Windows\avastSS.scr
2015-12-21 15:19:56 ----D---- C:\Program Files\AVAST Software
2015-12-21 15:18:44 ----D---- C:\ProgramData\AVAST Software
2015-12-21 14:06:41 ----D---- C:\Program Files\trend micro
2015-12-21 14:06:40 ----D---- C:\rsit
2015-12-18 14:19:11 ----D---- C:\Users\Barbora\AppData\Roaming\freepicturesolutions
2015-12-13 01:58:28 ----D---- C:\Program Files (x86)\MSXML 4.0
2015-12-11 16:35:01 ----D---- C:\ProgramData\Pinnacle Studio Ultimate
2015-12-11 16:26:05 ----D---- C:\ProgramData\Studio 15
2015-12-11 16:26:05 ----D---- C:\ProgramData\Pinnacle Studio Plus
2015-12-11 16:26:04 ----D---- C:\Program Files (x86)\Pinnacle
2015-12-11 16:22:30 ----D---- C:\ProgramData\Pinnacle
2015-12-11 14:56:45 ----D---- C:\Fraps
2015-12-10 14:07:24 ----D---- C:\Program Files (x86)\Seznam.cz
2015-12-10 14:06:17 ----D---- C:\Users\Barbora\AppData\Roaming\Seznam.cz
2015-12-09 14:19:30 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-12-09 14:19:30 ----A---- C:\Windows\system32\tzres.dll
2015-12-09 14:19:13 ----A---- C:\Windows\SYSWOW64\usp10.dll
2015-12-09 14:19:13 ----A---- C:\Windows\system32\usp10.dll
2015-12-09 14:19:10 ----A---- C:\Windows\system32\DWrite.dll
2015-12-09 14:19:09 ----A---- C:\Windows\system32\win32k.sys
2015-12-09 14:19:09 ----A---- C:\Windows\system32\FntCache.dll
2015-12-09 14:19:07 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-12-09 14:19:07 ----A---- C:\Windows\system32\user32.dll
2015-12-09 14:19:02 ----A---- C:\Windows\SYSWOW64\user32.dll
2015-12-09 14:18:56 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-09 14:18:55 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2015-12-09 14:18:55 ----A---- C:\Windows\system32\wshrm.dll
2015-12-09 14:18:54 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-09 14:18:54 ----A---- C:\Windows\system32\catsrvut.dll
2015-12-09 14:18:53 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2015-12-09 14:18:52 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2015-12-09 14:18:42 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-12-09 14:18:42 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-12-09 14:18:42 ----A---- C:\Windows\system32\iertutil.dll
2015-12-09 14:18:42 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-12-09 14:18:42 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-12-09 14:18:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-12-09 14:18:41 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-12-09 14:18:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-12-09 14:18:39 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-12-09 14:18:39 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-12-09 14:18:39 ----A---- C:\Windows\system32\iernonce.dll
2015-12-09 14:18:39 ----A---- C:\Windows\system32\ie4uinit.exe
2015-12-09 14:18:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-12-09 14:18:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-12-09 14:18:38 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-12-09 14:18:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-12-09 14:18:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-12-09 14:18:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-12-09 14:18:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 14:18:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-12-09 14:18:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-12-09 14:18:33 ----A---- C:\Windows\system32\occache.dll
2015-12-09 14:18:33 ----A---- C:\Windows\system32\iedkcs32.dll
2015-12-09 14:18:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-12-09 14:18:32 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-12-09 14:18:32 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-12-09 14:18:32 ----A---- C:\Windows\system32\urlmon.dll
2015-12-09 14:18:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 14:18:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-12-09 14:18:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 14:18:31 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-09 14:18:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-12-09 14:18:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-12-09 14:18:30 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-09 14:18:28 ----A---- C:\Windows\system32\iesetup.dll
2015-12-09 14:18:28 ----A---- C:\Windows\system32\ieapfltr.dll
2015-12-09 14:18:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-12-09 14:18:24 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-12-09 14:18:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-12-09 14:18:24 ----A---- C:\Windows\system32\vbscript.dll
2015-12-09 14:18:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-12-09 14:18:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-12-09 14:18:22 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-12-09 14:18:22 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-09 14:18:20 ----A---- C:\Windows\system32\ieui.dll
2015-12-09 14:18:20 ----A---- C:\Windows\system32\ieframe.dll
2015-12-09 14:18:20 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-09 14:18:18 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-09 14:18:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-12-09 14:18:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-09 14:18:16 ----A---- C:\Windows\system32\webcheck.dll
2015-12-09 14:18:16 ----A---- C:\Windows\system32\jscript9diag.dll
2015-12-09 14:18:16 ----A---- C:\Windows\system32\jscript.dll
2015-12-09 14:18:15 ----A---- C:\Windows\system32\jscript9.dll
2015-12-09 14:18:14 ----A---- C:\Windows\system32\wininet.dll
2015-12-09 14:18:12 ----A---- C:\Windows\system32\msrating.dll
2015-12-09 14:18:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-12-09 14:18:10 ----A---- C:\Windows\system32\mshtml.dll
2015-12-09 14:16:17 ----A---- C:\Windows\SYSWOW64\els.dll
2015-12-09 14:16:17 ----A---- C:\Windows\system32\els.dll
2015-12-02 16:51:22 ----A---- C:\Windows\system32\wups2.dll
2015-12-02 16:51:22 ----A---- C:\Windows\system32\wuauclt.exe
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wuwebv.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wups.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wudriver.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wucltux.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wuaueng.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wuapp.exe
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wuapi.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-29 15:43:24 ----D---- C:\Program Files (x86)\World of Warcraft
2015-11-29 15:43:24 ----D---- C:\Data
2015-11-27 21:17:03 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2015-11-27 21:17:03 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2015-11-27 21:17:03 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2015-11-27 21:17:03 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2015-11-27 21:17:03 ----A---- C:\Windows\system32\nlsbres.dll
2015-11-27 21:17:03 ----A---- C:\Windows\system32\kbdgeoqw.dll
2015-11-27 21:17:03 ----A---- C:\Windows\system32\KBDAZEL.DLL
2015-11-27 21:17:03 ----A---- C:\Windows\system32\KBDAZE.DLL
2015-11-22 23:32:00 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
======List of files/folders modified in the last 1 month======
2015-12-21 17:14:18 ----D---- C:\Windows\Temp
2015-12-21 17:08:43 ----D---- C:\Program Files (x86)\Steam
2015-12-21 17:07:00 ----D---- C:\Windows
2015-12-21 17:06:57 ----D---- C:\ProgramData\NVIDIA
2015-12-21 17:05:17 ----HD---- C:\ProgramData
2015-12-21 17:05:15 ----D---- C:\AdwCleaner
2015-12-21 16:53:56 ----D---- C:\Windows\inf
2015-12-21 16:53:50 ----D---- C:\Windows\SoftwareDistribution
2015-12-21 16:45:55 ----D---- C:\Windows\system32\drivers
2015-12-21 16:45:55 ----D---- C:\Windows\system
2015-12-21 16:42:48 ----D---- C:\Windows\system32\Tasks
2015-12-21 16:08:45 ----RD---- C:\Program Files (x86)
2015-12-21 15:41:57 ----D---- C:\Program Files (x86)\IObit
2015-12-21 15:31:03 ----D---- C:\Windows\System32
2015-12-21 15:23:15 ----D---- C:\Program Files\Common Files
2015-12-21 15:23:15 ----D---- C:\Program Files (x86)\Common Files
2015-12-21 15:22:42 ----D---- C:\Windows\winsxs
2015-12-21 15:19:56 ----RD---- C:\Program Files
2015-12-21 14:22:35 ----D---- C:\Program Files (x86)\Battle.net
2015-12-21 13:44:52 ----D---- C:\Windows\system32\config
2015-12-21 13:41:57 ----D---- C:\Windows\system32\catroot2
2015-12-20 15:18:44 ----SHD---- C:\Boot
2015-12-19 22:40:41 ----SHD---- C:\Windows\Installer
2015-12-19 22:40:40 ----SHD---- C:\Config.Msi
2015-12-19 22:39:40 ----SHD---- C:\System Volume Information
2015-12-19 22:36:30 ----D---- C:\Users\Barbora\AppData\Roaming\vlc
2015-12-19 22:32:32 ----D---- C:\The KMPlayer
2015-12-19 15:30:14 ----D---- C:\Users\Barbora\AppData\Roaming\TS3Client
2015-12-18 14:54:53 ----SD---- C:\Windows\SYSWOW64\GWX
2015-12-18 14:54:53 ----SD---- C:\Windows\system32\GWX
2015-12-18 14:17:51 ----D---- C:\ProgramData\WebcamMax
2015-12-18 12:10:04 ----D---- C:\Users\Barbora\AppData\Roaming\uTorrent
2015-12-18 01:45:34 ----D---- C:\Windows\SysWOW64
2015-12-18 01:45:34 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-12-18 01:45:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-17 11:57:14 ----D---- C:\Program Files (x86)\Hearthstone
2015-12-16 14:18:19 ----D---- C:\ProgramData\ProductData
2015-12-11 16:38:43 ----D---- C:\Windows\system32\DriverStore
2015-12-11 16:30:32 ----RSD---- C:\Windows\Fonts
2015-12-11 14:55:12 ----D---- C:\Windows\Microsoft.NET
2015-12-11 00:05:59 ----RSD---- C:\Windows\assembly
2015-12-10 21:04:48 ----D---- C:\Windows\debug
2015-12-10 12:09:26 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-12-10 12:09:26 ----D---- C:\Windows\system32\cs-CZ
2015-12-10 12:09:24 ----D---- C:\Windows\ehome
2015-12-10 12:09:19 ----D---- C:\Program Files\Internet Explorer
2015-12-10 12:09:18 ----D---- C:\Windows\SYSWOW64\en-US
2015-12-10 12:09:15 ----D---- C:\Windows\system32\en-US
2015-12-10 12:09:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-10 00:42:50 ----D---- C:\ProgramData\Microsoft Help
2015-12-10 00:40:20 ----D---- C:\Windows\system32\MRT
2015-12-10 00:32:41 ----A---- C:\Windows\system32\MRT.exe
2015-12-09 22:34:40 ----D---- C:\ProgramData\NVIDIA Corporation
2015-12-09 22:34:40 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-12-09 22:34:38 ----D---- C:\Program Files\NVIDIA Corporation
2015-12-09 04:39:31 ----N---- C:\Windows\system32\MpSigStub.exe
2015-12-08 23:36:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-12-05 15:23:42 ----D---- C:\Windows\Tasks
2015-11-29 15:49:10 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-11-22 15:35:32 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-21 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-21 273784]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-11-21 632168]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-11-21 28008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-02-08 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-28 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-12-21 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-21 1055560]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-21 451040]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2014-02-08 300320]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-21 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-21 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-12-21 155304]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-02 2380448]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-04-09 30352]
R3 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys); C:\Windows\System32\Drivers\FPSensor.sys [2011-09-15 36656]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-26 12222080]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-07-18 129224]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-02-28 99288]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2014-01-07 359128]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-01 425232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 MpKsl811a367f;MpKsl811a367f; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F6B4043C-9906-4ACB-BCB1-DAD03C05D5C3}\MpKsl811a367f.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2014-02-28 21712]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-12-21 226440]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-18 1515792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-21 15720]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 923936]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-18 845584]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-02-08 411936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1272592]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-18 107848]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-30 2909472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-18 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-08 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-27 149160]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-18 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-28 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Run by Barbora at 2015-12-21 17:14:15
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 185 GB (39%) free of 477 GB
Total RAM: 3948 MB (53% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:14:25, on 21.12.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Electronic Arts\EADM\Core.exe
C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe
C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe
C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Barbora.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=12454
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless ZeroConfig Service (ZcfgSvc7) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
--
End of file - 10434 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\WLANExt.exe 3295952
\??\C:\Windows\system32\conhost.exe "9010298081752975392-535336865-1007083391-149869566810576136443550009812122950606
"C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
taskeng.exe {895BA79F-CAC8-4051-85DD-6795519C53EF}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2704
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
"C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe"
"C:/Users/Barbora/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
szndesktop.exe default start
"C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "20502158141632067618-1109941115-239731905-656173433406306346-1610926941-388434659
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3772.0.1666009152\1395290629" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,23,51 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2345 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3772.2.57585106\1855590985" --font-cache-shared-handle=2088 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3772.3.2080471894\1020768427" --font-cache-shared-handle=2012 /prefetch:673131151
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3772.4.683593940\1269920539" --font-cache-shared-handle=4256 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="3772.5.243031703\813547052" --font-cache-shared-handle=896 /prefetch:673131151
"C:\Users\Barbora\Downloads\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_228_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Norton Security Scan for Barbora.job - C:\PROGRA~2\NORTON~2\Engine\410~1.28\Nss.exe /scan-quick /scheduled
=========Mozilla firefox=========
ProfilePath - C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.com/?trackid=sp-006"
prefs.js - "keyword.URL" - "https://www.google.com/search?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.235 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 20.0.0.235 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default\searchplugins\
firmycz.xml
google-avast.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-21 885152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-21 664184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-11-12 2757424]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [2009-03-28 3325952]
"WebcamMaxAutoRun"=C:\Program Files (x86)\WebcamMax\wcmmon.exe [2011-07-17 1038848]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2015-02-27 5583120]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2015-12-14 3013712]
"Akamai NetSession Interface"=C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe [2015-09-10 4691384]
"cz.seznam.software.autoupdate"=C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"=C:\Windows\system32\cmd.exe [2010-11-20 345088]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
c:\program files (x86)\microsoft office\office14\bcssync.exe [2012-11-05 89184]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
c:\windows\system32\hkcmd.exe [2011-03-31 392216]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
c:\program files\intel\intel(r) rapid storage technology\iastoriconlaunch.exe [2013-11-21 36352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
c:\windows\system32\igfxtray.exe [2011-03-31 167960]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelPAN]
c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe [2011-01-18 1934608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelPROSet]
c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe [2011-01-18 1934608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncowkgoSrv]
c:\windows\inf\mncowkgo.vbe [2014-01-19 1342]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp]
c:\windows\system32\msstp.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
c:\program files (x86)\nvidia corporation\update core\nvbackend.exe [2015-11-12 2757424]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
c:\windows\system32\igfxpers.exe [2011-03-31 415768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
c:\program files (x86)\common files\spigot\search settings\searchsettings.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
c:\windows\system32\nvspcap64.dll,shadowplayonsystemstart []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\synaptics\syntp\syntpenh.exe [2012-03-01 2886416]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-12-21 7021880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-26 385024]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-12-21 16:09:17 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2015-12-21 16:08:45 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-21 16:08:45 ----A---- C:\Windows\system32\drivers\mwac.sys
2015-12-21 16:08:45 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2015-12-21 16:08:45 ----A---- C:\Windows\system32\drivers\mbam.sys
2015-12-21 15:31:00 ----A---- C:\Windows\system32\aswBoot.exe
2015-12-21 15:25:16 ----D---- C:\Users\Barbora\AppData\Roaming\AVAST Software
2015-12-21 15:23:15 ----D---- C:\Program Files\Common Files\AV
2015-12-21 15:22:52 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2015-12-21 15:22:52 ----A---- C:\Windows\system32\drivers\aswStm.sys
2015-12-21 15:22:51 ----A---- C:\Windows\system32\drivers\aswSP.sys
2015-12-21 15:22:49 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2015-12-21 15:22:48 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2015-12-21 15:22:48 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2015-12-21 15:22:47 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2015-12-21 15:22:44 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2015-12-21 15:22:07 ----A---- C:\Windows\avastSS.scr
2015-12-21 15:19:56 ----D---- C:\Program Files\AVAST Software
2015-12-21 15:18:44 ----D---- C:\ProgramData\AVAST Software
2015-12-21 14:06:41 ----D---- C:\Program Files\trend micro
2015-12-21 14:06:40 ----D---- C:\rsit
2015-12-18 14:19:11 ----D---- C:\Users\Barbora\AppData\Roaming\freepicturesolutions
2015-12-13 01:58:28 ----D---- C:\Program Files (x86)\MSXML 4.0
2015-12-11 16:35:01 ----D---- C:\ProgramData\Pinnacle Studio Ultimate
2015-12-11 16:26:05 ----D---- C:\ProgramData\Studio 15
2015-12-11 16:26:05 ----D---- C:\ProgramData\Pinnacle Studio Plus
2015-12-11 16:26:04 ----D---- C:\Program Files (x86)\Pinnacle
2015-12-11 16:22:30 ----D---- C:\ProgramData\Pinnacle
2015-12-11 14:56:45 ----D---- C:\Fraps
2015-12-10 14:07:24 ----D---- C:\Program Files (x86)\Seznam.cz
2015-12-10 14:06:17 ----D---- C:\Users\Barbora\AppData\Roaming\Seznam.cz
2015-12-09 14:19:30 ----A---- C:\Windows\SYSWOW64\tzres.dll
2015-12-09 14:19:30 ----A---- C:\Windows\system32\tzres.dll
2015-12-09 14:19:13 ----A---- C:\Windows\SYSWOW64\usp10.dll
2015-12-09 14:19:13 ----A---- C:\Windows\system32\usp10.dll
2015-12-09 14:19:10 ----A---- C:\Windows\system32\DWrite.dll
2015-12-09 14:19:09 ----A---- C:\Windows\system32\win32k.sys
2015-12-09 14:19:09 ----A---- C:\Windows\system32\FntCache.dll
2015-12-09 14:19:07 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-12-09 14:19:07 ----A---- C:\Windows\system32\user32.dll
2015-12-09 14:19:02 ----A---- C:\Windows\SYSWOW64\user32.dll
2015-12-09 14:18:56 ----A---- C:\Windows\system32\drivers\rmcast.sys
2015-12-09 14:18:55 ----A---- C:\Windows\SYSWOW64\wshrm.dll
2015-12-09 14:18:55 ----A---- C:\Windows\system32\wshrm.dll
2015-12-09 14:18:54 ----A---- C:\Windows\system32\comsvcs.dll
2015-12-09 14:18:54 ----A---- C:\Windows\system32\catsrvut.dll
2015-12-09 14:18:53 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2015-12-09 14:18:52 ----A---- C:\Windows\SYSWOW64\catsrvut.dll
2015-12-09 14:18:42 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-12-09 14:18:42 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-12-09 14:18:42 ----A---- C:\Windows\system32\iertutil.dll
2015-12-09 14:18:42 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-12-09 14:18:42 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-12-09 14:18:41 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-12-09 14:18:41 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-12-09 14:18:40 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-12-09 14:18:39 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-12-09 14:18:39 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-12-09 14:18:39 ----A---- C:\Windows\system32\iernonce.dll
2015-12-09 14:18:39 ----A---- C:\Windows\system32\ie4uinit.exe
2015-12-09 14:18:38 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-12-09 14:18:38 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-12-09 14:18:38 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-12-09 14:18:37 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-12-09 14:18:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-12-09 14:18:37 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-12-09 14:18:37 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 14:18:33 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-12-09 14:18:33 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-12-09 14:18:33 ----A---- C:\Windows\system32\occache.dll
2015-12-09 14:18:33 ----A---- C:\Windows\system32\iedkcs32.dll
2015-12-09 14:18:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-12-09 14:18:32 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-12-09 14:18:32 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-12-09 14:18:32 ----A---- C:\Windows\system32\urlmon.dll
2015-12-09 14:18:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 14:18:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-12-09 14:18:31 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 14:18:31 ----A---- C:\Windows\system32\dxtrans.dll
2015-12-09 14:18:30 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-12-09 14:18:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-12-09 14:18:30 ----A---- C:\Windows\system32\msfeeds.dll
2015-12-09 14:18:28 ----A---- C:\Windows\system32\iesetup.dll
2015-12-09 14:18:28 ----A---- C:\Windows\system32\ieapfltr.dll
2015-12-09 14:18:25 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-12-09 14:18:24 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-12-09 14:18:24 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-12-09 14:18:24 ----A---- C:\Windows\system32\vbscript.dll
2015-12-09 14:18:23 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-12-09 14:18:23 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-12-09 14:18:22 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-12-09 14:18:22 ----A---- C:\Windows\system32\jsproxy.dll
2015-12-09 14:18:20 ----A---- C:\Windows\system32\ieui.dll
2015-12-09 14:18:20 ----A---- C:\Windows\system32\ieframe.dll
2015-12-09 14:18:20 ----A---- C:\Windows\system32\dxtmsft.dll
2015-12-09 14:18:18 ----A---- C:\Windows\system32\mshtmled.dll
2015-12-09 14:18:17 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-12-09 14:18:17 ----A---- C:\Windows\system32\ieUnatt.exe
2015-12-09 14:18:16 ----A---- C:\Windows\system32\webcheck.dll
2015-12-09 14:18:16 ----A---- C:\Windows\system32\jscript9diag.dll
2015-12-09 14:18:16 ----A---- C:\Windows\system32\jscript.dll
2015-12-09 14:18:15 ----A---- C:\Windows\system32\jscript9.dll
2015-12-09 14:18:14 ----A---- C:\Windows\system32\wininet.dll
2015-12-09 14:18:12 ----A---- C:\Windows\system32\msrating.dll
2015-12-09 14:18:12 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-12-09 14:18:10 ----A---- C:\Windows\system32\mshtml.dll
2015-12-09 14:16:17 ----A---- C:\Windows\SYSWOW64\els.dll
2015-12-09 14:16:17 ----A---- C:\Windows\system32\els.dll
2015-12-02 16:51:22 ----A---- C:\Windows\system32\wups2.dll
2015-12-02 16:51:22 ----A---- C:\Windows\system32\wuauclt.exe
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-12-02 16:51:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wuwebv.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wups.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wudriver.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wucltux.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wuaueng.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wuapp.exe
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wuapi.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-12-02 16:51:21 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-29 15:43:24 ----D---- C:\Program Files (x86)\World of Warcraft
2015-11-29 15:43:24 ----D---- C:\Data
2015-11-27 21:17:03 ----A---- C:\Windows\SYSWOW64\nlsbres.dll
2015-11-27 21:17:03 ----A---- C:\Windows\SYSWOW64\kbdgeoqw.dll
2015-11-27 21:17:03 ----A---- C:\Windows\SYSWOW64\KBDAZEL.DLL
2015-11-27 21:17:03 ----A---- C:\Windows\SYSWOW64\KBDAZE.DLL
2015-11-27 21:17:03 ----A---- C:\Windows\system32\nlsbres.dll
2015-11-27 21:17:03 ----A---- C:\Windows\system32\kbdgeoqw.dll
2015-11-27 21:17:03 ----A---- C:\Windows\system32\KBDAZEL.DLL
2015-11-27 21:17:03 ----A---- C:\Windows\system32\KBDAZE.DLL
2015-11-22 23:32:00 ----D---- C:\Program Files (x86)\Microsoft ASP.NET
======List of files/folders modified in the last 1 month======
2015-12-21 17:14:18 ----D---- C:\Windows\Temp
2015-12-21 17:08:43 ----D---- C:\Program Files (x86)\Steam
2015-12-21 17:07:00 ----D---- C:\Windows
2015-12-21 17:06:57 ----D---- C:\ProgramData\NVIDIA
2015-12-21 17:05:17 ----HD---- C:\ProgramData
2015-12-21 17:05:15 ----D---- C:\AdwCleaner
2015-12-21 16:53:56 ----D---- C:\Windows\inf
2015-12-21 16:53:50 ----D---- C:\Windows\SoftwareDistribution
2015-12-21 16:45:55 ----D---- C:\Windows\system32\drivers
2015-12-21 16:45:55 ----D---- C:\Windows\system
2015-12-21 16:42:48 ----D---- C:\Windows\system32\Tasks
2015-12-21 16:08:45 ----RD---- C:\Program Files (x86)
2015-12-21 15:41:57 ----D---- C:\Program Files (x86)\IObit
2015-12-21 15:31:03 ----D---- C:\Windows\System32
2015-12-21 15:23:15 ----D---- C:\Program Files\Common Files
2015-12-21 15:23:15 ----D---- C:\Program Files (x86)\Common Files
2015-12-21 15:22:42 ----D---- C:\Windows\winsxs
2015-12-21 15:19:56 ----RD---- C:\Program Files
2015-12-21 14:22:35 ----D---- C:\Program Files (x86)\Battle.net
2015-12-21 13:44:52 ----D---- C:\Windows\system32\config
2015-12-21 13:41:57 ----D---- C:\Windows\system32\catroot2
2015-12-20 15:18:44 ----SHD---- C:\Boot
2015-12-19 22:40:41 ----SHD---- C:\Windows\Installer
2015-12-19 22:40:40 ----SHD---- C:\Config.Msi
2015-12-19 22:39:40 ----SHD---- C:\System Volume Information
2015-12-19 22:36:30 ----D---- C:\Users\Barbora\AppData\Roaming\vlc
2015-12-19 22:32:32 ----D---- C:\The KMPlayer
2015-12-19 15:30:14 ----D---- C:\Users\Barbora\AppData\Roaming\TS3Client
2015-12-18 14:54:53 ----SD---- C:\Windows\SYSWOW64\GWX
2015-12-18 14:54:53 ----SD---- C:\Windows\system32\GWX
2015-12-18 14:17:51 ----D---- C:\ProgramData\WebcamMax
2015-12-18 12:10:04 ----D---- C:\Users\Barbora\AppData\Roaming\uTorrent
2015-12-18 01:45:34 ----D---- C:\Windows\SysWOW64
2015-12-18 01:45:34 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-12-18 01:45:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-12-17 11:57:14 ----D---- C:\Program Files (x86)\Hearthstone
2015-12-16 14:18:19 ----D---- C:\ProgramData\ProductData
2015-12-11 16:38:43 ----D---- C:\Windows\system32\DriverStore
2015-12-11 16:30:32 ----RSD---- C:\Windows\Fonts
2015-12-11 14:55:12 ----D---- C:\Windows\Microsoft.NET
2015-12-11 00:05:59 ----RSD---- C:\Windows\assembly
2015-12-10 21:04:48 ----D---- C:\Windows\debug
2015-12-10 12:09:26 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-12-10 12:09:26 ----D---- C:\Windows\system32\cs-CZ
2015-12-10 12:09:24 ----D---- C:\Windows\ehome
2015-12-10 12:09:19 ----D---- C:\Program Files\Internet Explorer
2015-12-10 12:09:18 ----D---- C:\Windows\SYSWOW64\en-US
2015-12-10 12:09:15 ----D---- C:\Windows\system32\en-US
2015-12-10 12:09:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-12-10 00:42:50 ----D---- C:\ProgramData\Microsoft Help
2015-12-10 00:40:20 ----D---- C:\Windows\system32\MRT
2015-12-10 00:32:41 ----A---- C:\Windows\system32\MRT.exe
2015-12-09 22:34:40 ----D---- C:\ProgramData\NVIDIA Corporation
2015-12-09 22:34:40 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-12-09 22:34:38 ----D---- C:\Program Files\NVIDIA Corporation
2015-12-09 04:39:31 ----N---- C:\Windows\system32\MpSigStub.exe
2015-12-08 23:36:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-12-05 15:23:42 ----D---- C:\Windows\Tasks
2015-11-29 15:49:10 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-11-22 15:35:32 ----D---- C:\Windows\Prefetch
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-12-21 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-12-21 273784]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-11-21 632168]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-11-21 28008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2014-02-08 32544]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-02-28 834544]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-12-21 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-12-21 1055560]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-12-21 451040]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2014-02-08 300320]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-12-21 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-12-21 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-12-21 155304]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-11-02 2380448]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-04-09 30352]
R3 FPSensor;EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys); C:\Windows\System32\Drivers\FPSensor.sys [2011-09-15 36656]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-26 12222080]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2013-07-18 129224]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-02-28 99288]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2014-01-07 359128]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-03-01 425232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 MpKsl811a367f;MpKsl811a367f; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F6B4043C-9906-4ACB-BCB1-DAD03C05D5C3}\MpKsl811a367f.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2014-02-28 21712]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2014-03-31 58056]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
S4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-12-21 226440]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-01-18 1515792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-21 15720]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 923936]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-01-18 845584]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-02-08 411936]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2012-07-17 2292480]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-02-27 1272592]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-18 107848]
S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2015-07-30 2909472]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-08 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-03-31 1512640]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-18 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-11-08 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-27 149160]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-01-18 340240]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-12-14 836176]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-02-28 1255736]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
-----------------EOF-----------------
Re: Problém s prohlížeči
vycisti PC s CCleanerom - hlavne registre a vloz log FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Problém s prohlížeči
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
Ran by Barbora (administrator) on BARBORA-PC (22-12-2015 18:37:39)
Running from C:\Users\Barbora\Downloads
Loaded Profiles: Barbora (Available Profiles: Barbora)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4645\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6526\Battle.net.exe
(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Wow-64.exe
(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Utils\WowBrowserProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Barbora\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-21] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [WebcamMaxAutoRun] => C:\Program Files (x86)\WebcamMax\wcmmon.exe [1038848 2011-07-17] ()
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\RunOnce: [Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\MountPoints2: {2bd92cdf-deb1-11e4-8475-e89a8fe626b5} - E:\setup.exe
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-21] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 83.240.0.214 83.240.0.135
Tcpip\..\Interfaces\{2876AA5D-3766-4368-B7DC-B0EA809031AF}: [DhcpNameServer] 83.240.0.214 83.240.0.135
Internet Explorer:
==================
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {173B5720-37CE-44D1-B167-82EACAC2B1DB} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {5923B789-ED3D-453A-8BDD-0BFCF3C78994} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {644F9B93-B3CB-4666-8160-0CE76122107F} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {6FECD36B-C52C-4C1A-A0B3-28E24F579159} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {992C831A-039A-415F-AB53-EA70E662CEEE} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {9BA26038-CDEE-4737-B4CE-D5FEFB0D3AB4} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {AA8AA949-BE20-4B02-B3B4-E4312612BE75} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {EBFB1295-25FB-449C-8EBB-263B1934265B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {FAC08C38-22F0-4969-9A4C-CF5CEC561FA9} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-21] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-21] (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default
FF DefaultSearchEngine: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search?trackid=sp-006
FF DefaultSearchUrl: hxxps://www.google.com/search?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default\searchplugins\firmycz.xml [2015-12-10]
FF SearchPlugin: C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default\searchplugins\google-avast.xml [2015-12-21]
FF SearchPlugin: C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default\searchplugins\zbocz.xml [2015-12-10]
FF Extension: Adblock Plus - C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-21]
Chrome:
=======
CHR Profile: C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (AdBlock) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-04]
CHR Extension: (Avast Online Security) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-21]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-21] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-18] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [992256 2011-01-18] (Intel(R) Corporation) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-21] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-09] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-02-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2014-02-08] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-02-28] () [File not signed]
S1 MpKsl811a367f; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F6B4043C-9906-4ACB-BCB1-DAD03C05D5C3}\MpKsl811a367f.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-22 18:37 - 2015-12-22 18:40 - 00018743 _____ C:\Users\Barbora\Downloads\FRST.txt
2015-12-22 18:35 - 2015-12-22 18:35 - 00000183 _____ C:\Users\Barbora\Downloads\Fixlog.txt
2015-12-22 18:34 - 2015-12-22 18:35 - 02370560 _____ (Farbar) C:\Users\Barbora\Downloads\FRST64.exe
2015-12-22 18:34 - 2015-12-22 18:35 - 02370560 _____ (Farbar) C:\Users\Barbora\Downloads\FRST64 (1).exe
2015-12-21 23:57 - 2015-12-21 23:57 - 00043427 _____ C:\Users\Barbora\Downloads\Pretty-Little-Liars-S02E03(0000177856).srt
2015-12-21 18:35 - 2015-12-21 18:35 - 00024557 _____ C:\Users\Barbora\Downloads\The.Walking.Dead.S06E08.HDTV.x264-KILLERS.srt
2015-12-21 17:14 - 2015-12-21 17:14 - 01222144 _____ C:\Users\Barbora\Downloads\RSITx64 (1).exe
2015-12-21 16:55 - 2015-12-21 16:55 - 01743360 _____ C:\Users\Barbora\Downloads\adwcleaner_5.026.exe
2015-12-21 16:43 - 2015-12-21 16:49 - 00000080 _____ C:\Users\Barbora\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk
2015-12-21 16:09 - 2015-12-21 16:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-21 16:08 - 2015-12-21 16:50 - 00001100 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-21 16:08 - 2015-12-21 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-21 16:08 - 2015-12-21 16:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-21 16:08 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-21 16:08 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-21 16:08 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-21 16:07 - 2015-12-21 16:08 - 22908888 _____ (Malwarebytes ) C:\Users\Barbora\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-21 15:31 - 2015-12-21 15:22 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-21 15:25 - 2015-12-21 15:25 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\AVAST Software
2015-12-21 15:23 - 2015-12-22 17:32 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-21 15:23 - 2015-12-21 16:50 - 00001960 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-12-21 15:23 - 2015-12-21 15:23 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-21 15:23 - 2015-12-21 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-21 15:23 - 2015-12-21 15:23 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-21 15:22 - 2015-12-21 15:23 - 00451040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-12-21 15:22 - 2015-12-21 15:23 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-12-21 15:22 - 2015-12-21 15:22 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-21 15:22 - 2015-12-21 15:22 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-21 15:22 - 2015-12-21 15:22 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-21 15:22 - 2015-12-21 15:22 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-21 15:22 - 2015-12-21 15:22 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-21 15:22 - 2015-12-21 15:22 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-21 15:22 - 2015-12-21 15:21 - 01055560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-21 15:19 - 2015-12-21 15:19 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-21 15:18 - 2015-12-21 15:18 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-21 15:17 - 2015-12-21 15:18 - 05066104 _____ (AVAST Software) C:\Users\Barbora\Downloads\avast_free_antivirus_setup_online.exe
2015-12-21 14:06 - 2015-12-21 17:14 - 00000000 ____D C:\Program Files\trend micro
2015-12-21 14:06 - 2015-12-21 14:06 - 01222144 _____ C:\Users\Barbora\Downloads\RSITx64.exe
2015-12-21 14:06 - 2015-12-21 14:06 - 00000000 ____D C:\rsit
2015-12-20 15:18 - 2015-12-20 15:18 - 00000000 _____ C:\asc_rdflag
2015-12-19 17:46 - 2015-12-19 17:47 - 00521162 _____ C:\Users\Barbora\Downloads\QuestCompletist_v105.zip
2015-12-19 16:22 - 2015-12-19 16:22 - 00206034 _____ C:\Users\Barbora\Downloads\QuestGuru2.3.12.zip
2015-12-19 16:14 - 2015-12-19 16:14 - 00391680 _____ C:\Users\Barbora\Downloads\Recount-v6.2.3e_release.zip
2015-12-19 16:12 - 2015-12-19 16:12 - 02575269 _____ C:\Users\Barbora\Downloads\DBM-Core-6.2.17.zip
2015-12-18 14:22 - 2015-12-18 14:22 - 00000000 ____D C:\Users\Barbora\AppData\Local\SkinSoft
2015-12-18 14:19 - 2015-12-18 14:19 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\freepicturesolutions
2015-12-18 14:18 - 2015-12-18 14:19 - 04122280 _____ (freepicturesolutions) C:\Users\Barbora\Downloads\webcamrecorder_setup.exe
2015-12-17 23:39 - 2015-12-17 23:39 - 00027216 _____ C:\Users\Barbora\Downloads\The.Walking.Dead.S06E07.HDTV.x264-FLEET.srt
2015-12-17 22:47 - 2015-12-17 22:47 - 00045889 _____ C:\Users\Barbora\Downloads\Pretty-Little-Liars-S02E02(0000177577).srt
2015-12-14 14:19 - 2015-12-14 14:19 - 00072002 _____ C:\Users\Barbora\Downloads\vypis_z_prihlasky.pdf
2015-12-13 01:58 - 2015-12-13 01:58 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-12-11 16:40 - 2015-12-11 17:16 - 00000000 ____D C:\Users\Barbora\Documents\Pinnacle Studio
2015-12-11 16:39 - 2015-12-11 16:40 - 00000000 ____D C:\Users\Barbora\AppData\Local\Pinnacle
2015-12-11 16:35 - 2015-12-11 16:35 - 00000000 ____D C:\ProgramData\Pinnacle Studio Ultimate
2015-12-11 16:30 - 2015-12-21 16:50 - 00001188 _____ C:\Users\Public\Desktop\Pinnacle Studio 15.lnk
2015-12-11 16:30 - 2015-12-11 16:40 - 00000000 ____D C:\Users\Public\Documents\My Projects
2015-12-11 16:30 - 2015-12-11 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 15
2015-12-11 16:26 - 2015-12-11 16:34 - 00000000 ____D C:\Users\Public\Documents\Pinnacle
2015-12-11 16:26 - 2015-12-11 16:26 - 00000000 ____D C:\ProgramData\Studio 15
2015-12-11 16:26 - 2015-12-11 16:26 - 00000000 ____D C:\ProgramData\Pinnacle Studio Plus
2015-12-11 16:26 - 2015-12-11 16:26 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2015-12-11 16:22 - 2015-12-11 16:40 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2015-12-11 16:22 - 2015-12-11 16:33 - 00000000 ____D C:\ProgramData\Pinnacle
2015-12-11 15:36 - 2015-12-11 16:06 - 2426618123 _____ C:\Users\Barbora\Downloads\pinnacle-studio-15_15.exe
2015-12-11 14:56 - 2015-12-21 16:50 - 00000566 _____ C:\Users\Public\Desktop\Fraps.lnk
2015-12-11 14:56 - 2015-12-11 14:58 - 00000000 ____D C:\Fraps
2015-12-11 14:56 - 2015-12-11 14:56 - 02629213 _____ C:\Users\Barbora\Downloads\Fraps-Crack-3.5.99-by-Agent005TV (1).rar
2015-12-11 14:56 - 2015-12-11 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-12-10 15:10 - 2015-12-10 15:10 - 00000000 ____D C:\Users\Barbora\AppData\Local\Daedalic Entertainment
2015-12-10 14:52 - 2015-12-10 14:53 - 02629213 _____ C:\Users\Barbora\Downloads\Fraps-Crack-3.5.99-by-Agent005TV.rar
2015-12-10 14:42 - 2015-12-10 14:42 - 04650735 _____ C:\Users\Barbora\Downloads\Fraps-+crack.rar
2015-12-10 14:07 - 2015-12-10 14:07 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-12-10 14:06 - 2015-12-22 17:34 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\Seznam.cz
2015-12-10 14:02 - 2015-12-10 14:05 - 09694208 _____ C:\Users\Barbora\Downloads\fraps.exe
2015-12-10 13:24 - 2015-12-10 13:24 - 00000222 _____ C:\Users\Barbora\Desktop\The Night of the Rabbit.url
2015-12-09 14:19 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 14:19 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 14:19 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 14:19 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 14:19 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 14:19 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 14:19 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 14:19 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 14:19 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 14:19 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 14:18 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 14:18 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 14:18 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 14:18 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 14:18 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 14:18 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 14:18 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 14:18 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 14:18 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 14:18 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 14:18 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 14:18 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 14:18 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 14:18 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 14:18 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 14:18 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 14:18 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 14:18 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 14:18 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 14:18 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 14:18 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 14:18 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 14:18 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 14:18 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 14:18 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 14:18 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 14:18 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 14:18 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 14:18 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 14:18 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 14:18 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 14:18 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 14:18 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 14:18 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 14:18 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 14:18 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 14:18 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 14:18 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 14:18 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 14:18 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 14:18 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 14:18 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 14:18 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 14:18 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 14:18 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 14:18 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 14:18 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 14:18 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 14:18 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 14:18 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 14:18 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 14:18 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 14:18 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 14:18 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 14:18 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 14:18 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 14:18 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 14:18 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 14:18 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 14:18 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 14:18 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 14:18 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 14:18 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 14:18 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 14:18 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 14:18 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 14:18 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 14:18 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 14:18 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 14:18 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 14:18 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 14:16 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 14:16 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-07 22:20 - 2015-12-07 22:45 - 733248548 ____R C:\Users\Barbora\Downloads\Emma.1996.DVDrip.XviD.Mp3.Ita-M4V3.avi
2015-12-02 17:01 - 2015-12-02 17:01 - 00152053 _____ C:\Users\Barbora\Downloads\jaro 2013 klíč.pdf
2015-12-02 16:51 - 2015-12-02 16:51 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-02 16:51 - 2015-12-02 16:51 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-02 16:51 - 2015-12-02 16:51 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-02 16:51 - 2015-12-02 16:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-29 15:54 - 2015-12-21 16:50 - 00001234 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2015-11-29 15:54 - 2015-11-29 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-11-29 15:43 - 2015-12-22 17:55 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-11-29 15:43 - 2015-11-29 15:43 - 00000000 ____D C:\Data
2015-11-29 14:20 - 2015-11-29 14:41 - 367097960 _____ C:\Users\Barbora\Downloads\Amazing.Race.S12E09.DVBS.XviD.CZ-LBD.rar
2015-11-27 22:41 - 2015-11-27 22:41 - 00133251 _____ C:\Users\Barbora\Downloads\21-Jump-Street(0000202420).srt
2015-11-27 21:17 - 2015-11-27 21:17 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-11-27 21:17 - 2015-11-27 21:17 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-27 21:17 - 2015-11-27 21:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-11-27 21:17 - 2015-11-27 21:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-11-27 21:17 - 2015-11-27 21:17 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-27 21:17 - 2015-11-27 21:17 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-27 21:17 - 2015-11-27 21:17 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-27 21:17 - 2015-11-27 21:17 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-27 21:17 - 2015-11-27 21:17 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-27 21:17 - 2015-11-27 21:17 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-27 20:13 - 2015-11-27 20:13 - 00000000 ____D C:\Users\Barbora\Downloads\The.Green.Inferno.2015.HDRip.XViD-ETRG
2015-11-24 16:59 - 2015-11-24 16:59 - 00000000 ____D C:\Users\Barbora\Downloads\American.Horror.Story.S05E05.HDTV.x264-FLEET[rarbg]
2015-11-22 23:32 - 2015-11-22 23:32 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-11-22 22:20 - 2015-11-22 22:20 - 00314049 _____ C:\Users\Barbora\Downloads\game-of-thrones-subtitles-cz-1.zip
2015-11-22 17:01 - 2015-12-22 00:49 - 00000000 ____D C:\Users\Barbora\Downloads\Pretty.Little.Liars.Season.2.480p.HDTV.H264
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-22 18:37 - 2015-04-16 18:10 - 00000000 ____D C:\FRST
2015-12-22 18:36 - 2015-01-24 22:53 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-22 18:34 - 2015-04-19 16:15 - 00000000 ____D C:\Users\Barbora\AppData\Local\Battle.net
2015-12-22 18:28 - 2015-04-18 12:48 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-22 17:54 - 2014-02-27 22:36 - 00000000 ____D C:\Users\Barbora
2015-12-22 17:53 - 2015-04-19 16:15 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-22 17:50 - 2015-08-29 20:03 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\uTorrent
2015-12-22 17:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-22 17:41 - 2009-07-14 05:45 - 00024080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-22 17:41 - 2009-07-14 05:45 - 00024080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-22 17:29 - 2015-04-18 12:48 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-22 17:28 - 2015-07-07 21:10 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-22 17:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-22 17:27 - 2014-02-27 22:55 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-21 23:57 - 2014-03-01 16:50 - 00000000 ____D C:\The KMPlayer
2015-12-21 17:05 - 2015-08-26 21:27 - 00001139 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-21 17:05 - 2015-08-26 21:27 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-21 17:05 - 2014-07-12 08:51 - 00000000 ____D C:\AdwCleaner
2015-12-21 16:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-21 16:50 - 2015-10-24 20:27 - 00001064 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-12-21 16:50 - 2015-07-07 21:10 - 00000961 _____ C:\Users\Public\Desktop\Steam.lnk
2015-12-21 16:50 - 2015-05-22 16:15 - 00001362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-12-21 16:50 - 2015-05-22 16:15 - 00001293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-12-21 16:50 - 2015-05-22 16:14 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-12-21 16:50 - 2015-05-22 16:14 - 00001446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-12-21 16:50 - 2015-05-20 16:10 - 00001187 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-12-21 16:50 - 2015-04-20 19:55 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-12-21 16:50 - 2015-04-20 19:55 - 00002013 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-12-21 16:50 - 2015-04-19 16:17 - 00001179 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-12-21 16:50 - 2015-04-19 16:15 - 00001142 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-12-21 16:50 - 2015-04-18 12:49 - 00002177 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-21 16:50 - 2015-03-05 14:43 - 00001462 _____ C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-12-21 16:50 - 2015-01-19 15:15 - 00001017 _____ C:\Users\Public\Desktop\WebcamMax.lnk
2015-12-21 16:50 - 2015-01-17 20:03 - 00002725 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-21 16:50 - 2014-08-23 15:33 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Download Manager.lnk
2015-12-21 16:50 - 2014-04-27 14:48 - 00000860 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-21 16:50 - 2014-04-16 19:13 - 00001160 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-12-21 16:50 - 2014-02-28 09:13 - 00002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-12-21 16:50 - 2014-02-27 22:33 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-12-21 16:50 - 2014-02-27 22:33 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-12-21 16:50 - 2009-07-14 05:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-21 16:50 - 2009-07-14 05:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-12-21 16:50 - 2009-07-14 05:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-12-21 16:50 - 2009-07-14 05:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-12-21 16:49 - 2015-08-26 21:12 - 00002250 _____ C:\Users\Barbora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
2015-12-21 16:49 - 2014-02-27 22:37 - 00001397 _____ C:\Users\Barbora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-21 16:49 - 2009-07-14 06:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-12-21 16:49 - 2009-07-14 05:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-12-21 16:48 - 2015-02-09 19:06 - 00001066 _____ C:\Users\Barbora\Desktop\PhotoFiltre 7.lnk
2015-12-21 16:48 - 2014-06-06 14:23 - 00002176 _____ C:\Users\Barbora\Desktop\Subtitle Workshop.lnk
2015-12-21 16:48 - 2014-03-01 17:01 - 00013466 _____ C:\Users\Barbora\Desktop\KMPlayer.lnk
2015-12-21 16:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system
2015-12-21 16:43 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-21 15:41 - 2014-02-28 08:45 - 00000000 ____D C:\Program Files (x86)\IObit
2015-12-20 15:18 - 2014-02-28 14:38 - 85639168 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-12-20 15:18 - 2014-02-28 14:38 - 59109376 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2015-12-20 15:18 - 2014-02-28 14:38 - 00311296 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-12-20 15:18 - 2014-02-28 14:38 - 00065536 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2015-12-20 15:18 - 2014-02-28 14:38 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-12-20 01:27 - 2015-08-26 21:10 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-19 22:36 - 2015-10-24 20:27 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\vlc
2015-12-19 22:32 - 2014-04-06 13:07 - 00000000 ____D C:\Users\Barbora\AppData\LocalLow\KMPlayer
2015-12-19 15:30 - 2014-04-16 19:15 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\TS3Client
2015-12-18 14:54 - 2015-03-29 18:09 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 14:54 - 2015-03-29 18:09 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-18 14:17 - 2015-01-19 15:16 - 00000000 ____D C:\ProgramData\WebcamMax
2015-12-18 01:45 - 2014-02-28 12:13 - 01563626 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-18 01:45 - 2009-07-14 16:18 - 00670154 _____ C:\Windows\system32\perfh005.dat
2015-12-18 01:45 - 2009-07-14 16:18 - 00142280 _____ C:\Windows\system32\perfc005.dat
2015-12-18 01:45 - 2009-07-14 06:13 - 01563626 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-17 11:57 - 2015-04-19 16:17 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-12-17 11:03 - 2015-09-09 15:15 - 00000000 ____D C:\Users\Barbora\Documents\škola
2015-12-16 14:18 - 2014-02-28 08:45 - 00000000 ____D C:\ProgramData\ProductData
2015-12-12 12:25 - 2009-07-14 05:45 - 00423848 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-11 16:39 - 2014-02-28 00:15 - 00110944 _____ C:\Users\Barbora\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-11 16:35 - 2014-02-28 14:28 - 00000000 ____D C:\Users\Barbora\AppData\Local\Downloaded Installations
2015-12-10 00:42 - 2014-02-28 14:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 00:40 - 2014-02-28 09:13 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 00:32 - 2014-02-28 09:13 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 22:34 - 2014-02-28 14:06 - 00000000 ____D C:\Users\Barbora\AppData\Local\NVIDIA Corporation
2015-12-09 22:34 - 2014-02-28 14:05 - 00000000 ____D C:\Users\Barbora\AppData\Local\NVIDIA
2015-12-09 22:34 - 2014-02-28 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-09 22:34 - 2014-02-28 14:02 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-09 22:34 - 2014-02-27 22:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-09 22:34 - 2014-02-27 22:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-09 04:39 - 2014-02-27 23:23 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-08 23:36 - 2015-08-26 21:10 - 00003960 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-12-08 23:36 - 2015-01-24 22:53 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-08 23:36 - 2015-01-24 22:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 23:36 - 2015-01-24 22:53 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-05 15:25 - 2015-08-16 22:11 - 00000000 ____D C:\Users\Barbora\AppData\Local\2K Games
2015-12-05 15:23 - 2014-02-28 00:16 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 15:23 - 2014-02-28 00:16 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-29 15:49 - 2015-05-20 15:55 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
==================== Files in the root of some directories =======
2014-06-19 14:20 - 2014-06-19 14:20 - 0000024 _____ () C:\Users\Barbora\AppData\Roaming\temp.ini
2015-04-16 17:44 - 2015-04-16 17:56 - 0029696 _____ () C:\Users\Barbora\AppData\Local\MSGBOX.EXE
2014-02-28 00:30 - 2014-02-28 00:30 - 0007603 _____ () C:\Users\Barbora\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Barbora\AppData\Local\Temp\EAD65C4.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-27 15:14
==================== End of FRST.txt ============================
Ran by Barbora (administrator) on BARBORA-PC (22-12-2015 18:37:39)
Running from C:\Users\Barbora\Downloads
Loaded Profiles: Barbora (Available Profiles: Barbora)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4645\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.6526\Battle.net.exe
(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Wow-64.exe
(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Utils\WowBrowserProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Barbora\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-21] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [WebcamMaxAutoRun] => C:\Program Files (x86)\WebcamMax\wcmmon.exe [1038848 2011-07-17] ()
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\RunOnce: [Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\MountPoints2: {2bd92cdf-deb1-11e4-8475-e89a8fe626b5} - E:\setup.exe
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-28] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-21] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 83.240.0.214 83.240.0.135
Tcpip\..\Interfaces\{2876AA5D-3766-4368-B7DC-B0EA809031AF}: [DhcpNameServer] 83.240.0.214 83.240.0.135
Internet Explorer:
==================
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {173B5720-37CE-44D1-B167-82EACAC2B1DB} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {5923B789-ED3D-453A-8BDD-0BFCF3C78994} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {644F9B93-B3CB-4666-8160-0CE76122107F} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {6FECD36B-C52C-4C1A-A0B3-28E24F579159} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {992C831A-039A-415F-AB53-EA70E662CEEE} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {9BA26038-CDEE-4737-B4CE-D5FEFB0D3AB4} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {AA8AA949-BE20-4B02-B3B4-E4312612BE75} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {EBFB1295-25FB-449C-8EBB-263B1934265B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1590730192-4142042076-3908716229-1000 -> {FAC08C38-22F0-4969-9A4C-CF5CEC561FA9} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-21] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-21] (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default
FF DefaultSearchEngine: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search?trackid=sp-006
FF DefaultSearchUrl: hxxps://www.google.com/search?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF NewTab: about:newtab
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-08] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-02-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default\searchplugins\firmycz.xml [2015-12-10]
FF SearchPlugin: C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default\searchplugins\google-avast.xml [2015-12-21]
FF SearchPlugin: C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default\searchplugins\zbocz.xml [2015-12-10]
FF Extension: Adblock Plus - C:\Users\Barbora\AppData\Roaming\Mozilla\Firefox\Profiles\2u755qei.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-21]
Chrome:
=======
CHR Profile: C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (AdBlock) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-04]
CHR Extension: (Avast Online Security) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\Barbora\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-21]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-21] (AVAST Software)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-18] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [992256 2011-01-18] (Intel(R) Corporation) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-21] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-09] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-21] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2013-07-18] (Qualcomm Atheros Co., Ltd.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2014-02-28] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2014-02-08] (NVIDIA Corporation)
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [465624 2014-01-03] (Realsil Semiconductor Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2014-02-28] () [File not signed]
S1 MpKsl811a367f; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F6B4043C-9906-4ACB-BCB1-DAD03C05D5C3}\MpKsl811a367f.sys [X]
S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-22 18:37 - 2015-12-22 18:40 - 00018743 _____ C:\Users\Barbora\Downloads\FRST.txt
2015-12-22 18:35 - 2015-12-22 18:35 - 00000183 _____ C:\Users\Barbora\Downloads\Fixlog.txt
2015-12-22 18:34 - 2015-12-22 18:35 - 02370560 _____ (Farbar) C:\Users\Barbora\Downloads\FRST64.exe
2015-12-22 18:34 - 2015-12-22 18:35 - 02370560 _____ (Farbar) C:\Users\Barbora\Downloads\FRST64 (1).exe
2015-12-21 23:57 - 2015-12-21 23:57 - 00043427 _____ C:\Users\Barbora\Downloads\Pretty-Little-Liars-S02E03(0000177856).srt
2015-12-21 18:35 - 2015-12-21 18:35 - 00024557 _____ C:\Users\Barbora\Downloads\The.Walking.Dead.S06E08.HDTV.x264-KILLERS.srt
2015-12-21 17:14 - 2015-12-21 17:14 - 01222144 _____ C:\Users\Barbora\Downloads\RSITx64 (1).exe
2015-12-21 16:55 - 2015-12-21 16:55 - 01743360 _____ C:\Users\Barbora\Downloads\adwcleaner_5.026.exe
2015-12-21 16:43 - 2015-12-21 16:49 - 00000080 _____ C:\Users\Barbora\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk
2015-12-21 16:09 - 2015-12-21 16:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-21 16:08 - 2015-12-21 16:50 - 00001100 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-21 16:08 - 2015-12-21 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-21 16:08 - 2015-12-21 16:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-21 16:08 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-21 16:08 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-21 16:08 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-21 16:07 - 2015-12-21 16:08 - 22908888 _____ (Malwarebytes ) C:\Users\Barbora\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-21 15:31 - 2015-12-21 15:22 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-21 15:25 - 2015-12-21 15:25 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\AVAST Software
2015-12-21 15:23 - 2015-12-22 17:32 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-21 15:23 - 2015-12-21 16:50 - 00001960 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-12-21 15:23 - 2015-12-21 15:23 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-21 15:23 - 2015-12-21 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-21 15:23 - 2015-12-21 15:23 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-21 15:22 - 2015-12-21 15:23 - 00451040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-12-21 15:22 - 2015-12-21 15:23 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-12-21 15:22 - 2015-12-21 15:22 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-21 15:22 - 2015-12-21 15:22 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-21 15:22 - 2015-12-21 15:22 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-21 15:22 - 2015-12-21 15:22 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-21 15:22 - 2015-12-21 15:22 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-21 15:22 - 2015-12-21 15:22 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-21 15:22 - 2015-12-21 15:21 - 01055560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-21 15:19 - 2015-12-21 15:19 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-21 15:18 - 2015-12-21 15:18 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-21 15:17 - 2015-12-21 15:18 - 05066104 _____ (AVAST Software) C:\Users\Barbora\Downloads\avast_free_antivirus_setup_online.exe
2015-12-21 14:06 - 2015-12-21 17:14 - 00000000 ____D C:\Program Files\trend micro
2015-12-21 14:06 - 2015-12-21 14:06 - 01222144 _____ C:\Users\Barbora\Downloads\RSITx64.exe
2015-12-21 14:06 - 2015-12-21 14:06 - 00000000 ____D C:\rsit
2015-12-20 15:18 - 2015-12-20 15:18 - 00000000 _____ C:\asc_rdflag
2015-12-19 17:46 - 2015-12-19 17:47 - 00521162 _____ C:\Users\Barbora\Downloads\QuestCompletist_v105.zip
2015-12-19 16:22 - 2015-12-19 16:22 - 00206034 _____ C:\Users\Barbora\Downloads\QuestGuru2.3.12.zip
2015-12-19 16:14 - 2015-12-19 16:14 - 00391680 _____ C:\Users\Barbora\Downloads\Recount-v6.2.3e_release.zip
2015-12-19 16:12 - 2015-12-19 16:12 - 02575269 _____ C:\Users\Barbora\Downloads\DBM-Core-6.2.17.zip
2015-12-18 14:22 - 2015-12-18 14:22 - 00000000 ____D C:\Users\Barbora\AppData\Local\SkinSoft
2015-12-18 14:19 - 2015-12-18 14:19 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\freepicturesolutions
2015-12-18 14:18 - 2015-12-18 14:19 - 04122280 _____ (freepicturesolutions) C:\Users\Barbora\Downloads\webcamrecorder_setup.exe
2015-12-17 23:39 - 2015-12-17 23:39 - 00027216 _____ C:\Users\Barbora\Downloads\The.Walking.Dead.S06E07.HDTV.x264-FLEET.srt
2015-12-17 22:47 - 2015-12-17 22:47 - 00045889 _____ C:\Users\Barbora\Downloads\Pretty-Little-Liars-S02E02(0000177577).srt
2015-12-14 14:19 - 2015-12-14 14:19 - 00072002 _____ C:\Users\Barbora\Downloads\vypis_z_prihlasky.pdf
2015-12-13 01:58 - 2015-12-13 01:58 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-12-11 16:40 - 2015-12-11 17:16 - 00000000 ____D C:\Users\Barbora\Documents\Pinnacle Studio
2015-12-11 16:39 - 2015-12-11 16:40 - 00000000 ____D C:\Users\Barbora\AppData\Local\Pinnacle
2015-12-11 16:35 - 2015-12-11 16:35 - 00000000 ____D C:\ProgramData\Pinnacle Studio Ultimate
2015-12-11 16:30 - 2015-12-21 16:50 - 00001188 _____ C:\Users\Public\Desktop\Pinnacle Studio 15.lnk
2015-12-11 16:30 - 2015-12-11 16:40 - 00000000 ____D C:\Users\Public\Documents\My Projects
2015-12-11 16:30 - 2015-12-11 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 15
2015-12-11 16:26 - 2015-12-11 16:34 - 00000000 ____D C:\Users\Public\Documents\Pinnacle
2015-12-11 16:26 - 2015-12-11 16:26 - 00000000 ____D C:\ProgramData\Studio 15
2015-12-11 16:26 - 2015-12-11 16:26 - 00000000 ____D C:\ProgramData\Pinnacle Studio Plus
2015-12-11 16:26 - 2015-12-11 16:26 - 00000000 ____D C:\Program Files (x86)\Pinnacle
2015-12-11 16:22 - 2015-12-11 16:40 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2015-12-11 16:22 - 2015-12-11 16:33 - 00000000 ____D C:\ProgramData\Pinnacle
2015-12-11 15:36 - 2015-12-11 16:06 - 2426618123 _____ C:\Users\Barbora\Downloads\pinnacle-studio-15_15.exe
2015-12-11 14:56 - 2015-12-21 16:50 - 00000566 _____ C:\Users\Public\Desktop\Fraps.lnk
2015-12-11 14:56 - 2015-12-11 14:58 - 00000000 ____D C:\Fraps
2015-12-11 14:56 - 2015-12-11 14:56 - 02629213 _____ C:\Users\Barbora\Downloads\Fraps-Crack-3.5.99-by-Agent005TV (1).rar
2015-12-11 14:56 - 2015-12-11 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2015-12-10 15:10 - 2015-12-10 15:10 - 00000000 ____D C:\Users\Barbora\AppData\Local\Daedalic Entertainment
2015-12-10 14:52 - 2015-12-10 14:53 - 02629213 _____ C:\Users\Barbora\Downloads\Fraps-Crack-3.5.99-by-Agent005TV.rar
2015-12-10 14:42 - 2015-12-10 14:42 - 04650735 _____ C:\Users\Barbora\Downloads\Fraps-+crack.rar
2015-12-10 14:07 - 2015-12-10 14:07 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-12-10 14:06 - 2015-12-22 17:34 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\Seznam.cz
2015-12-10 14:02 - 2015-12-10 14:05 - 09694208 _____ C:\Users\Barbora\Downloads\fraps.exe
2015-12-10 13:24 - 2015-12-10 13:24 - 00000222 _____ C:\Users\Barbora\Desktop\The Night of the Rabbit.url
2015-12-09 14:19 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 14:19 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 14:19 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 14:19 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 14:19 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 14:19 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 14:19 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 14:19 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 14:19 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 14:19 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 14:18 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 14:18 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 14:18 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 14:18 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 14:18 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 14:18 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 14:18 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 14:18 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 14:18 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 14:18 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 14:18 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 14:18 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 14:18 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 14:18 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 14:18 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 14:18 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 14:18 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 14:18 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 14:18 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 14:18 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 14:18 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 14:18 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 14:18 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 14:18 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 14:18 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 14:18 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 14:18 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 14:18 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 14:18 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 14:18 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 14:18 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 14:18 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 14:18 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 14:18 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 14:18 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 14:18 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 14:18 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 14:18 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 14:18 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 14:18 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 14:18 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 14:18 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 14:18 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 14:18 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 14:18 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 14:18 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 14:18 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 14:18 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 14:18 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 14:18 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 14:18 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 14:18 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 14:18 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 14:18 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 14:18 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 14:18 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 14:18 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 14:18 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 14:18 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 14:18 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 14:18 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 14:18 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 14:18 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 14:18 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 14:18 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 14:18 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 14:18 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 14:18 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 14:18 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 14:18 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 14:18 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 14:16 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 14:16 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-07 22:20 - 2015-12-07 22:45 - 733248548 ____R C:\Users\Barbora\Downloads\Emma.1996.DVDrip.XviD.Mp3.Ita-M4V3.avi
2015-12-02 17:01 - 2015-12-02 17:01 - 00152053 _____ C:\Users\Barbora\Downloads\jaro 2013 klíč.pdf
2015-12-02 16:51 - 2015-12-02 16:51 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-02 16:51 - 2015-12-02 16:51 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-02 16:51 - 2015-12-02 16:51 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-02 16:51 - 2015-12-02 16:51 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-02 16:51 - 2015-12-02 16:51 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-29 15:54 - 2015-12-21 16:50 - 00001234 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2015-11-29 15:54 - 2015-11-29 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-11-29 15:43 - 2015-12-22 17:55 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-11-29 15:43 - 2015-11-29 15:43 - 00000000 ____D C:\Data
2015-11-29 14:20 - 2015-11-29 14:41 - 367097960 _____ C:\Users\Barbora\Downloads\Amazing.Race.S12E09.DVBS.XviD.CZ-LBD.rar
2015-11-27 22:41 - 2015-11-27 22:41 - 00133251 _____ C:\Users\Barbora\Downloads\21-Jump-Street(0000202420).srt
2015-11-27 21:17 - 2015-11-27 21:17 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-11-27 21:17 - 2015-11-27 21:17 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-27 21:17 - 2015-11-27 21:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-11-27 21:17 - 2015-11-27 21:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-11-27 21:17 - 2015-11-27 21:17 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-27 21:17 - 2015-11-27 21:17 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-27 21:17 - 2015-11-27 21:17 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-27 21:17 - 2015-11-27 21:17 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-27 21:17 - 2015-11-27 21:17 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-27 21:17 - 2015-11-27 21:17 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-27 20:13 - 2015-11-27 20:13 - 00000000 ____D C:\Users\Barbora\Downloads\The.Green.Inferno.2015.HDRip.XViD-ETRG
2015-11-24 16:59 - 2015-11-24 16:59 - 00000000 ____D C:\Users\Barbora\Downloads\American.Horror.Story.S05E05.HDTV.x264-FLEET[rarbg]
2015-11-22 23:32 - 2015-11-22 23:32 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-11-22 22:20 - 2015-11-22 22:20 - 00314049 _____ C:\Users\Barbora\Downloads\game-of-thrones-subtitles-cz-1.zip
2015-11-22 17:01 - 2015-12-22 00:49 - 00000000 ____D C:\Users\Barbora\Downloads\Pretty.Little.Liars.Season.2.480p.HDTV.H264
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-22 18:37 - 2015-04-16 18:10 - 00000000 ____D C:\FRST
2015-12-22 18:36 - 2015-01-24 22:53 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-22 18:34 - 2015-04-19 16:15 - 00000000 ____D C:\Users\Barbora\AppData\Local\Battle.net
2015-12-22 18:28 - 2015-04-18 12:48 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-22 17:54 - 2014-02-27 22:36 - 00000000 ____D C:\Users\Barbora
2015-12-22 17:53 - 2015-04-19 16:15 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-22 17:50 - 2015-08-29 20:03 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\uTorrent
2015-12-22 17:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-22 17:41 - 2009-07-14 05:45 - 00024080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-22 17:41 - 2009-07-14 05:45 - 00024080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-22 17:29 - 2015-04-18 12:48 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-22 17:28 - 2015-07-07 21:10 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-22 17:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-22 17:27 - 2014-02-27 22:55 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-21 23:57 - 2014-03-01 16:50 - 00000000 ____D C:\The KMPlayer
2015-12-21 17:05 - 2015-08-26 21:27 - 00001139 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-21 17:05 - 2015-08-26 21:27 - 00001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-21 17:05 - 2014-07-12 08:51 - 00000000 ____D C:\AdwCleaner
2015-12-21 16:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-21 16:50 - 2015-10-24 20:27 - 00001064 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-12-21 16:50 - 2015-07-07 21:10 - 00000961 _____ C:\Users\Public\Desktop\Steam.lnk
2015-12-21 16:50 - 2015-05-22 16:15 - 00001362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-12-21 16:50 - 2015-05-22 16:15 - 00001293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-12-21 16:50 - 2015-05-22 16:14 - 00002474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2015-12-21 16:50 - 2015-05-22 16:14 - 00001446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2015-12-21 16:50 - 2015-05-20 16:10 - 00001187 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-12-21 16:50 - 2015-04-20 19:55 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-12-21 16:50 - 2015-04-20 19:55 - 00002013 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-12-21 16:50 - 2015-04-19 16:17 - 00001179 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-12-21 16:50 - 2015-04-19 16:15 - 00001142 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-12-21 16:50 - 2015-04-18 12:49 - 00002177 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-21 16:50 - 2015-03-05 14:43 - 00001462 _____ C:\Users\Public\Desktop\LibreOffice 4.4.lnk
2015-12-21 16:50 - 2015-01-19 15:15 - 00001017 _____ C:\Users\Public\Desktop\WebcamMax.lnk
2015-12-21 16:50 - 2015-01-17 20:03 - 00002725 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-21 16:50 - 2014-08-23 15:33 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Download Manager.lnk
2015-12-21 16:50 - 2014-04-27 14:48 - 00000860 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-21 16:50 - 2014-04-16 19:13 - 00001160 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-12-21 16:50 - 2014-02-28 09:13 - 00002105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-12-21 16:50 - 2014-02-27 22:33 - 00001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-12-21 16:50 - 2014-02-27 22:33 - 00001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-12-21 16:50 - 2009-07-14 05:57 - 00001511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-21 16:50 - 2009-07-14 05:57 - 00001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2015-12-21 16:50 - 2009-07-14 05:57 - 00001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2015-12-21 16:50 - 2009-07-14 05:54 - 00001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2015-12-21 16:49 - 2015-08-26 21:12 - 00002250 _____ C:\Users\Barbora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
2015-12-21 16:49 - 2014-02-27 22:37 - 00001397 _____ C:\Users\Barbora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-21 16:49 - 2009-07-14 06:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2015-12-21 16:49 - 2009-07-14 05:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2015-12-21 16:48 - 2015-02-09 19:06 - 00001066 _____ C:\Users\Barbora\Desktop\PhotoFiltre 7.lnk
2015-12-21 16:48 - 2014-06-06 14:23 - 00002176 _____ C:\Users\Barbora\Desktop\Subtitle Workshop.lnk
2015-12-21 16:48 - 2014-03-01 17:01 - 00013466 _____ C:\Users\Barbora\Desktop\KMPlayer.lnk
2015-12-21 16:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system
2015-12-21 16:43 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-21 15:41 - 2014-02-28 08:45 - 00000000 ____D C:\Program Files (x86)\IObit
2015-12-20 15:18 - 2014-02-28 14:38 - 85639168 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-12-20 15:18 - 2014-02-28 14:38 - 59109376 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2015-12-20 15:18 - 2014-02-28 14:38 - 00311296 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-12-20 15:18 - 2014-02-28 14:38 - 00065536 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2015-12-20 15:18 - 2014-02-28 14:38 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-12-20 01:27 - 2015-08-26 21:10 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-19 22:36 - 2015-10-24 20:27 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\vlc
2015-12-19 22:32 - 2014-04-06 13:07 - 00000000 ____D C:\Users\Barbora\AppData\LocalLow\KMPlayer
2015-12-19 15:30 - 2014-04-16 19:15 - 00000000 ____D C:\Users\Barbora\AppData\Roaming\TS3Client
2015-12-18 14:54 - 2015-03-29 18:09 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 14:54 - 2015-03-29 18:09 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-18 14:17 - 2015-01-19 15:16 - 00000000 ____D C:\ProgramData\WebcamMax
2015-12-18 01:45 - 2014-02-28 12:13 - 01563626 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-12-18 01:45 - 2009-07-14 16:18 - 00670154 _____ C:\Windows\system32\perfh005.dat
2015-12-18 01:45 - 2009-07-14 16:18 - 00142280 _____ C:\Windows\system32\perfc005.dat
2015-12-18 01:45 - 2009-07-14 06:13 - 01563626 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-17 11:57 - 2015-04-19 16:17 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-12-17 11:03 - 2015-09-09 15:15 - 00000000 ____D C:\Users\Barbora\Documents\škola
2015-12-16 14:18 - 2014-02-28 08:45 - 00000000 ____D C:\ProgramData\ProductData
2015-12-12 12:25 - 2009-07-14 05:45 - 00423848 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-11 16:39 - 2014-02-28 00:15 - 00110944 _____ C:\Users\Barbora\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-11 16:35 - 2014-02-28 14:28 - 00000000 ____D C:\Users\Barbora\AppData\Local\Downloaded Installations
2015-12-10 00:42 - 2014-02-28 14:56 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 00:40 - 2014-02-28 09:13 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 00:32 - 2014-02-28 09:13 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 22:34 - 2014-02-28 14:06 - 00000000 ____D C:\Users\Barbora\AppData\Local\NVIDIA Corporation
2015-12-09 22:34 - 2014-02-28 14:05 - 00000000 ____D C:\Users\Barbora\AppData\Local\NVIDIA
2015-12-09 22:34 - 2014-02-28 14:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-09 22:34 - 2014-02-28 14:02 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-09 22:34 - 2014-02-27 22:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-09 22:34 - 2014-02-27 22:46 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-09 04:39 - 2014-02-27 23:23 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-08 23:36 - 2015-08-26 21:10 - 00003960 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-12-08 23:36 - 2015-01-24 22:53 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-08 23:36 - 2015-01-24 22:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 23:36 - 2015-01-24 22:53 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-05 15:25 - 2015-08-16 22:11 - 00000000 ____D C:\Users\Barbora\AppData\Local\2K Games
2015-12-05 15:23 - 2014-02-28 00:16 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 15:23 - 2014-02-28 00:16 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-29 15:49 - 2015-05-20 15:55 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
==================== Files in the root of some directories =======
2014-06-19 14:20 - 2014-06-19 14:20 - 0000024 _____ () C:\Users\Barbora\AppData\Roaming\temp.ini
2015-04-16 17:44 - 2015-04-16 17:56 - 0029696 _____ () C:\Users\Barbora\AppData\Local\MSGBOX.EXE
2014-02-28 00:30 - 2014-02-28 00:30 - 0007603 _____ () C:\Users\Barbora\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Barbora\AppData\Local\Temp\EAD65C4.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-10-27 15:14
==================== End of FRST.txt ============================
Re: Problém s prohlížeči
pokial tam mas Avast - tak toto Microsoft Security Client odinstaluj - inac OK
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Problém s prohlížeči
Díky, problém ale pořád přetrvává. Sice mi to nedělá už tak často, ale sem tam mi to začne dělat. 
Re: Problém s prohlížeči
Zdravim, zaskocim za kolegu, ktery je na dovolene s rodinou.
Pokud nepouzivate, odinstalujte Seznam Software.
Microsoft Security Client jste odinstalovala?
Pokud nepouzivate, odinstalujte Seznam Software.
Microsoft Security Client jste odinstalovala?
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte do C:\Users\Barbora\Downloads jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude v C:\Users\Barbora\Downloads ulozen fixlog, jehoz obsah vlozte do pristi odpovedi
Kód: Vybrat vše
Start CreateRestorePoint: CloseProcesses: HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] () HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd) HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] () HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] () HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\RunOnce: [Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64" HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\MountPoints2: {2bd92cdf-deb1-11e4-8475-e89a8fe626b5} - E:\setup.exe FF Homepage: hxxps://www.google.com/?trackid=sp-006 FF Keyword.URL: hxxps://www.google.com/search?trackid=sp-006 FF DefaultSearchUrl: hxxps://www.google.com/search?trackid=sp-006 S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] 2015-12-21 17:14 - 2015-12-21 17:14 - 01222144 _____ C:\Users\Barbora\Downloads\RSITx64 (1).exe 2015-12-21 16:55 - 2015-12-21 16:55 - 01743360 _____ C:\Users\Barbora\Downloads\adwcleaner_5.026.exe 2015-12-21 14:06 - 2015-12-21 17:14 - 00000000 ____D C:\Program Files\trend micro 2015-12-21 14:06 - 2015-12-21 14:06 - 01222144 _____ C:\Users\Barbora\Downloads\RSITx64.exe 2015-12-21 14:06 - 2015-12-21 14:06 - 00000000 ____D C:\rsit EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Problém s prohlížeči
Jen mám dvě nejasnosti - Microsoft Security Client je to samé, co Microsoft Security Essentials? A Seznam Software vůbec nevím, co je. 
Fix result of Farbar Recovery Scan Tool (x64) Version:20-12-2015
Ran by Barbora (2015-12-27 13:27:22) Run:2
Running from C:\Users\Barbora\Downloads
Loaded Profiles: Barbora (Available Profiles: Barbora)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\RunOnce: [Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\MountPoints2: {2bd92cdf-deb1-11e4-8475-e89a8fe626b5} - E:\setup.exe
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search?trackid=sp-006
FF DefaultSearchUrl: hxxps://www.google.com/search?trackid=sp-006
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-12-21 17:14 - 2015-12-21 17:14 - 01222144 _____ C:\Users\Barbora\Downloads\RSITx64 (1).exe
2015-12-21 16:55 - 2015-12-21 16:55 - 01743360 _____ C:\Users\Barbora\Downloads\adwcleaner_5.026.exe
2015-12-21 14:06 - 2015-12-21 17:14 - 00000000 ____D C:\Program Files\trend micro
2015-12-21 14:06 - 2015-12-21 14:06 - 01222144 _____ C:\Users\Barbora\Downloads\RSITx64.exe
2015-12-21 14:06 - 2015-12-21 14:06 - 00000000 ____D C:\rsit
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64 => value removed successfully
"HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bd92cdf-deb1-11e4-8475-e89a8fe626b5}" => key removed successfully
HKCR\CLSID\{2bd92cdf-deb1-11e4-8475-e89a8fe626b5} => key not found.
Firefox "homepage" removed successfully
Firefox "Keyword.URL" removed successfully
Firefox DefaultSearchUrl removed successfully
nvvad_WaveExtensible => service removed successfully
Synth3dVsc => service removed successfully
tsusbhub => service removed successfully
VGPU => service removed successfully
C:\Users\Barbora\Downloads\RSITx64 (1).exe => moved successfully
C:\Users\Barbora\Downloads\adwcleaner_5.026.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Barbora\Downloads\RSITx64.exe => moved successfully
C:\rsit => moved successfully
EmptyTemp: => 173.9 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 13:29:27 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:20-12-2015
Ran by Barbora (2015-12-27 13:27:22) Run:2
Running from C:\Users\Barbora\Downloads
Loaded Profiles: Barbora (Available Profiles: Barbora)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Barbora\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Barbora\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Barbora\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\RunOnce: [Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64"
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\...\MountPoints2: {2bd92cdf-deb1-11e4-8475-e89a8fe626b5} - E:\setup.exe
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search?trackid=sp-006
FF DefaultSearchUrl: hxxps://www.google.com/search?trackid=sp-006
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2015-12-21 17:14 - 2015-12-21 17:14 - 01222144 _____ C:\Users\Barbora\Downloads\RSITx64 (1).exe
2015-12-21 16:55 - 2015-12-21 16:55 - 01743360 _____ C:\Users\Barbora\Downloads\adwcleaner_5.026.exe
2015-12-21 14:06 - 2015-12-21 17:14 - 00000000 ____D C:\Program Files\trend micro
2015-12-21 14:06 - 2015-12-21 14:06 - 01222144 _____ C:\Users\Barbora\Downloads\RSITx64.exe
2015-12-21 14:06 - 2015-12-21 14:06 - 00000000 ____D C:\rsit
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce => value removed successfully
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value removed successfully
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate => value removed successfully
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop => value removed successfully
HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall C:\Users\Barbora\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64 => value removed successfully
"HKU\S-1-5-21-1590730192-4142042076-3908716229-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bd92cdf-deb1-11e4-8475-e89a8fe626b5}" => key removed successfully
HKCR\CLSID\{2bd92cdf-deb1-11e4-8475-e89a8fe626b5} => key not found.
Firefox "homepage" removed successfully
Firefox "Keyword.URL" removed successfully
Firefox DefaultSearchUrl removed successfully
nvvad_WaveExtensible => service removed successfully
Synth3dVsc => service removed successfully
tsusbhub => service removed successfully
VGPU => service removed successfully
C:\Users\Barbora\Downloads\RSITx64 (1).exe => moved successfully
C:\Users\Barbora\Downloads\adwcleaner_5.026.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\Barbora\Downloads\RSITx64.exe => moved successfully
C:\rsit => moved successfully
EmptyTemp: => 173.9 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 13:29:27 ====
Re: Problém s prohlížeči
Ano.Velisa píše:Microsoft Security Client je to samé, co Microsoft Security Essentials?
Seznam Software - napr. doplnek do internetovych prohlizecu Seznam Listicka apod.
Dejte prosim logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?