Dobrý den.
PC má vytizene jedno jadro procesem svchost, kteremu zaroven narusta mnozstvi operacni pameti. Dokazala ta potvora zaroven vypnout moznost spusteni systemu do nouzoveho rezimu, coz jsem se nejprve pokousel opravit pomoci opravy Win, kde to vubec "nedokaze najit" aktivni Win. Celkem ocekavane se nevyhledaji aktualizace a pri pokusu o obnoveni Win do nejakeho starsiho bodu se operace nezdari.
Prosim o kontrolu a pomoc, prikladam log.
Diky moc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by Tatínek (administrator) on PRACOVNA (23-10-2016 16:34:42)
Running from C:\Users\Tatínek\Desktop
Loaded Profiles: Tatínek & Maminka & WindowsXP & Kamilka & Barborka & Administrator (Available Profiles: Tatínek & Maminka & WindowsXP & Kamilka & Barborka & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Petr Laštovička) C:\Program Files (x86)\HotkeyP\HotkeyP.exe
(Akamai Technologies, Inc.) C:\Users\Tatínek\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Tatínek\AppData\Local\Akamai\netsession_win.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Autodesk Inc.) C:\Users\Tatínek\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(forum.viry.cz) C:\Users\Tatínek\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2012-11-06] ()
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [522784 2015-11-17] (Autodesk Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-10-01] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\Tatínek\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=659be0124b4e47d3a7eed10608858816-06ce4fc639803a2e3563922518183d8e94088cb9 /CMPID=1213b
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [HotkeyP] => C:\Program Files (x86)\HotkeyP\HotkeyP.exe [147456 2014-01-21] (Petr Laštovička)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Tatínek\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=659be0124b4e47d3a7eed10608858816-06ce4fc639803a2e3563922518183d8e94088cb9 /CMPID=0214c
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [Sony PC Companion] => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Tatínek\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [ABUNINSTALL] => C:\ProgramData\AB Studio\ABUnInstall.exe [234120 2009-06-26] (AB Studio C+E)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {0af55e12-478d-11e6-8fce-001a4d514a6d} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {5ca76f9d-b9ca-11e3-acac-004f4e6161e5} - I:\Launcher.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {aaf28296-d775-11e3-96e8-004f4e6161e5} - G:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {c535a0c0-1773-11e5-90cb-001a4d514a6d} - F:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {e347a9b1-a49d-11e3-96a5-004f4e6161e5} - F:\Startme.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\...\MountPoints2: {540fa430-5526-11e3-aa02-806e6f6e6963} - J:\start.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\...\MountPoints2: {aaf28296-d775-11e3-96e8-004f4e6161e5} - I:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\...\MountPoints2: {7c74e3ab-de15-11e4-8080-806e6f6e6963} - I:\Autorun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\...\MountPoints2: {aaf28296-d775-11e3-96e8-004f4e6161e5} - G:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\...\MountPoints2: {c535a0c0-1773-11e5-90cb-001a4d514a6d} - F:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1006\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2133369454-4041179682-2755245969-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2133369454-4041179682-2755245969-1006\...\MountPoints2: {7c74e3ab-de15-11e4-8080-806e6f6e6963} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\start.html
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
Startup: C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice 4.1.0.lnk [2015-02-09]
ShortcutTarget: OpenOffice 4.1.0.lnk -> C:\Program Files (x86)\OpenOffice 4\program\quickstart.exe ()
Startup: C:\Users\Maminka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice 4.1.0.lnk [2014-06-05]
ShortcutTarget: OpenOffice 4.1.0.lnk -> C:\Program Files (x86)\OpenOffice 4\program\quickstart.exe ()
Startup: C:\Users\WindowsXP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinXP.lnk [2014-04-01]
ShortcutTarget: WinXP.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
GroupPolicy\User: Restriction <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2133369454-4041179682-2755245969-1006\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1CADF27F-87BB-4D0F-BC7E-EE5E17262A93}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7B7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D%7D&mid=659be0124b4e47d3a7eed10608858816-8962c7a227a5ca8a7ee1e96e38f4bede43390103&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0415av&pr=fr&d=2015-05-06%2021:57:31&v=4.2.8.608&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7B7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D%7D&mid=659be0124b4e47d3a7eed10608858816-8962c7a227a5ca8a7ee1e96e38f4bede43390103&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2015-05-06%2021:57:31&v=4.1.4.948&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D}&mid=659be0124b4e47d3a7eed10608858816-8962c7a227a5ca8a7ee1e96e38f4bede43390103&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1215tb&pr=fr&d=2015-05-06 21:57:31&v=4.3.1.831&pid=wtu&sg=&sap=hp
SearchScopes: HKU\S-1-5-21-2133369454-4041179682-2755245969-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D}&mid=659be0124b4e47d3a7eed10608858816-8962c7a227a5ca8a7ee1e96e38f4bede43390103&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2015-05-06 21:57:31&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2133369454-4041179682-2755245969-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D}&mid=659be0124b4e47d3a7eed10608858816-8962c7a227a5ca8a7ee1e96e38f4bede43390103&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2015-05-06 21:57:31&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2133369454-4041179682-2755245969-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D}&mid=659be0124b4e47d3a7eed10608858816-8962c7a227a5ca8a7ee1e96e38f4bede43390103&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0715tb&pr=fr&d=2015-05-06 21:57:31&v=4.1.4.948&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2133369454-4041179682-2755245969-1005 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D}&mid=659be0124b4e47d3a7eed10608858816-8962c7a227a5ca8a7ee1e96e38f4bede43390103&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-05-06 21:57:31&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2133369454-4041179682-2755245969-1005 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D}&mid=659be0124b4e47d3a7eed10608858816-8962c7a227a5ca8a7ee1e96e38f4bede43390103&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0116tb&pr=fr&d=2015-05-06 21:57:31&v=4.3.5.160&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-11] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-10-01] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-11] (Oracle Corporation)
FireFox:
========
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-11-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-11-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2133369454-4041179682-2755245969-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tatínek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2133369454-4041179682-2755245969-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Maminka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-02-10] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> mysearch.avg.com/?rvt=1
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default [2016-10-21]
CHR Extension: (Dokumenty Google) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Disk Google) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (AVG Secure Search) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-07-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-29]
CHR HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AbSoftMgr4; C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe [521784 2013-08-27] (AB Studio)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1139744 2015-11-17] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-11] (Electronic Arts)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH)
S3 PS3 Media Server; C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [384280 2012-11-27] (Tanuki Software, Ltd.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
R2 vToolbarUpdater40.3.6; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.6\ToolbarUpdater.exe [1349704 2016-10-01] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-10-01] ()
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 DSDrv4; C:\Program Files (x86)\DScaler\DSDrv4.sys [8801 2005-12-18] () [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-15] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-25] (Oracle Corporation)
S3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [187904 2009-09-23] (Microsoft Corporation) [File not signed]
S3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [95232 2009-09-23] (Microsoft Corporation) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-23 16:34 - 2016-10-23 16:36 - 00026406 _____ C:\Users\Tatínek\Desktop\FRST.txt
2016-10-22 00:02 - 2016-10-22 00:09 - 00000000 ____D C:\FRST
2016-10-22 00:01 - 2016-10-21 23:55 - 00112640 _____ (forum.viry.cz) C:\Users\Tatínek\Desktop\FRSTLauncher.exe
2016-10-22 00:00 - 2016-10-22 00:04 - 00000000 ____D C:\Users\Tatínek\Desktop\Havet
2016-10-22 00:00 - 2016-10-21 23:53 - 02407424 _____ (Farbar) C:\Users\Tatínek\Desktop\FRST64.exe
2016-10-21 20:16 - 2016-10-21 20:16 - 00000000 ____D C:\Download
2016-10-21 20:13 - 2016-10-21 20:13 - 00000000 ____D C:\Users\Tatínek\Documents\My Videos
2016-10-21 20:13 - 2016-10-21 20:13 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\Samsung
2016-10-21 20:13 - 2016-10-21 20:13 - 00000000 ____D C:\AllShare
2016-10-08 21:38 - 2016-09-01 21:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-08 21:38 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-08 21:38 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-08 21:38 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-08 21:38 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-08 21:38 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-08 21:38 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-08 21:38 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-08 21:38 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-08 21:38 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-08 21:38 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-08 21:38 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-08 21:38 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-08 21:38 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-08 21:38 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-08 21:38 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-08 21:38 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-08 21:38 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-08 21:38 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-08 21:38 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-08 21:38 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-08 21:38 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-08 21:38 - 2016-09-01 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-08 21:38 - 2016-09-01 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-08 21:38 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-08 21:38 - 2016-09-01 02:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-08 21:38 - 2016-09-01 02:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-08 21:38 - 2016-09-01 02:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-08 21:38 - 2016-09-01 02:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-08 21:38 - 2016-09-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-08 21:38 - 2016-09-01 01:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-08 21:38 - 2016-09-01 01:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-08 21:38 - 2016-09-01 01:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-08 21:38 - 2016-09-01 01:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-08 21:38 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-08 21:38 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-08 21:37 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-08 21:37 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-08 21:37 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-08 21:37 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-08 21:37 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-08 21:37 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-08 21:37 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-08 21:37 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-08 21:37 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-08 21:37 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-08 21:37 - 2016-09-01 02:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-08 21:37 - 2016-09-01 02:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-08 21:37 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-08 21:37 - 2016-09-01 02:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-08 21:37 - 2016-09-01 02:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-08 21:37 - 2016-09-01 02:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-08 21:37 - 2016-09-01 02:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-08 21:37 - 2016-09-01 02:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-08 21:37 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-08 21:37 - 2016-09-01 02:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-08 21:37 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-08 21:37 - 2016-09-01 01:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-08 21:37 - 2016-09-01 01:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-08 21:37 - 2016-09-01 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-08 21:37 - 2016-09-01 01:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-08 21:37 - 2016-09-01 01:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-08 21:37 - 2016-09-01 01:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-08 21:37 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-08 21:37 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-08 21:37 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-08 21:36 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-10-08 21:36 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-10-08 21:36 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-10-08 21:32 - 2016-09-02 17:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-08 21:32 - 2016-09-02 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-08 21:32 - 2016-09-02 17:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-08 21:32 - 2016-09-02 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-08 21:32 - 2016-09-02 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-08 21:32 - 2016-09-02 17:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-08 21:32 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-08 21:32 - 2016-09-02 17:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-08 21:32 - 2016-09-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-08 21:32 - 2016-09-02 17:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-08 21:32 - 2016-09-02 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-08 21:32 - 2016-09-02 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-08 21:32 - 2016-09-02 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-08 21:32 - 2016-09-02 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-08 21:32 - 2016-09-02 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-08 21:32 - 2016-09-02 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-08 21:32 - 2016-09-02 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-08 21:32 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-08 21:32 - 2016-09-02 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-08 21:32 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-08 21:32 - 2016-09-02 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-08 21:32 - 2016-09-02 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-08 21:32 - 2016-09-02 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-08 21:32 - 2016-09-02 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-08 21:32 - 2016-09-02 16:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 16:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 16:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 16:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-08 21:32 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-10-08 21:32 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-10-08 21:32 - 2016-08-16 04:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-08 21:31 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-10-08 21:31 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-10-08 21:31 - 2016-08-05 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-10-08 21:31 - 2016-08-05 17:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-10-02 21:23 - 2016-10-02 21:23 - 00048135 _____ C:\Users\Tatínek\Desktop\redl.pdf
2016-09-29 19:39 - 2016-09-29 19:39 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-09-29 19:39 - 2016-09-29 19:39 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-23 16:32 - 2015-07-14 10:34 - 00000351 _____ C:\prefs.js
2016-10-23 16:31 - 2013-11-24 23:26 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-23 16:28 - 2014-10-10 20:29 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-23 16:28 - 2014-02-02 18:15 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-10-23 16:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-23 15:52 - 2009-07-14 06:45 - 00022576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-23 15:52 - 2009-07-14 06:45 - 00022576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-23 15:50 - 2016-06-04 19:48 - 00000000 ____D C:\ProgramData\Origin
2016-10-23 15:25 - 2013-11-24 20:13 - 00000000 ____D C:\ProgramData\MFAData
2016-10-22 00:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-10-22 00:04 - 2014-06-21 11:57 - 00000000 ____D C:\Program Files\KMSnano
2016-10-22 00:03 - 2009-07-14 17:18 - 04971964 _____ C:\Windows\system32\perfh005.dat
2016-10-22 00:03 - 2009-07-14 17:18 - 01595316 _____ C:\Windows\system32\perfc005.dat
2016-10-22 00:03 - 2009-07-14 07:13 - 00006460 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-21 23:58 - 2016-06-05 09:26 - 00000000 ____D C:\Users\Barborka
2016-10-21 23:58 - 2015-05-24 09:27 - 00000000 ____D C:\Users\Administrator
2016-10-21 23:58 - 2015-02-07 19:19 - 00000000 ____D C:\Users\Kamilka
2016-10-21 23:58 - 2014-04-01 19:27 - 00000000 ____D C:\Users\WindowsXP
2016-10-21 23:58 - 2014-03-17 22:10 - 00000000 ____D C:\Users\Maminka
2016-10-21 23:56 - 2015-05-06 21:57 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-10-21 23:54 - 2016-09-11 11:28 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\uTorrent
2016-10-21 23:54 - 2016-01-01 14:55 - 00000000 ___RD C:\Users\Kamilka\Disk Google
2016-10-21 23:54 - 2015-11-08 22:59 - 00000000 ___RD C:\Users\Maminka\Disk Google
2016-10-21 23:54 - 2015-08-06 09:35 - 00000000 ____D C:\Users\TEMP
2016-10-21 23:54 - 2015-04-04 07:04 - 00000000 ____D C:\Users\Maminka\AppData\Roaming\Autodesk
2016-10-21 23:54 - 2015-04-03 16:55 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\Autodesk
2016-10-21 23:54 - 2015-02-09 20:12 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\IrfanView
2016-10-21 23:54 - 2014-08-06 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-10-21 23:54 - 2014-06-21 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-10-21 23:54 - 2014-06-21 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-21 23:54 - 2014-06-21 10:50 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-10-21 23:54 - 2014-06-04 20:20 - 00000000 ____D C:\Users\Tatínek\AppData\Local\Akamai
2016-10-21 23:54 - 2014-05-10 07:12 - 00000000 ____D C:\Users\Maminka\AppData\Roaming\IrfanView
2016-10-21 23:54 - 2014-04-04 21:18 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\IrfanView
2016-10-21 23:54 - 2014-03-25 21:38 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\Winamp
2016-10-21 23:54 - 2014-03-08 20:52 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\Autodesk
2016-10-21 23:54 - 2014-03-08 20:52 - 00000000 ____D C:\ProgramData\Autodesk
2016-10-21 23:54 - 2014-01-21 21:57 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\GHISLER
2016-10-21 23:54 - 2013-12-01 20:59 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\vlc
2016-10-21 23:54 - 2013-11-24 20:07 - 00000000 ____D C:\Users\Tatínek
2016-10-21 23:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-21 23:54 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-10-21 23:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-10-21 23:49 - 2015-05-06 21:57 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-10-21 23:49 - 2014-06-21 10:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-21 19:37 - 2014-01-21 21:58 - 00000000 ____D C:\Users\Tatínek\AppData\Local\GHISLER
2016-10-17 15:00 - 2015-10-26 11:00 - 00000000 ____D C:\Users\Kamilka\Documents\prac. listy
2016-10-11 23:32 - 2013-12-15 18:16 - 00002314 ____H C:\Users\Tatínek\Documents\Default.rdp
2016-10-09 13:18 - 2013-11-24 23:26 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-09 12:14 - 2009-07-14 06:45 - 00540032 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-08 21:47 - 2015-05-24 18:37 - 00000448 _____ C:\Windows\Tasks\SyncBack _Data.job
2016-10-08 21:11 - 2016-09-20 14:43 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-10-04 17:24 - 2013-11-24 23:28 - 00002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-02 08:55 - 2013-11-24 20:08 - 00151624 _____ C:\Users\Tatínek\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-01 10:46 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2016-09-29 19:59 - 2016-08-20 19:11 - 00000000 ____D C:\ProgramData\BlazeVideo
2016-09-28 22:58 - 2013-11-24 21:01 - 00000000 ____D C:\Windows\system32\MRT
2016-09-28 22:38 - 2013-11-24 21:01 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2016-05-04 20:42 - 2016-05-04 20:42 - 0007947 _____ () C:\Users\Tatínek\AppData\Local\recently-used.xbel
2013-11-24 20:17 - 2013-11-24 20:17 - 0007600 _____ () C:\Users\Tatínek\AppData\Local\Resmon.ResmonCfg
2014-03-25 21:00 - 2014-11-19 20:48 - 0000043 ___SH () C:\ProgramData\.zreglib
2016-08-20 19:13 - 2016-09-29 19:57 - 0000607 _____ () C:\ProgramData\LmeUSB.log
2016-08-20 19:13 - 2016-09-29 19:57 - 0000596 _____ () C:\ProgramData\LmeZJSW.log
2014-02-09 19:45 - 2014-02-09 19:45 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Barborka\AppData\Local\Temp\avguirn_081171894378.exe
C:\Users\Barborka\AppData\Local\Temp\avguirn_08701504980.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_081087020511.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_08109565892.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_081378042385.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_081845765558.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_08354564114.exe
C:\Users\Maminka\AppData\Local\Temp\avguirn_08771376251.exe
C:\Users\Tatínek\AppData\Local\Temp\AcDeltree.exe
C:\Users\Tatínek\AppData\Local\Temp\avg-79490513-be4a-493b-9d94-a43f717baa0d.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_081843790553.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_082084586916.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_082115459872.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_08633296793.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_08758415023.exe
C:\Users\Tatínek\AppData\Local\Temp\DLMGuardian.exe
C:\Users\Tatínek\AppData\Local\Temp\ose00001.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SyncBack _Data.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe#-m _Data C:\Program Files (x86)\2BrightSparks\SyncBack#Tatínek#Task created by SyncBack.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Tat�nek\Desktop" je 8 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Je tam problém - prosím o kontrolu a pomoc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Je tam problém - prosím o kontrolu a pomoc
- Přílohy
-
- Addition.txt.zip
- (7.81 KiB) Staženo 60 x
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Je tam problém - prosím o kontrolu a pomoc
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Je tam problém - prosím o kontrolu a pomoc
Diky.
Jasne, tady to je ... nemel jsem to provest hned na zacatku? ... kdyz to tam tak vidim.
# AdwCleaner v6.030 - Log soubor vytvořen 23/10/2016 na 21:17:31
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-10-18.1 [Místní]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Tatínek - PRACOVNA
# Beží od : C:\Users\Tatínek\Desktop\adwcleaner_6.030.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
SLužba nalezena: vToolbarUpdater40.3.6
SLužba nalezena: WtuSystemSupport
***** [ Adresáře ] *****
Složka nalezena: C:\ProgramData\Avg_Update_1114av
Složka nalezena: C:\Users\Tatínek\AppData\Local\avg web tuneup
Složka nalezena: C:\Users\Tatínek\AppData\LocalLow\avg web tuneup
Složka nalezena: C:\Users\Maminka\AppData\Local\avg web tuneup
Složka nalezena: C:\Users\Maminka\AppData\LocalLow\avg web tuneup
Složka nalezena: C:\Users\WindowsXP\AppData\Local\avg web tuneup
Složka nalezena: C:\Users\WindowsXP\AppData\LocalLow\avg web tuneup
Složka nalezena: C:\Users\Kamilka\AppData\Local\avg web tuneup
Složka nalezena: C:\Users\Kamilka\AppData\LocalLow\avg web tuneup
Složka nalezena: C:\Users\Barborka\AppData\Local\avg web tuneup
Složka nalezena: C:\Users\Administrator\AppData\Local\avg web tuneup
Složka nalezena: C:\Users\Administrator\AppData\LocalLow\avg web tuneup
Složka nalezena: C:\Program Files\Common Files\AVG Secure Search
Složka nalezena: C:\ProgramData\apn
Složka nalezena: C:\ProgramData\AVG Secure Search
Složka nalezena: C:\ProgramData\AVG Security Toolbar
Složka nalezena: C:\ProgramData\avg web tuneup
Složka nalezena: C:\ProgramData\Application Data\apn
Složka nalezena: C:\ProgramData\Application Data\AVG Secure Search
Složka nalezena: C:\ProgramData\Application Data\AVG Security Toolbar
Složka nalezena: C:\ProgramData\Application Data\avg web tuneup
Složka nalezena: C:\Program Files (x86)\avg web tuneup
Složka nalezena: C:\Program Files (x86)\Common Files\AVG Secure Search
Složka nalezena: C:\Users\TATNEK~1\AppData\Local\Temp\APN-Stub
Složka nalezena: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
Složka nalezena: C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Složka nalezena: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Složka nalezena: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
***** [ Soubory ] *****
Soubor nalezen: C:\prefs.js
Soubor nalezen: C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
Soubor nalezen: C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zwinky.dl.tb.ask.com_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zwinky.dl.tb.ask.com_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL soubory.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupce ] *****
Žádné infikovaný zástupce nenalezen.
***** [ Plánovač úloh ] *****
Žádný nebezpečná úloha nenalezena.
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Klíč nalezen: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Klíč nalezen: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Klíč nalezen: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Klíč nalezen: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíč nalezen: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíč nalezen: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Klíč nalezen: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíč nalezen: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíč nalezen: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Klíč nalezen: HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\AVG Secure Search
Klíč nalezen: HKCU\Software\AVG Secure Search
Klíč nalezen: HKLM\SOFTWARE\InstallIQ
Klíč nalezen: HKLM\SOFTWARE\AVG Tuneup
Klíč nalezen: [x64] HKCU\Software\AVG Secure Search
Data nalezena: HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid=%7B7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D%7D&mid=659be0124b4e47d
Data nalezena: HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid=%7B7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D%7D&mid=659be0124b4e47d
Data nalezena: HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D}&mid=659be0124b4e47d3a7e
Data nalezena: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid=%7B7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D%7D&mid=659be0124b4e47d3a7eed10608858816-8962c7a227a5ca8a7ee1e96e38f4
Data nalezena: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid=%7B7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D%7D&mid=659be0124b4e47d3a7eed10608858816-8962c7a227a5ca8a7ee1e96e38
Klíč nalezen: HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data nalezena: HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Klíč nalezen: HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč nalezen: HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data nalezena: HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data nalezena: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data nalezena: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mysearch.avg.com
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mysearch.avg.com
Hodnota nalezena: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Klíč nalezen: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Klíč nalezen: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíč nalezen: HKLM\SOFTWARE\Classes\s
Klíč nalezen: HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Klíč nalezen: [x64] HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox báze.
Chromium nastavení nalezeno: [C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - chfdnecihphmhljaaejmgoiahnihplgn
Chromium nastavení nalezeno: [C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - chfdnecihphmhljaaejmgoiahnihplgn
Chromium nastavení nalezeno: [C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - chfdnecihphmhljaaejmgoiahnihplgn
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [12396 Bajtů] - [23/10/2016 21:17:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12471 Bajtů] ##########
Jasne, tady to je ... nemel jsem to provest hned na zacatku? ... kdyz to tam tak vidim.
# AdwCleaner v6.030 - Log soubor vytvořen 23/10/2016 na 21:17:31
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-10-18.1 [Místní]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Tatínek - PRACOVNA
# Beží od : C:\Users\Tatínek\Desktop\adwcleaner_6.030.exe
# Mod: Skenování
# Podpora : https://www.malwarebytes.com/support
***** [ Služby ] *****
SLužba nalezena: vToolbarUpdater40.3.6
SLužba nalezena: WtuSystemSupport
***** [ Adresáře ] *****
Složka nalezena: C:\ProgramData\Avg_Update_1114av
Složka nalezena: C:\Users\Tatínek\AppData\Local\avg web tuneup
Složka nalezena: C:\Users\Tatínek\AppData\LocalLow\avg web tuneup
Složka nalezena: C:\Users\Maminka\AppData\Local\avg web tuneup
Složka nalezena: C:\Users\Maminka\AppData\LocalLow\avg web tuneup
Složka nalezena: C:\Users\WindowsXP\AppData\Local\avg web tuneup
Složka nalezena: C:\Users\WindowsXP\AppData\LocalLow\avg web tuneup
Složka nalezena: C:\Users\Kamilka\AppData\Local\avg web tuneup
Složka nalezena: C:\Users\Kamilka\AppData\LocalLow\avg web tuneup
Složka nalezena: C:\Users\Barborka\AppData\Local\avg web tuneup
Složka nalezena: C:\Users\Administrator\AppData\Local\avg web tuneup
Složka nalezena: C:\Users\Administrator\AppData\LocalLow\avg web tuneup
Složka nalezena: C:\Program Files\Common Files\AVG Secure Search
Složka nalezena: C:\ProgramData\apn
Složka nalezena: C:\ProgramData\AVG Secure Search
Složka nalezena: C:\ProgramData\AVG Security Toolbar
Složka nalezena: C:\ProgramData\avg web tuneup
Složka nalezena: C:\ProgramData\Application Data\apn
Složka nalezena: C:\ProgramData\Application Data\AVG Secure Search
Složka nalezena: C:\ProgramData\Application Data\AVG Security Toolbar
Složka nalezena: C:\ProgramData\Application Data\avg web tuneup
Složka nalezena: C:\Program Files (x86)\avg web tuneup
Složka nalezena: C:\Program Files (x86)\Common Files\AVG Secure Search
Složka nalezena: C:\Users\TATNEK~1\AppData\Local\Temp\APN-Stub
Složka nalezena: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
Složka nalezena: C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Složka nalezena: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Složka nalezena: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
***** [ Soubory ] *****
Soubor nalezen: C:\prefs.js
Soubor nalezen: C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
Soubor nalezen: C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zwinky.dl.tb.ask.com_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zwinky.dl.tb.ask.com_0.localstorage-journal
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
Soubor nalezen: C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
Soubor nalezen: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
***** [ DLL ] *****
Nebyly nalezeny žádné škodlivé DLL soubory.
***** [ WMI ] *****
Nebyly nalezeny žádné škodlivé klíče.
***** [ Zástupce ] *****
Žádné infikovaný zástupce nenalezen.
***** [ Plánovač úloh ] *****
Žádný nebezpečná úloha nenalezena.
***** [ Registry ] *****
Klíč nalezen: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Klíč nalezen: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Klíč nalezen: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Klíč nalezen: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Klíč nalezen: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíč nalezen: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíč nalezen: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Klíč nalezen: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
Klíč nalezen: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Klíč nalezen: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Klíč nalezen: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Klíč nalezen: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Klíč nalezen: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Klíč nalezen: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč nalezen: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Klíč nalezen: HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\AVG Secure Search
Klíč nalezen: HKCU\Software\AVG Secure Search
Klíč nalezen: HKLM\SOFTWARE\InstallIQ
Klíč nalezen: HKLM\SOFTWARE\AVG Tuneup
Klíč nalezen: [x64] HKCU\Software\AVG Secure Search
Data nalezena: HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid=%7B7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D%7D&mid=659be0124b4e47d
Data nalezena: HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid=%7B7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D%7D&mid=659be0124b4e47d
Data nalezena: HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D}&mid=659be0124b4e47d3a7e
Data nalezena: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid=%7B7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D%7D&mid=659be0124b4e47d3a7eed10608858816-8962c7a227a5ca8a7ee1e96e38f4
Data nalezena: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid=%7B7863D7ED-1FB9-41EC-ADE9-2A52EFEE6C0D%7D&mid=659be0124b4e47d3a7eed10608858816-8962c7a227a5ca8a7ee1e96e38
Klíč nalezen: HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data nalezena: HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Klíč nalezen: HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Klíč nalezen: HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data nalezena: HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data nalezena: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data nalezena: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Klíč nalezen: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mysearch.avg.com
Klíč nalezen: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mysearch.avg.com
Hodnota nalezena: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Klíč nalezen: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Klíč nalezen: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Klíč nalezen: HKLM\SOFTWARE\Classes\s
Klíč nalezen: HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Klíč nalezen: [x64] HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
***** [ Internetové prohlížeče ] *****
Nebyly nalezeny žádné škodlivé položky prohlížeče Firefox báze.
Chromium nastavení nalezeno: [C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - chfdnecihphmhljaaejmgoiahnihplgn
Chromium nastavení nalezeno: [C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - chfdnecihphmhljaaejmgoiahnihplgn
Chromium nastavení nalezeno: [C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - chfdnecihphmhljaaejmgoiahnihplgn
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [12396 Bajtů] - [23/10/2016 21:17:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12471 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Je tam problém - prosím o kontrolu a pomoc
Neklikl jste na mazání, ADW nemazal. Zkuste ještě jednou.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Je tam problém - prosím o kontrolu a pomoc
OK, tady je log z adwcleaner po cisteni:
# AdwCleaner v6.030 - Log soubor vytvořen 23/10/2016 na 21:46:24
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-10-18.1 [Místní]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Tatínek - PRACOVNA
# Beží od : C:\Users\Tatínek\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služby smazány:vToolbarUpdater40.3.6
[-] Služby smazány:WtuSystemSupport
***** [ Adresáře ] *****
[-] Adresář smazán:C:\ProgramData\Avg_Update_1114av
[-] Adresář smazán:C:\Users\Tatínek\AppData\Local\avg web tuneup
[-] Adresář smazán:C:\Users\Tatínek\AppData\LocalLow\avg web tuneup
[-] Adresář smazán:C:\Users\Maminka\AppData\Local\avg web tuneup
[-] Adresář smazán:C:\Users\Maminka\AppData\LocalLow\avg web tuneup
[-] Adresář smazán:C:\Users\WindowsXP\AppData\Local\avg web tuneup
[-] Adresář smazán:C:\Users\WindowsXP\AppData\LocalLow\avg web tuneup
[-] Adresář smazán:C:\Users\Kamilka\AppData\Local\avg web tuneup
[-] Adresář smazán:C:\Users\Kamilka\AppData\LocalLow\avg web tuneup
[-] Adresář smazán:C:\Users\Barborka\AppData\Local\avg web tuneup
[-] Adresář smazán:C:\Users\Administrator\AppData\Local\avg web tuneup
[-] Adresář smazán:C:\Users\Administrator\AppData\LocalLow\avg web tuneup
[-] Adresář smazán:C:\Program Files\Common Files\AVG Secure Search
[-] Adresář smazán:C:\ProgramData\apn
[-] Adresář smazán:C:\ProgramData\AVG Secure Search
[-] Adresář smazán:C:\ProgramData\AVG Security Toolbar
[-] Adresář smazán:C:\ProgramData\avg web tuneup
[#] Adresář nelze smazat:C:\ProgramData\Application Data\apn
[#] Adresář nelze smazat:C:\ProgramData\Application Data\AVG Secure Search
[#] Adresář nelze smazat:C:\ProgramData\Application Data\AVG Security Toolbar
[#] Adresář nelze smazat:C:\ProgramData\Application Data\avg web tuneup
[-] Adresář smazán:C:\Program Files (x86)\avg web tuneup
[-] Adresář smazán:C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Adresář smazán:C:\Users\TATNEK~1\AppData\Local\Temp\APN-Stub
[-] Adresář smazán:C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
[-] Adresář smazán:C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Adresář smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Adresář smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
***** [ Soubory ] *****
[-] Soubor smazán:C:\prefs.js
[-] Soubor smazán:C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
[-] Soubor smazán:C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
[-] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
[-] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[-] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[-] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[#] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[#] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[#] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[#] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[#] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[#] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zwinky.dl.tb.ask.com_0.localstorage
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zwinky.dl.tb.ask.com_0.localstorage-journal
[#] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[#] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[#] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[#] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Klíč smazán:HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Klíč smazán:HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Klíč smazán:HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán:HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\AVG Secure Search
[#] Klíč smazán po restartování:HKCU\Software\AVG Secure Search
[-] Klíč smazán:HKLM\SOFTWARE\InstallIQ
[-] Klíč smazán:HKLM\SOFTWARE\AVG Tuneup
[#] Klíč smazán po restartování:[x64] HKCU\Software\AVG Secure Search
[-] Data obnovena:HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Klíč smazán:HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena:HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán:HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán:HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena:HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mysearch.avg.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mysearch.avg.com
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Klíč smazán:HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Klíč smazán:HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Klíč smazán:HKLM\SOFTWARE\Classes\s
[-] Klíč smazán:HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[#] Klíč smazán po restartování:[x64] HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
***** [ Prohlížeče ] *****
[-] [C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:chfdnecihphmhljaaejmgoiahnihplgn
[-] [C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:chfdnecihphmhljaaejmgoiahnihplgn
[-] [C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:chfdnecihphmhljaaejmgoiahnihplgn
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [12360 Bajtů] - [23/10/2016 21:46:24]
C:\AdwCleaner\AdwCleaner[S0].txt - [12608 Bajtů] - [23/10/2016 21:17:31]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [12510 Bajtů] ##########
# AdwCleaner v6.030 - Log soubor vytvořen 23/10/2016 na 21:46:24
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-10-18.1 [Místní]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : Tatínek - PRACOVNA
# Beží od : C:\Users\Tatínek\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
[-] Služby smazány:vToolbarUpdater40.3.6
[-] Služby smazány:WtuSystemSupport
***** [ Adresáře ] *****
[-] Adresář smazán:C:\ProgramData\Avg_Update_1114av
[-] Adresář smazán:C:\Users\Tatínek\AppData\Local\avg web tuneup
[-] Adresář smazán:C:\Users\Tatínek\AppData\LocalLow\avg web tuneup
[-] Adresář smazán:C:\Users\Maminka\AppData\Local\avg web tuneup
[-] Adresář smazán:C:\Users\Maminka\AppData\LocalLow\avg web tuneup
[-] Adresář smazán:C:\Users\WindowsXP\AppData\Local\avg web tuneup
[-] Adresář smazán:C:\Users\WindowsXP\AppData\LocalLow\avg web tuneup
[-] Adresář smazán:C:\Users\Kamilka\AppData\Local\avg web tuneup
[-] Adresář smazán:C:\Users\Kamilka\AppData\LocalLow\avg web tuneup
[-] Adresář smazán:C:\Users\Barborka\AppData\Local\avg web tuneup
[-] Adresář smazán:C:\Users\Administrator\AppData\Local\avg web tuneup
[-] Adresář smazán:C:\Users\Administrator\AppData\LocalLow\avg web tuneup
[-] Adresář smazán:C:\Program Files\Common Files\AVG Secure Search
[-] Adresář smazán:C:\ProgramData\apn
[-] Adresář smazán:C:\ProgramData\AVG Secure Search
[-] Adresář smazán:C:\ProgramData\AVG Security Toolbar
[-] Adresář smazán:C:\ProgramData\avg web tuneup
[#] Adresář nelze smazat:C:\ProgramData\Application Data\apn
[#] Adresář nelze smazat:C:\ProgramData\Application Data\AVG Secure Search
[#] Adresář nelze smazat:C:\ProgramData\Application Data\AVG Security Toolbar
[#] Adresář nelze smazat:C:\ProgramData\Application Data\avg web tuneup
[-] Adresář smazán:C:\Program Files (x86)\avg web tuneup
[-] Adresář smazán:C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Adresář smazán:C:\Users\TATNEK~1\AppData\Local\Temp\APN-Stub
[-] Adresář smazán:C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
[-] Adresář smazán:C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Adresář smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Adresář smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
***** [ Soubory ] *****
[-] Soubor smazán:C:\prefs.js
[-] Soubor smazán:C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
[-] Soubor smazán:C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
[-] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
[-] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[-] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[-] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[#] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[#] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[#] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[#] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[#] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
[#] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zwinky.dl.tb.ask.com_0.localstorage
[-] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zwinky.dl.tb.ask.com_0.localstorage-journal
[#] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[#] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
[#] Soubor smazán:C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
[#] Soubor smazán:C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Klíč smazán:HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Klíč smazán:HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Klíč smazán:HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[#] Klíč smazán po restartování:[x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Klíč smazán:HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\AVG Secure Search
[#] Klíč smazán po restartování:HKCU\Software\AVG Secure Search
[-] Klíč smazán:HKLM\SOFTWARE\InstallIQ
[-] Klíč smazán:HKLM\SOFTWARE\AVG Tuneup
[#] Klíč smazán po restartování:[x64] HKCU\Software\AVG Secure Search
[-] Data obnovena:HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data obnovena:[x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Klíč smazán:HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena:HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán:HKU\S-1-5-21-2133369454-4041179682-2755245969-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Klíč smazán:HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena:HKU\S-1-5-21-2133369454-4041179682-2755245969-1005\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Data obnovena:[x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mysearch.avg.com
[#] Klíč smazán po restartování:[x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mysearch.avg.com
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Klíč smazán:HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Klíč smazán:HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Klíč smazán:HKLM\SOFTWARE\Classes\s
[-] Klíč smazán:HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[#] Klíč smazán po restartování:[x64] HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
***** [ Prohlížeče ] *****
[-] [C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:chfdnecihphmhljaaejmgoiahnihplgn
[-] [C:\Users\Maminka\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:chfdnecihphmhljaaejmgoiahnihplgn
[-] [C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:chfdnecihphmhljaaejmgoiahnihplgn
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [12360 Bajtů] - [23/10/2016 21:46:24]
C:\AdwCleaner\AdwCleaner[S0].txt - [12608 Bajtů] - [23/10/2016 21:17:31]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [12510 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Je tam problém - prosím o kontrolu a pomoc
Teď je to OK. Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Je tam problém - prosím o kontrolu a pomoc
Diky, vkladam novy log z RSIT - chovani PC stale stejne 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by Tatínek (administrator) on PRACOVNA (23-10-2016 22:31:27)
Running from C:\Users\Tatínek\Desktop
Loaded Profiles: Tatínek (Available Profiles: Tatínek & Maminka & WindowsXP & Kamilka & Barborka & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Petr Laštovička) C:\Program Files (x86)\HotkeyP\HotkeyP.exe
(Akamai Technologies, Inc.) C:\Users\Tatínek\AppData\Local\Akamai\netsession_win.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Akamai Technologies, Inc.) C:\Users\Tatínek\AppData\Local\Akamai\netsession_win.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Autodesk Inc.) C:\Users\Tatínek\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(forum.viry.cz) C:\Users\Tatínek\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2012-11-06] ()
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [522784 2015-11-17] (Autodesk Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\Tatínek\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=659be0124b4e47d3a7eed10608858816-06ce4fc639803a2e3563922518183d8e94088cb9 /CMPID=1213b
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [HotkeyP] => C:\Program Files (x86)\HotkeyP\HotkeyP.exe [147456 2014-01-21] (Petr Laštovička)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Tatínek\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=659be0124b4e47d3a7eed10608858816-06ce4fc639803a2e3563922518183d8e94088cb9 /CMPID=0214c
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [Sony PC Companion] => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Tatínek\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [ABUNINSTALL] => C:\ProgramData\AB Studio\ABUnInstall.exe [234120 2009-06-26] (AB Studio C+E)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {0af55e12-478d-11e6-8fce-001a4d514a6d} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {5ca76f9d-b9ca-11e3-acac-004f4e6161e5} - I:\Launcher.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {aaf28296-d775-11e3-96e8-004f4e6161e5} - G:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {c535a0c0-1773-11e5-90cb-001a4d514a6d} - F:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {e347a9b1-a49d-11e3-96a5-004f4e6161e5} - F:\Startme.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
Startup: C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice 4.1.0.lnk [2015-02-09]
ShortcutTarget: OpenOffice 4.1.0.lnk -> C:\Program Files (x86)\OpenOffice 4\program\quickstart.exe ()
Startup: C:\Users\Maminka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice 4.1.0.lnk [2014-06-05]
ShortcutTarget: OpenOffice 4.1.0.lnk -> C:\Program Files (x86)\OpenOffice 4\program\quickstart.exe ()
Startup: C:\Users\WindowsXP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinXP.lnk [2014-04-01]
ShortcutTarget: WinXP.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
GroupPolicy\User: Restriction <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2133369454-4041179682-2755245969-1006\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1CADF27F-87BB-4D0F-BC7E-EE5E17262A93}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-11] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-11] (Oracle Corporation)
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-11-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-11-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2133369454-4041179682-2755245969-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tatínek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-02-10] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default [2016-10-21]
CHR Extension: (Dokumenty Google) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Disk Google) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-29]
CHR HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AbSoftMgr4; C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe [521784 2013-08-27] (AB Studio)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1139744 2015-11-17] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-11] (Electronic Arts)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH)
S3 PS3 Media Server; C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [384280 2012-11-27] (Tanuki Software, Ltd.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 DSDrv4; C:\Program Files (x86)\DScaler\DSDrv4.sys [8801 2005-12-18] () [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-15] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-25] (Oracle Corporation)
S3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [187904 2009-09-23] (Microsoft Corporation) [File not signed]
S3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [95232 2009-09-23] (Microsoft Corporation) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-23 21:13 - 2016-10-23 22:29 - 00000000 ____D C:\AdwCleaner
2016-10-23 21:11 - 2016-10-23 21:09 - 03910208 _____ C:\Users\Tatínek\Desktop\adwcleaner_6.030.exe
2016-10-23 16:34 - 2016-10-23 22:31 - 00019537 _____ C:\Users\Tatínek\Desktop\FRST.txt
2016-10-22 00:02 - 2016-10-22 00:09 - 00000000 ____D C:\FRST
2016-10-22 00:01 - 2016-10-21 23:55 - 00112640 _____ (forum.viry.cz) C:\Users\Tatínek\Desktop\FRSTLauncher.exe
2016-10-22 00:00 - 2016-10-22 00:04 - 00000000 ____D C:\Users\Tatínek\Desktop\Havet
2016-10-22 00:00 - 2016-10-21 23:53 - 02407424 _____ (Farbar) C:\Users\Tatínek\Desktop\FRST64.exe
2016-10-21 20:16 - 2016-10-21 20:16 - 00000000 ____D C:\Download
2016-10-21 20:13 - 2016-10-21 20:13 - 00000000 ____D C:\Users\Tatínek\Documents\My Videos
2016-10-21 20:13 - 2016-10-21 20:13 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\Samsung
2016-10-21 20:13 - 2016-10-21 20:13 - 00000000 ____D C:\AllShare
2016-10-08 21:38 - 2016-09-01 21:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-08 21:38 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-08 21:38 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-08 21:38 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-08 21:38 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-08 21:38 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-08 21:38 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-08 21:38 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-08 21:38 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-08 21:38 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-08 21:38 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-08 21:38 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-08 21:38 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-08 21:38 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-08 21:38 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-08 21:38 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-08 21:38 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-08 21:38 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-08 21:38 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-08 21:38 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-08 21:38 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-08 21:38 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-08 21:38 - 2016-09-01 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-08 21:38 - 2016-09-01 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-08 21:38 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-08 21:38 - 2016-09-01 02:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-08 21:38 - 2016-09-01 02:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-08 21:38 - 2016-09-01 02:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-08 21:38 - 2016-09-01 02:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-08 21:38 - 2016-09-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-08 21:38 - 2016-09-01 01:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-08 21:38 - 2016-09-01 01:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-08 21:38 - 2016-09-01 01:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-08 21:38 - 2016-09-01 01:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-08 21:38 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-08 21:38 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-08 21:37 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-08 21:37 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-08 21:37 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-08 21:37 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-08 21:37 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-08 21:37 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-08 21:37 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-08 21:37 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-08 21:37 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-08 21:37 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-08 21:37 - 2016-09-01 02:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-08 21:37 - 2016-09-01 02:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-08 21:37 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-08 21:37 - 2016-09-01 02:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-08 21:37 - 2016-09-01 02:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-08 21:37 - 2016-09-01 02:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-08 21:37 - 2016-09-01 02:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-08 21:37 - 2016-09-01 02:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-08 21:37 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-08 21:37 - 2016-09-01 02:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-08 21:37 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-08 21:37 - 2016-09-01 01:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-08 21:37 - 2016-09-01 01:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-08 21:37 - 2016-09-01 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-08 21:37 - 2016-09-01 01:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-08 21:37 - 2016-09-01 01:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-08 21:37 - 2016-09-01 01:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-08 21:37 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-08 21:37 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-08 21:37 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-08 21:36 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-10-08 21:36 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-10-08 21:36 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-10-08 21:32 - 2016-09-02 17:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-08 21:32 - 2016-09-02 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-08 21:32 - 2016-09-02 17:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-08 21:32 - 2016-09-02 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-08 21:32 - 2016-09-02 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-08 21:32 - 2016-09-02 17:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-08 21:32 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-08 21:32 - 2016-09-02 17:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-08 21:32 - 2016-09-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-08 21:32 - 2016-09-02 17:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-08 21:32 - 2016-09-02 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-08 21:32 - 2016-09-02 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-08 21:32 - 2016-09-02 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-08 21:32 - 2016-09-02 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-08 21:32 - 2016-09-02 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-08 21:32 - 2016-09-02 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-08 21:32 - 2016-09-02 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-08 21:32 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-08 21:32 - 2016-09-02 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-08 21:32 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-08 21:32 - 2016-09-02 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-08 21:32 - 2016-09-02 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-08 21:32 - 2016-09-02 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-08 21:32 - 2016-09-02 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-08 21:32 - 2016-09-02 16:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 16:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 16:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 16:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-08 21:32 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-10-08 21:32 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-10-08 21:32 - 2016-08-16 04:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-08 21:31 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-10-08 21:31 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-10-08 21:31 - 2016-08-05 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-10-08 21:31 - 2016-08-05 17:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-10-02 21:23 - 2016-10-02 21:23 - 00048135 _____ C:\Users\Tatínek\Desktop\redl.pdf
2016-09-29 19:39 - 2016-09-29 19:39 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-09-29 19:39 - 2016-09-29 19:39 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-23 22:22 - 2013-11-24 20:13 - 00000000 ____D C:\ProgramData\MFAData
2016-10-23 22:19 - 2014-02-02 18:15 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-10-23 22:19 - 2013-11-24 23:26 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-23 22:18 - 2014-10-10 20:29 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-23 22:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-23 22:17 - 2009-07-14 06:45 - 00022576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-23 22:17 - 2009-07-14 06:45 - 00022576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-23 21:42 - 2015-05-24 18:37 - 00000448 _____ C:\Windows\Tasks\SyncBack _Data.job
2016-10-23 21:18 - 2013-11-24 23:26 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-23 21:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-10-23 15:50 - 2016-06-04 19:48 - 00000000 ____D C:\ProgramData\Origin
2016-10-22 00:04 - 2014-06-21 11:57 - 00000000 ____D C:\Program Files\KMSnano
2016-10-22 00:03 - 2009-07-14 17:18 - 04971964 _____ C:\Windows\system32\perfh005.dat
2016-10-22 00:03 - 2009-07-14 17:18 - 01595316 _____ C:\Windows\system32\perfc005.dat
2016-10-22 00:03 - 2009-07-14 07:13 - 00006460 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-21 23:58 - 2016-06-05 09:26 - 00000000 ____D C:\Users\Barborka
2016-10-21 23:58 - 2015-05-24 09:27 - 00000000 ____D C:\Users\Administrator
2016-10-21 23:58 - 2015-02-07 19:19 - 00000000 ____D C:\Users\Kamilka
2016-10-21 23:58 - 2014-04-01 19:27 - 00000000 ____D C:\Users\WindowsXP
2016-10-21 23:58 - 2014-03-17 22:10 - 00000000 ____D C:\Users\Maminka
2016-10-21 23:54 - 2016-09-11 11:28 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\uTorrent
2016-10-21 23:54 - 2016-01-01 14:55 - 00000000 ___RD C:\Users\Kamilka\Disk Google
2016-10-21 23:54 - 2015-11-08 22:59 - 00000000 ___RD C:\Users\Maminka\Disk Google
2016-10-21 23:54 - 2015-08-06 09:35 - 00000000 ____D C:\Users\TEMP
2016-10-21 23:54 - 2015-04-04 07:04 - 00000000 ____D C:\Users\Maminka\AppData\Roaming\Autodesk
2016-10-21 23:54 - 2015-04-03 16:55 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\Autodesk
2016-10-21 23:54 - 2015-02-09 20:12 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\IrfanView
2016-10-21 23:54 - 2014-08-06 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-10-21 23:54 - 2014-06-21 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-10-21 23:54 - 2014-06-21 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-21 23:54 - 2014-06-21 10:50 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-10-21 23:54 - 2014-06-04 20:20 - 00000000 ____D C:\Users\Tatínek\AppData\Local\Akamai
2016-10-21 23:54 - 2014-05-10 07:12 - 00000000 ____D C:\Users\Maminka\AppData\Roaming\IrfanView
2016-10-21 23:54 - 2014-04-04 21:18 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\IrfanView
2016-10-21 23:54 - 2014-03-25 21:38 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\Winamp
2016-10-21 23:54 - 2014-03-08 20:52 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\Autodesk
2016-10-21 23:54 - 2014-03-08 20:52 - 00000000 ____D C:\ProgramData\Autodesk
2016-10-21 23:54 - 2014-01-21 21:57 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\GHISLER
2016-10-21 23:54 - 2013-12-01 20:59 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\vlc
2016-10-21 23:54 - 2013-11-24 20:07 - 00000000 ____D C:\Users\Tatínek
2016-10-21 23:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-21 23:54 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-10-21 23:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-10-21 23:49 - 2014-06-21 10:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-21 19:37 - 2014-01-21 21:58 - 00000000 ____D C:\Users\Tatínek\AppData\Local\GHISLER
2016-10-17 15:00 - 2015-10-26 11:00 - 00000000 ____D C:\Users\Kamilka\Documents\prac. listy
2016-10-11 23:32 - 2013-12-15 18:16 - 00002314 ____H C:\Users\Tatínek\Documents\Default.rdp
2016-10-09 12:14 - 2009-07-14 06:45 - 00540032 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-08 21:11 - 2016-09-20 14:43 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-10-04 17:24 - 2013-11-24 23:28 - 00002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-02 08:55 - 2013-11-24 20:08 - 00151624 _____ C:\Users\Tatínek\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-01 10:46 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2016-09-29 19:59 - 2016-08-20 19:11 - 00000000 ____D C:\ProgramData\BlazeVideo
2016-09-28 22:58 - 2013-11-24 21:01 - 00000000 ____D C:\Windows\system32\MRT
2016-09-28 22:38 - 2013-11-24 21:01 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2016-05-04 20:42 - 2016-05-04 20:42 - 0007947 _____ () C:\Users\Tatínek\AppData\Local\recently-used.xbel
2013-11-24 20:17 - 2013-11-24 20:17 - 0007600 _____ () C:\Users\Tatínek\AppData\Local\Resmon.ResmonCfg
2014-03-25 21:00 - 2014-11-19 20:48 - 0000043 ___SH () C:\ProgramData\.zreglib
2016-08-20 19:13 - 2016-09-29 19:57 - 0000607 _____ () C:\ProgramData\LmeUSB.log
2016-08-20 19:13 - 2016-09-29 19:57 - 0000596 _____ () C:\ProgramData\LmeZJSW.log
2014-02-09 19:45 - 2014-02-09 19:45 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Barborka\AppData\Local\Temp\avguirn_081171894378.exe
C:\Users\Barborka\AppData\Local\Temp\avguirn_08701504980.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_081087020511.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_08109565892.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_081378042385.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_081845765558.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_08354564114.exe
C:\Users\Maminka\AppData\Local\Temp\avguirn_08771376251.exe
C:\Users\Tatínek\AppData\Local\Temp\AcDeltree.exe
C:\Users\Tatínek\AppData\Local\Temp\avg-79490513-be4a-493b-9d94-a43f717baa0d.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_081843790553.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_082084586916.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_082115459872.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_08633296793.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_08758415023.exe
C:\Users\Tatínek\AppData\Local\Temp\DLMGuardian.exe
C:\Users\Tatínek\AppData\Local\Temp\ose00001.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SyncBack _Data.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe#-m _Data C:\Program Files (x86)\2BrightSparks\SyncBack#Tatínek#Task created by SyncBack.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Tat�nek\Desktop" je 11 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-10-2016
Ran by Tatínek (administrator) on PRACOVNA (23-10-2016 22:31:27)
Running from C:\Users\Tatínek\Desktop
Loaded Profiles: Tatínek (Available Profiles: Tatínek & Maminka & WindowsXP & Kamilka & Barborka & Administrator)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Petr Laštovička) C:\Program Files (x86)\HotkeyP\HotkeyP.exe
(Akamai Technologies, Inc.) C:\Users\Tatínek\AppData\Local\Akamai\netsession_win.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Akamai Technologies, Inc.) C:\Users\Tatínek\AppData\Local\Akamai\netsession_win.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Autodesk Inc.) C:\Users\Tatínek\AppData\Local\Autodesk\.AdskAppManager\R1\AdAppMgr.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(forum.viry.cz) C:\Users\Tatínek\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2041192 2012-11-06] ()
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [522784 2015-11-17] (Autodesk Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\Tatínek\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=659be0124b4e47d3a7eed10608858816-06ce4fc639803a2e3563922518183d8e94088cb9 /CMPID=1213b
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [HotkeyP] => C:\Program Files (x86)\HotkeyP\HotkeyP.exe [147456 2014-01-21] (Petr Laštovička)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Tatínek\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=659be0124b4e47d3a7eed10608858816-06ce4fc639803a2e3563922518183d8e94088cb9 /CMPID=0214c
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [Sony PC Companion] => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Tatínek\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [ABUNINSTALL] => C:\ProgramData\AB Studio\ABUnInstall.exe [234120 2009-06-26] (AB Studio C+E)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Policies\Explorer: []
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {0af55e12-478d-11e6-8fce-001a4d514a6d} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {5ca76f9d-b9ca-11e3-acac-004f4e6161e5} - I:\Launcher.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {aaf28296-d775-11e3-96e8-004f4e6161e5} - G:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {c535a0c0-1773-11e5-90cb-001a4d514a6d} - F:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {e347a9b1-a49d-11e3-96a5-004f4e6161e5} - F:\Startme.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-12-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-07-29] (Google)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.)
Startup: C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice 4.1.0.lnk [2015-02-09]
ShortcutTarget: OpenOffice 4.1.0.lnk -> C:\Program Files (x86)\OpenOffice 4\program\quickstart.exe ()
Startup: C:\Users\Maminka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice 4.1.0.lnk [2014-06-05]
ShortcutTarget: OpenOffice 4.1.0.lnk -> C:\Program Files (x86)\OpenOffice 4\program\quickstart.exe ()
Startup: C:\Users\WindowsXP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinXP.lnk [2014-04-01]
ShortcutTarget: WinXP.lnk -> C:\Program Files\Oracle\VirtualBox\VirtualBox.exe (Oracle Corporation)
GroupPolicy\User: Restriction <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2133369454-4041179682-2755245969-1006\User: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{1CADF27F-87BB-4D0F-BC7E-EE5E17262A93}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-11] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-11] (Oracle Corporation)
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-11-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-11-09] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-2133369454-4041179682-2755245969-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tatínek\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-02-10] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default [2016-10-21]
CHR Extension: (Dokumenty Google) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Disk Google) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-27]
CHR Extension: (YouTube) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
CHR Extension: (Gmail) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Tatínek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-29]
CHR HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AbSoftMgr4; C:\Program Files\Common Files\AB Studio Shared\AbSoftMgr4.exe [521784 2013-08-27] (AB Studio)
R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [1139744 2015-11-17] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2016-06-11] (Electronic Arts)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1335344 2014-01-23] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [856112 2014-01-23] (pdfforge GmbH)
S3 PS3 Media Server; C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [384280 2012-11-27] (Tanuki Software, Ltd.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [299264 2016-07-27] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
S3 DSDrv4; C:\Program Files (x86)\DScaler\DSDrv4.sys [8801 2005-12-18] () [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
S3 s1039bus; C:\Windows\System32\DRIVERS\s1039bus.sys [127600 2010-03-15] (MCCI Corporation)
S3 s1039mdfl; C:\Windows\System32\DRIVERS\s1039mdfl.sys [19568 2010-03-15] (MCCI Corporation)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [161904 2010-03-15] (MCCI Corporation)
S3 s1039mgmt; C:\Windows\System32\DRIVERS\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039nd5; C:\Windows\System32\DRIVERS\s1039nd5.sys [34416 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\Windows\System32\DRIVERS\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\Windows\System32\DRIVERS\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-25] (Oracle Corporation)
S3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [187904 2009-09-23] (Microsoft Corporation) [File not signed]
S3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [95232 2009-09-23] (Microsoft Corporation) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-23 21:13 - 2016-10-23 22:29 - 00000000 ____D C:\AdwCleaner
2016-10-23 21:11 - 2016-10-23 21:09 - 03910208 _____ C:\Users\Tatínek\Desktop\adwcleaner_6.030.exe
2016-10-23 16:34 - 2016-10-23 22:31 - 00019537 _____ C:\Users\Tatínek\Desktop\FRST.txt
2016-10-22 00:02 - 2016-10-22 00:09 - 00000000 ____D C:\FRST
2016-10-22 00:01 - 2016-10-21 23:55 - 00112640 _____ (forum.viry.cz) C:\Users\Tatínek\Desktop\FRSTLauncher.exe
2016-10-22 00:00 - 2016-10-22 00:04 - 00000000 ____D C:\Users\Tatínek\Desktop\Havet
2016-10-22 00:00 - 2016-10-21 23:53 - 02407424 _____ (Farbar) C:\Users\Tatínek\Desktop\FRST64.exe
2016-10-21 20:16 - 2016-10-21 20:16 - 00000000 ____D C:\Download
2016-10-21 20:13 - 2016-10-21 20:13 - 00000000 ____D C:\Users\Tatínek\Documents\My Videos
2016-10-21 20:13 - 2016-10-21 20:13 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\Samsung
2016-10-21 20:13 - 2016-10-21 20:13 - 00000000 ____D C:\AllShare
2016-10-08 21:38 - 2016-09-01 21:26 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-08 21:38 - 2016-09-01 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-10-08 21:38 - 2016-09-01 05:18 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-10-08 21:38 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-10-08 21:38 - 2016-09-01 04:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-10-08 21:38 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-10-08 21:38 - 2016-09-01 04:46 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-10-08 21:38 - 2016-09-01 04:34 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-10-08 21:38 - 2016-09-01 04:31 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-10-08 21:38 - 2016-09-01 04:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-10-08 21:38 - 2016-09-01 04:26 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-10-08 21:38 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-10-08 21:38 - 2016-09-01 04:23 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-10-08 21:38 - 2016-09-01 04:08 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-10-08 21:38 - 2016-09-01 03:59 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-10-08 21:38 - 2016-09-01 03:57 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-10-08 21:38 - 2016-09-01 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-10-08 21:38 - 2016-09-01 03:48 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-10-08 21:38 - 2016-09-01 03:45 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-10-08 21:38 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-10-08 21:38 - 2016-09-01 03:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-10-08 21:38 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-10-08 21:38 - 2016-09-01 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-08 21:38 - 2016-09-01 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-08 21:38 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-10-08 21:38 - 2016-09-01 02:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-08 21:38 - 2016-09-01 02:15 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-08 21:38 - 2016-09-01 02:11 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-08 21:38 - 2016-09-01 02:03 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-08 21:38 - 2016-09-01 01:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-08 21:38 - 2016-09-01 01:50 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-08 21:38 - 2016-09-01 01:44 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-08 21:38 - 2016-09-01 01:42 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-08 21:38 - 2016-09-01 01:29 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-08 21:38 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-08 21:38 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-08 21:37 - 2016-09-01 04:46 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-10-08 21:37 - 2016-09-01 04:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-10-08 21:37 - 2016-09-01 04:24 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-10-08 21:37 - 2016-09-01 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-10-08 21:37 - 2016-09-01 03:34 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-10-08 21:37 - 2016-09-01 03:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-10-08 21:37 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-10-08 21:37 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-10-08 21:37 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-08 21:37 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-10-08 21:37 - 2016-09-01 02:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-08 21:37 - 2016-09-01 02:24 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-08 21:37 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-08 21:37 - 2016-09-01 02:24 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-08 21:37 - 2016-09-01 02:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-08 21:37 - 2016-09-01 02:16 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-08 21:37 - 2016-09-01 02:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-08 21:37 - 2016-09-01 02:11 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-08 21:37 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-08 21:37 - 2016-09-01 02:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-08 21:37 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-08 21:37 - 2016-09-01 01:59 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-08 21:37 - 2016-09-01 01:47 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-08 21:37 - 2016-09-01 01:46 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-08 21:37 - 2016-09-01 01:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-08 21:37 - 2016-09-01 01:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-08 21:37 - 2016-09-01 01:26 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-08 21:37 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-08 21:37 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-08 21:37 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-08 21:36 - 2016-08-12 18:26 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-10-08 21:36 - 2016-08-12 18:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-10-08 21:36 - 2016-08-12 18:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-10-08 21:32 - 2016-09-02 17:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-10-08 21:32 - 2016-09-02 17:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-08 21:32 - 2016-09-02 17:35 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-10-08 21:32 - 2016-09-02 17:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-08 21:32 - 2016-09-02 17:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-08 21:32 - 2016-09-02 17:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-08 21:32 - 2016-09-02 17:31 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:21 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-10-08 21:32 - 2016-09-02 17:21 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-10-08 21:32 - 2016-09-02 17:18 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 17:02 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-08 21:32 - 2016-09-02 17:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-08 21:32 - 2016-09-02 17:02 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-08 21:32 - 2016-09-02 17:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-08 21:32 - 2016-09-02 16:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-10-08 21:32 - 2016-09-02 16:57 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-08 21:32 - 2016-09-02 16:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-08 21:32 - 2016-09-02 16:54 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-08 21:32 - 2016-09-02 16:54 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-08 21:32 - 2016-09-02 16:53 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-08 21:32 - 2016-09-02 16:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-10-08 21:32 - 2016-09-02 16:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-08 21:32 - 2016-09-02 16:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-10-08 21:32 - 2016-09-02 16:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-10-08 21:32 - 2016-09-02 16:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-10-08 21:32 - 2016-09-02 16:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-10-08 21:32 - 2016-09-02 16:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-10-08 21:32 - 2016-09-02 16:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 16:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 16:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-08 21:32 - 2016-09-02 16:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-08 21:32 - 2016-08-16 19:36 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-10-08 21:32 - 2016-08-16 04:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-10-08 21:32 - 2016-08-16 04:35 - 03218432 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-08 21:31 - 2016-08-06 17:31 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-10-08 21:31 - 2016-08-06 17:15 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-10-08 21:31 - 2016-08-05 17:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-10-08 21:31 - 2016-08-05 17:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-10-02 21:23 - 2016-10-02 21:23 - 00048135 _____ C:\Users\Tatínek\Desktop\redl.pdf
2016-09-29 19:39 - 2016-09-29 19:39 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-09-29 19:39 - 2016-09-29 19:39 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-10-23 22:22 - 2013-11-24 20:13 - 00000000 ____D C:\ProgramData\MFAData
2016-10-23 22:19 - 2014-02-02 18:15 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-10-23 22:19 - 2013-11-24 23:26 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-23 22:18 - 2014-10-10 20:29 - 00000000 ____D C:\ProgramData\NVIDIA
2016-10-23 22:18 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-23 22:17 - 2009-07-14 06:45 - 00022576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-23 22:17 - 2009-07-14 06:45 - 00022576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-23 21:42 - 2015-05-24 18:37 - 00000448 _____ C:\Windows\Tasks\SyncBack _Data.job
2016-10-23 21:18 - 2013-11-24 23:26 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-23 21:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2016-10-23 15:50 - 2016-06-04 19:48 - 00000000 ____D C:\ProgramData\Origin
2016-10-22 00:04 - 2014-06-21 11:57 - 00000000 ____D C:\Program Files\KMSnano
2016-10-22 00:03 - 2009-07-14 17:18 - 04971964 _____ C:\Windows\system32\perfh005.dat
2016-10-22 00:03 - 2009-07-14 17:18 - 01595316 _____ C:\Windows\system32\perfc005.dat
2016-10-22 00:03 - 2009-07-14 07:13 - 00006460 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-21 23:58 - 2016-06-05 09:26 - 00000000 ____D C:\Users\Barborka
2016-10-21 23:58 - 2015-05-24 09:27 - 00000000 ____D C:\Users\Administrator
2016-10-21 23:58 - 2015-02-07 19:19 - 00000000 ____D C:\Users\Kamilka
2016-10-21 23:58 - 2014-04-01 19:27 - 00000000 ____D C:\Users\WindowsXP
2016-10-21 23:58 - 2014-03-17 22:10 - 00000000 ____D C:\Users\Maminka
2016-10-21 23:54 - 2016-09-11 11:28 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\uTorrent
2016-10-21 23:54 - 2016-01-01 14:55 - 00000000 ___RD C:\Users\Kamilka\Disk Google
2016-10-21 23:54 - 2015-11-08 22:59 - 00000000 ___RD C:\Users\Maminka\Disk Google
2016-10-21 23:54 - 2015-08-06 09:35 - 00000000 ____D C:\Users\TEMP
2016-10-21 23:54 - 2015-04-04 07:04 - 00000000 ____D C:\Users\Maminka\AppData\Roaming\Autodesk
2016-10-21 23:54 - 2015-04-03 16:55 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\Autodesk
2016-10-21 23:54 - 2015-02-09 20:12 - 00000000 ____D C:\Users\Kamilka\AppData\Roaming\IrfanView
2016-10-21 23:54 - 2014-08-06 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-10-21 23:54 - 2014-06-21 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-10-21 23:54 - 2014-06-21 10:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-21 23:54 - 2014-06-21 10:50 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-10-21 23:54 - 2014-06-04 20:20 - 00000000 ____D C:\Users\Tatínek\AppData\Local\Akamai
2016-10-21 23:54 - 2014-05-10 07:12 - 00000000 ____D C:\Users\Maminka\AppData\Roaming\IrfanView
2016-10-21 23:54 - 2014-04-04 21:18 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\IrfanView
2016-10-21 23:54 - 2014-03-25 21:38 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\Winamp
2016-10-21 23:54 - 2014-03-08 20:52 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\Autodesk
2016-10-21 23:54 - 2014-03-08 20:52 - 00000000 ____D C:\ProgramData\Autodesk
2016-10-21 23:54 - 2014-01-21 21:57 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\GHISLER
2016-10-21 23:54 - 2013-12-01 20:59 - 00000000 ____D C:\Users\Tatínek\AppData\Roaming\vlc
2016-10-21 23:54 - 2013-11-24 20:07 - 00000000 ____D C:\Users\Tatínek
2016-10-21 23:54 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-10-21 23:54 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-10-21 23:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-10-21 23:49 - 2014-06-21 10:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-21 19:37 - 2014-01-21 21:58 - 00000000 ____D C:\Users\Tatínek\AppData\Local\GHISLER
2016-10-17 15:00 - 2015-10-26 11:00 - 00000000 ____D C:\Users\Kamilka\Documents\prac. listy
2016-10-11 23:32 - 2013-12-15 18:16 - 00002314 ____H C:\Users\Tatínek\Documents\Default.rdp
2016-10-09 12:14 - 2009-07-14 06:45 - 00540032 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-08 21:11 - 2016-09-20 14:43 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-10-04 17:24 - 2013-11-24 23:28 - 00002199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-02 08:55 - 2013-11-24 20:08 - 00151624 _____ C:\Users\Tatínek\AppData\Local\GDIPFONTCACHEV1.DAT
2016-10-01 10:46 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2016-09-29 19:59 - 2016-08-20 19:11 - 00000000 ____D C:\ProgramData\BlazeVideo
2016-09-28 22:58 - 2013-11-24 21:01 - 00000000 ____D C:\Windows\system32\MRT
2016-09-28 22:38 - 2013-11-24 21:01 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2016-05-04 20:42 - 2016-05-04 20:42 - 0007947 _____ () C:\Users\Tatínek\AppData\Local\recently-used.xbel
2013-11-24 20:17 - 2013-11-24 20:17 - 0007600 _____ () C:\Users\Tatínek\AppData\Local\Resmon.ResmonCfg
2014-03-25 21:00 - 2014-11-19 20:48 - 0000043 ___SH () C:\ProgramData\.zreglib
2016-08-20 19:13 - 2016-09-29 19:57 - 0000607 _____ () C:\ProgramData\LmeUSB.log
2016-08-20 19:13 - 2016-09-29 19:57 - 0000596 _____ () C:\ProgramData\LmeZJSW.log
2014-02-09 19:45 - 2014-02-09 19:45 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
Some files in TEMP:
====================
C:\Users\Barborka\AppData\Local\Temp\avguirn_081171894378.exe
C:\Users\Barborka\AppData\Local\Temp\avguirn_08701504980.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_081087020511.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_08109565892.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_081378042385.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_081845765558.exe
C:\Users\Kamilka\AppData\Local\Temp\avguirn_08354564114.exe
C:\Users\Maminka\AppData\Local\Temp\avguirn_08771376251.exe
C:\Users\Tatínek\AppData\Local\Temp\AcDeltree.exe
C:\Users\Tatínek\AppData\Local\Temp\avg-79490513-be4a-493b-9d94-a43f717baa0d.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_081843790553.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_082084586916.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_082115459872.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_08633296793.exe
C:\Users\Tatínek\AppData\Local\Temp\avguirn_08758415023.exe
C:\Users\Tatínek\AppData\Local\Temp\DLMGuardian.exe
C:\Users\Tatínek\AppData\Local\Temp\ose00001.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SyncBack _Data.job => C:\Program Files (x86)\2BrightSparks\SyncBack\SyncBack.exe#-m _Data C:\Program Files (x86)\2BrightSparks\SyncBack#Tatínek#Task created by SyncBack.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG AntiVirus Free Edition (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Tat�nek\Desktop" je 11 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (18.45 KiB) Staženo 56 x
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Je tam problém - prosím o kontrolu a pomoc
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
C:\Users\Tatínek\AppData\Local\Akamai
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Tatínek\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {0af55e12-478d-11e6-8fce-001a4d514a6d} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {5ca76f9d-b9ca-11e3-acac-004f4e6161e5} - I:\Launcher.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {aaf28296-d775-11e3-96e8-004f4e6161e5} - G:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {c535a0c0-1773-11e5-90cb-001a4d514a6d} - F:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {e347a9b1-a49d-11e3-96a5-004f4e6161e5} - F:\Startme.exe
GroupPolicy\User: Restriction <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2133369454-4041179682-2755245969-1006\User: Restriction <======= ATTENTION
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\KMSnano
C:\Users\Barborka\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Je tam problém - prosím o kontrolu a pomoc
Diky, snad jsem to udelal spravne. Log vkladam.
Fix result of Farbar Recovery Scan Tool (x64) Version: 17-10-2016
Ran by Tatínek (24-10-2016 20:31:26) Run:2
Running from C:\Users\Tatínek\Desktop
Loaded Profiles: Tatínek (Available Profiles: Tatínek & Maminka & WindowsXP & Kamilka & Barborka & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\Users\Tatínek\AppData\Local\Akamai
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Tatínek\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {0af55e12-478d-11e6-8fce-001a4d514a6d} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {5ca76f9d-b9ca-11e3-acac-004f4e6161e5} - I:\Launcher.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {aaf28296-d775-11e3-96e8-004f4e6161e5} - G:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {c535a0c0-1773-11e5-90cb-001a4d514a6d} - F:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {e347a9b1-a49d-11e3-96a5-004f4e6161e5} - F:\Startme.exe
GroupPolicy\User: Restriction <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2133369454-4041179682-2755245969-1006\User: Restriction <======= ATTENTION
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\KMSnano
C:\Users\Barborka\AppData\Local\Temp
End
*****************
C:\Users\Tatínek\AppData\Local\Akamai => moved successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0af55e12-478d-11e6-8fce-001a4d514a6d} => key not found.
HKCR\CLSID\{0af55e12-478d-11e6-8fce-001a4d514a6d} => key not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ca76f9d-b9ca-11e3-acac-004f4e6161e5} => key not found.
HKCR\CLSID\{5ca76f9d-b9ca-11e3-acac-004f4e6161e5} => key not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aaf28296-d775-11e3-96e8-004f4e6161e5} => key not found.
HKCR\CLSID\{aaf28296-d775-11e3-96e8-004f4e6161e5} => key not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c535a0c0-1773-11e5-90cb-001a4d514a6d} => key not found.
HKCR\CLSID\{c535a0c0-1773-11e5-90cb-001a4d514a6d} => key not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e347a9b1-a49d-11e3-96a5-004f4e6161e5} => key not found.
HKCR\CLSID\{e347a9b1-a49d-11e3-96a5-004f4e6161e5} => key not found.
"C:\Windows\system32\GroupPolicy\User" => not found.
"C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2133369454-4041179682-2755245969-1006\User" => not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job" => not found.
"C:\Program Files\KMSnano" => not found.
"C:\Users\Barborka\AppData\Local\Temp" => not found.
==== End of Fixlog 20:31:28 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 17-10-2016
Ran by Tatínek (24-10-2016 20:31:26) Run:2
Running from C:\Users\Tatínek\Desktop
Loaded Profiles: Tatínek (Available Profiles: Tatínek & Maminka & WindowsXP & Kamilka & Barborka & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\Users\Tatínek\AppData\Local\Akamai
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Tatínek\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {0af55e12-478d-11e6-8fce-001a4d514a6d} - F:\LG_PC_Programs.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {5ca76f9d-b9ca-11e3-acac-004f4e6161e5} - I:\Launcher.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {aaf28296-d775-11e3-96e8-004f4e6161e5} - G:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {c535a0c0-1773-11e5-90cb-001a4d514a6d} - F:\LGAutoRun.exe
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\...\MountPoints2: {e347a9b1-a49d-11e3-96a5-004f4e6161e5} - F:\Startme.exe
GroupPolicy\User: Restriction <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2133369454-4041179682-2755245969-1006\User: Restriction <======= ATTENTION
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Program Files\KMSnano
C:\Users\Barborka\AppData\Local\Temp
End
*****************
C:\Users\Tatínek\AppData\Local\Akamai => moved successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => value not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0af55e12-478d-11e6-8fce-001a4d514a6d} => key not found.
HKCR\CLSID\{0af55e12-478d-11e6-8fce-001a4d514a6d} => key not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5ca76f9d-b9ca-11e3-acac-004f4e6161e5} => key not found.
HKCR\CLSID\{5ca76f9d-b9ca-11e3-acac-004f4e6161e5} => key not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aaf28296-d775-11e3-96e8-004f4e6161e5} => key not found.
HKCR\CLSID\{aaf28296-d775-11e3-96e8-004f4e6161e5} => key not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c535a0c0-1773-11e5-90cb-001a4d514a6d} => key not found.
HKCR\CLSID\{c535a0c0-1773-11e5-90cb-001a4d514a6d} => key not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e347a9b1-a49d-11e3-96a5-004f4e6161e5} => key not found.
HKCR\CLSID\{e347a9b1-a49d-11e3-96a5-004f4e6161e5} => key not found.
"C:\Windows\system32\GroupPolicy\User" => not found.
"C:\Windows\system32\GroupPolicyUsers\S-1-5-21-2133369454-4041179682-2755245969-1006\User" => not found.
HKU\S-1-5-21-2133369454-4041179682-2755245969-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job" => not found.
"C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job" => not found.
"C:\Program Files\KMSnano" => not found.
"C:\Users\Barborka\AppData\Local\Temp" => not found.
==== End of Fixlog 20:31:28 ====
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Je tam problém - prosím o kontrolu a pomoc
Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Je tam problém - prosím o kontrolu a pomoc
Bohuzel ne. Spis to vypada, ze uz tam jedou ty procesy 2, takze vytizeni procesoru je 100%
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Je tam problém - prosím o kontrolu a pomoc
Na zkoušku vypněte aut. aktualizace, příp přeinstalujte antivir.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Je tam problém - prosím o kontrolu a pomoc
Diky! Provedl jsem oboje. Proces svchost bezel po startu jen na jednom jadru, po urcitem case se "uklidnil" a zmensil se i jeho narok operacni pameti. Dalo by se rici, ze vsechno je OK. Mam neco vyzkouset?
-
Rudy
- Site Admin
- Příspěvky: 119672
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Je tam problém - prosím o kontrolu a pomoc
OK. Pokud je vše v pořádku, ponechte aktualizace vypnuté do příštích pravidelných (2. středa v listopadu) a pak je zapněte. Nové aktualizace většinou ten problém opraví.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Je tam problém - prosím o kontrolu a pomoc
Super, díky! Počkám a dám vědět, jak to dopadlo.
Přispějete na provoz fóra?