Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Panda anti/virus

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
wilgefortz
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 04 čer 2007 13:29

Panda anti/virus

#1 Příspěvek od wilgefortz »

Prosím o pomoc,

notebook se odmítá vypnout (ani reset), pravděpodobně to souvisí s nechtěnou nepovedenou aktualizací na win 10.
Windows Update hlásí:
Windows 10 nešlo nainstalovat c1900101-2000c U služby windows Update došlo k neznámé chybě
WindowsUpdate_dt000
Nahoru
wilgefortz
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 04 čer 2007 13:29

Re: Panda anti/virus

#2 Příspěvek od wilgefortz »

Farbar Recovery Scan Tool nešlo stáhnout, blokuje mi to Panda antivirus, nejde vypnout ani odinstalovat (uninstal win + utilita od pandasecurity nefunguje ani v nouzovém režimu)

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-10-2016
Ran by Ivčík (administrator) on IVČÍK-PC (27-10-2016 21:55:40)
Running from C:\Users\Ivčík\Desktop
Loaded Profiles: Ivčík (Available Profiles: Ivčík)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Windows\PLFSetI.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security Toolbar Antiphishing\panda2_0dn.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe


==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7399968 2009-04-11] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-04-11] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1430824 2009-02-06] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [487424 2009-08-19] (Acer Incorporated)
HKLM\...\Run: [BackupManagerTray] => C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [249600 2009-04-01] (NewTech Infosystems, Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-12] (Intel Corporation)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [186912 2009-09-04] (Acer Incorporated)
HKLM\...\Run: [Panda Security Toolbar Antiphishing] => C:\ProgramData\Panda Security Toolbar Antiphishing\panda2_0dn.exe [449192 2010-10-24] (Visicom Media Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-27] (Google Inc.)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [] => [X]
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [430080 2009-04-03] (Acer)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-19] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-11-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2C331E71-5D29-4927-94D4-3273C87C1EF8}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0510&m=aspire_5810t
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.centrum.cz/
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ378
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ378
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {BBAEC3F8-7F51-44D3-9BCD-472A42E97CBE} URL = hxxp://www.slovnik-cizich-slov.cz/?q={searchTerms}&typ=0
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {C8DD3E79-9B98-4F93-9178-247D72484068} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYCZ&apn_uid=74F7F545-007E-4A42-BDC7-A8993C0DB430&apn_sauid=2DE0EAE6-069F-4551-9D36-35DB78FF466C
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-23] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll [2010-10-25] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-23] (Oracle Corporation)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files\Panda Security\Panda Security Toolbar\PandaSecurityDx.dll [2010-10-25] ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.)
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-09] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll [2008-07-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Ivčík\AppData\Roaming\TomTom\HOME\Profiles\l33sztk5.default [2016-10-26]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default [2016-10-27]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\yjp5y24n.default -> Ask.com
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\yjp5y24n.default -> Ask.com
FF Homepage: Mozilla\Firefox\Profiles\yjp5y24n.default -> hxxp://www.centrum.cz/
FF Session Restore: Mozilla\Firefox\Profiles\yjp5y24n.default -> is enabled.
FF Extension: (Xmarks) - C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default\Extensions\foxmarks@kei.com [2016-07-08]
FF Extension: (Adblock Plus) - C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-26]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-17] [not signed]
FF HKLM\...\Firefox\Extensions: [widgetruntime@surfsecret.com] - C:\Program Files\Panda Security\Panda ID Protect\Firefox
FF Extension: (Panda Identity Protect) - C:\Program Files\Panda Security\Panda ID Protect\Firefox [2010-11-04] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-12] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-31] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2016-07-28] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [688128 2009-08-19] (Acer Incorporated) [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-07-28] (WildTangent)
R2 NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [54528 2009-04-01] (NewTech Infosystems, Inc.)
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [125472 2009-09-04] (Acer Incorporated)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [237568 2009-02-05] (Acer Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 L1C; C:\Windows\System32\DRIVERS\L1C60x86.sys [57344 2009-11-13] (Atheros Communications, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-27 21:55 - 2016-10-27 21:55 - 00000000 ____D C:\Users\Ivčík\Desktop\FRST-OlderVersion
2016-10-27 21:37 - 2016-10-27 21:37 - 00022580 _____ C:\Users\Ivčík\Desktop\Addition.txt
2016-10-27 21:35 - 2016-10-27 21:57 - 00016156 _____ C:\Users\Ivčík\Desktop\FRST.txt
2016-10-27 21:35 - 2016-10-27 21:55 - 00000000 ____D C:\FRST
2016-10-27 21:24 - 2016-10-27 21:25 - 00189844 _____ C:\Windows\ntbtlog.txt
2016-10-26 22:47 - 2016-10-27 21:55 - 01757184 _____ (Farbar) C:\Users\Ivčík\Desktop\FRST.exe
2016-10-23 20:05 - 2016-10-23 20:05 - 00000000 ____D C:\Program Files\Common Files\Java
2016-10-21 21:53 - 2016-10-23 12:20 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-10-19 22:25 - 2016-10-19 22:42 - 00000000 ____D C:\Program Files\paint.net
2016-10-19 22:25 - 2016-10-19 22:32 - 00000000 ____D C:\Users\Ivčík\AppData\Local\paint.net
2016-10-11 20:47 - 2016-09-30 17:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-10-11 20:47 - 2016-09-30 17:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-11 20:47 - 2016-09-30 07:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-11 20:47 - 2016-09-30 07:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-11 20:47 - 2016-09-30 07:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-11 20:47 - 2016-09-30 07:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-11 20:47 - 2016-09-30 07:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-11 20:47 - 2016-09-30 07:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-11 20:47 - 2016-09-30 06:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-11 20:47 - 2016-09-30 06:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-11 20:47 - 2016-09-12 22:54 - 00067816 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-10-11 20:47 - 2016-09-12 22:49 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-11 20:47 - 2016-09-12 22:49 - 01017856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-10-11 20:47 - 2016-09-12 21:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-11 20:47 - 2016-09-12 21:08 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-11 20:47 - 2016-09-10 17:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-11 20:47 - 2016-09-09 17:53 - 01406976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-10-11 20:47 - 2016-09-09 17:53 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-10-11 20:47 - 2016-09-09 17:53 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-10-11 20:47 - 2016-09-09 17:53 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-10-11 20:47 - 2016-09-09 17:53 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-10-11 20:47 - 2016-09-09 17:53 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-10-11 20:47 - 2016-09-09 17:53 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-10-11 20:47 - 2016-08-16 20:47 - 00419640 _____ C:\Windows\system32\locale.nls
2016-10-11 20:47 - 2016-08-12 18:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-10-11 20:47 - 2016-08-12 18:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-10-11 20:47 - 2016-08-12 18:21 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-10-11 20:47 - 2016-08-06 17:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-10-11 20:47 - 2016-08-06 17:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 20:47 - 2016-08-06 17:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-10-11 20:47 - 2016-08-06 17:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-10-11 20:47 - 2016-08-06 16:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 20:47 - 2016-07-22 16:51 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-10-11 20:47 - 2016-06-14 17:25 - 00078568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-10-11 20:47 - 2016-06-14 17:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00474624 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-10-11 20:47 - 2016-06-14 17:21 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-10-11 20:47 - 2016-06-14 17:17 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-10-11 20:46 - 2016-09-30 21:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-10-11 20:46 - 2016-09-30 07:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-11 20:46 - 2016-09-30 07:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 20:46 - 2016-09-30 07:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-11 20:46 - 2016-09-30 07:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-10-11 20:46 - 2016-09-30 07:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-10-11 20:46 - 2016-09-30 07:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-10-11 20:46 - 2016-09-30 07:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-11 20:46 - 2016-09-30 07:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-10-11 20:46 - 2016-09-30 07:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-11 20:46 - 2016-09-30 07:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-11 20:46 - 2016-09-30 07:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-10-11 20:46 - 2016-09-30 07:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-11 20:46 - 2016-09-30 07:32 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-10-11 20:46 - 2016-09-30 07:27 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 20:46 - 2016-09-30 07:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-11 20:46 - 2016-09-30 07:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-10-11 20:46 - 2016-09-30 07:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 20:46 - 2016-09-30 07:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-10-11 20:46 - 2016-09-30 07:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-11 20:46 - 2016-09-30 07:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-11 20:46 - 2016-09-30 07:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-10-11 20:46 - 2016-09-30 07:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-10-11 20:46 - 2016-09-30 07:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-11 20:46 - 2016-09-30 07:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-10-11 20:46 - 2016-09-30 07:05 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-10-11 20:46 - 2016-09-30 06:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-10-11 20:46 - 2016-09-15 17:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-11 20:46 - 2016-09-15 17:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-11 20:46 - 2016-09-12 22:53 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-10-11 20:46 - 2016-09-12 22:53 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-10-11 20:46 - 2016-09-12 22:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-10-11 20:46 - 2016-09-12 22:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-10-11 20:46 - 2016-09-12 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-10-11 20:46 - 2016-09-12 22:28 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-11 20:46 - 2016-09-12 22:26 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-10-11 20:46 - 2016-09-12 22:26 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-10-11 20:46 - 2016-09-12 22:26 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-10-11 20:46 - 2016-09-12 22:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-10-11 20:46 - 2016-09-12 22:25 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-10-11 20:46 - 2016-09-12 22:25 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-10-11 20:46 - 2016-09-09 20:01 - 01310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-10-11 20:46 - 2016-09-09 20:00 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-10-11 20:46 - 2016-09-09 20:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-10-11 20:46 - 2016-09-09 19:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-10-11 20:46 - 2016-09-09 19:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-10-11 20:46 - 2016-09-09 19:59 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-10-11 20:46 - 2016-09-09 19:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-10-11 20:46 - 2016-09-09 19:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-10-11 20:46 - 2016-09-09 19:42 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 20:46 - 2016-09-09 19:42 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-10-11 20:46 - 2016-09-09 19:42 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-10-11 20:46 - 2016-09-09 19:42 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 20:46 - 2016-09-09 19:39 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-10-11 20:46 - 2016-09-09 19:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-10-11 20:46 - 2016-09-08 22:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-10-11 20:46 - 2016-09-08 22:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-10-11 20:46 - 2016-09-08 16:49 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-11 20:46 - 2016-09-08 16:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-11 20:46 - 2016-08-29 17:12 - 12880384 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-10-11 20:46 - 2016-08-29 17:12 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-10-11 20:46 - 2016-08-29 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-10-11 20:46 - 2016-08-29 16:55 - 02972672 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-10-11 20:46 - 2016-08-16 22:27 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2016-10-11 20:46 - 2016-08-16 22:27 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2016-10-11 20:46 - 2016-08-16 22:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2016-10-11 20:46 - 2016-08-16 22:26 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2016-10-11 20:46 - 2016-08-16 22:26 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2016-10-11 20:46 - 2016-08-16 22:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2016-10-11 20:46 - 2016-08-16 22:26 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2016-10-11 20:46 - 2016-08-12 18:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-10-11 20:46 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-10-11 20:46 - 2016-08-12 18:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-10-11 20:46 - 2016-08-06 17:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-10-11 20:46 - 2016-08-06 16:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-10-11 20:46 - 2016-08-06 16:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-10-11 20:46 - 2016-06-14 17:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-10-11 20:46 - 2016-06-14 17:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-10-11 20:46 - 2016-06-14 17:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-10-11 20:46 - 2016-06-14 17:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-10-11 20:46 - 2016-06-14 17:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-10-11 20:46 - 2016-06-14 17:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-10-11 20:46 - 2016-06-14 17:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-10-11 20:46 - 2016-06-14 17:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-10-11 20:46 - 2016-06-14 17:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-10-11 20:46 - 2016-06-14 17:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-10-11 20:46 - 2016-06-14 17:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-10-11 20:46 - 2016-06-14 17:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-10-11 20:46 - 2016-06-14 17:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-10-11 20:46 - 2016-06-14 17:00 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-10-11 20:46 - 2016-06-14 16:55 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-10-11 20:46 - 2016-06-14 16:55 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-10-11 20:46 - 2016-06-14 16:54 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-10-10 22:17 - 2016-10-10 22:17 - 00000000 ____D C:\Users\Ivčík\AppData\Roaming\Sun
2016-10-10 22:17 - 2016-10-10 22:17 - 00000000 ____D C:\Users\Ivčík\.oracle_jre_usage
2016-10-09 23:58 - 2016-10-09 23:58 - 00001241 _____ C:\Users\Ivčík\AppData\Local\recently-used.xbel
2016-10-09 00:52 - 2016-10-16 13:47 - 00000000 ____D C:\Users\Ivčík\AppData\Roaming\vlc
2016-10-07 00:33 - 2016-10-07 00:33 - 00000000 ____D C:\Users\Ivčík\AppData\Roaming\inkscape
2016-10-05 21:06 - 2016-10-05 21:06 - 00000895 _____ C:\Users\Public\Desktop\Inkscape 0.91.lnk
2016-10-05 21:06 - 2016-10-05 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.91
2016-10-05 21:06 - 2016-10-05 21:06 - 00000000 ____D C:\Program Files\Inkscape
2016-10-05 20:58 - 2016-10-05 20:59 - 00000000 ____D C:\Program Files\Imagine
2016-10-05 20:58 - 2016-10-05 20:58 - 00001815 _____ C:\Users\Public\Desktop\Imagine.lnk
2016-10-05 20:58 - 2016-10-05 20:58 - 00000000 ____D C:\Users\Ivčík\AppData\Roaming\Imagine
2016-10-05 20:58 - 2016-10-05 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imagine

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-10-27 21:57 - 2010-11-27 01:50 - 00000940 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-27 21:53 - 2010-11-27 01:50 - 00000936 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-27 21:53 - 2010-11-04 20:19 - 00000000 ____D C:\ProgramData\Panda Security Toolbar Antiphishing
2016-10-27 21:52 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-27 21:22 - 2010-05-17 21:59 - 00019344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-27 21:22 - 2010-05-17 21:59 - 00019344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-26 23:01 - 2012-11-10 18:16 - 00000000 ____D C:\INSTALL
2016-10-26 22:45 - 2015-10-18 11:44 - 00000000 ____D C:\Program Files\TomTom HOME 2
2016-10-26 22:38 - 2012-05-07 10:26 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-26 19:08 - 2016-09-18 21:52 - 00000000 ____D C:\JUPIK
2016-10-26 11:17 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\inf
2016-10-23 20:13 - 2013-10-05 11:07 - 00000000 ____D C:\ProgramData\Oracle
2016-10-23 20:06 - 2015-01-17 15:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-23 20:06 - 2014-08-13 20:53 - 00000000 ____D C:\Program Files\Java
2016-10-23 20:05 - 2015-04-21 08:55 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-10-23 19:56 - 2014-03-11 21:21 - 00000000 ____D C:\FOTO
2016-10-23 12:20 - 2013-04-04 22:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-10-22 20:17 - 2010-05-17 22:36 - 01583226 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-22 20:17 - 2009-07-14 10:44 - 00668792 _____ C:\Windows\system32\perfh005.dat
2016-10-22 20:17 - 2009-07-14 10:44 - 00141420 _____ C:\Windows\system32\perfc005.dat
2016-10-16 20:43 - 2016-02-17 23:51 - 00000000 ____D C:\FILM
2016-10-16 20:18 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2016-10-12 22:38 - 2012-05-07 10:26 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-10-12 22:38 - 2012-05-07 10:26 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-10-12 22:38 - 2009-04-01 02:01 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-12 13:45 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2016-10-12 11:54 - 2009-07-14 06:33 - 00417776 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-12 11:51 - 2015-01-01 13:47 - 00000000 ____D C:\Windows\system32\appraiser
2016-10-12 11:51 - 2014-05-04 14:12 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-10-12 11:51 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\Dism
2016-10-11 22:22 - 2013-08-06 19:41 - 00000000 ____D C:\Windows\system32\MRT
2016-10-11 22:21 - 2010-06-14 18:11 - 141042968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-10-11 20:49 - 2015-04-21 09:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-10 22:17 - 2010-05-17 22:00 - 00000000 ____D C:\Users\Ivčík
2016-10-08 17:26 - 2013-01-28 20:37 - 00001028 _____ C:\Users\Public\Desktop\VLC media player.lnk

==================== Files in the root of some directories =======

2010-11-04 19:13 - 2010-11-04 19:14 - 0005251 _____ () C:\Users\Ivčík\AppData\Local\MyWinLockerInstaller.txt-20101104.log
2016-10-09 23:58 - 2016-10-09 23:58 - 0001241 _____ () C:\Users\Ivčík\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
C:\Users\Ivčík\AppData\Local\Temp\NOSEventMessages.dll


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Panda anti/virus

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
wilgefortz
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 04 čer 2007 13:29

Re: Panda anti/virus

#4 Příspěvek od wilgefortz »

# AdwCleaner v6.030 - Log soubor vytvořen 28/10/2016 na 12:21:37
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-10-28.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X86)
# Uživatelské jméno : Ivčík - IVČÍK-PC
# Beží od : C:\Users\Ivčík\Desktop\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Adresáře ] *****

[-] Adresář smazán:C:\Users\Ivčík\AppData\Local\VirtualStore\Program Files\Convesoft
[-] Adresář smazán:C:\Users\Ivčík\AppData\LocalLow\AlterGeo
[-] Adresář smazán:C:\Users\Ivčík\AppData\LocalLow\pandasecuritytb
[-] Adresář smazán:C:\Users\Ivčík\AppData\Roaming\iWin
[-] Adresář smazán:C:\ProgramData\Ask
[-] Adresář smazán:C:\ProgramData\ICQ\ICQToolbar
[#] Adresář nelze smazat:C:\ProgramData\Application Data\Ask
[#] Adresář nelze smazat:C:\ProgramData\Application Data\ICQ\ICQToolbar
[-] Adresář smazán:C:\Users\Public\Documents\iWin


***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Klíč smazán:HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Klíč smazán:HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Klíč smazán:HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B821BF60-5C2D-41EB-

92DC-3E4CCD3A22E4}
[-] Klíč smazán:HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B821BF60-5C2D-41EB-

92DC-3E4CCD3A22E4}
[-] Hodnota smazána:HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B821BF60-5C2D-41EB-92DC-

3E4CCD3A22E4}]
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-

21-1794764402-2752610107-2250550547-1000\Software\ICQ\ICQToolbar
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolbar
[-] Klíč smazán:HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Components\6AA0923513360135B272E8289C5F13FA
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Components\922525DCC5199162F8935747CA3D8E59
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-

18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Data obnovena:HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet

Explorer\Main [ICQ Search]
[-] Data obnovena:HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Klíč smazán:HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet

Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[-] Klíč smazán:HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet

Explorer\SearchScopes\{C8DD3E79-9B98-4F93-9178-247D72484068}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes

\{6552C7DD-90A4-4387-B795-F8F96747DE19}
[#] Klíč smazán po restartování:HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C8DD3E79

-9B98-4F93-9178-247D72484068}
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]


***** [ Prohlížeče ] *****

[-] Firefox nastavení vyčištěno:"browser.search.order.1" - "Ask.com"
[-] Firefox nastavení vyčištěno:"browser.search.selectedEngine" - "Ask.com"


*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5568 Bajtů] - [28/10/2016 12:21:37]
C:\AdwCleaner\AdwCleaner[S0].txt - [6098 Bajtů] - [28/10/2016 12:19:59]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5716 Bajtů] ##########
Nahoru
wilgefortz
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 04 čer 2007 13:29

Re: Panda anti/virus

#5 Příspěvek od wilgefortz »

Problém přetrval, windows po odhlášení stále zobrazuje vypínání a notebook se nevypne ani po hodině... (Win 7 Home premium sp1)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Panda anti/virus

#6 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
wilgefortz
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 04 čer 2007 13:29

Re: Panda anti/virus

#7 Příspěvek od wilgefortz »

Bohužel FRST se kousne i v nouzovém režimu (zkusil jsem ho i znovu stáhnout)
Nahoru
wilgefortz
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 04 čer 2007 13:29

Re: Panda anti/virus

#8 Příspěvek od wilgefortz »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ivčík at 2016-10-29 00:56:02
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 370 GB (79%) free of 467 GB
Total RAM: 3002 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:57:36, on 29.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\explorer.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\ProgramData\Panda Security Toolbar Antiphishing\panda2_0dn.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Windows\system32\igfxext.exe
C:\Users\Ivčík\Desktop\RSIT.exe
C:\Program Files\trend micro\Ivčík.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_5810t
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"
O4 - HKLM\..\Run: [Panda Security Toolbar Antiphishing] "C:\ProgramData\Panda Security Toolbar Antiphishing\panda2_0dn.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9603 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default

prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"widgetruntime@surfsecret.com"=C:\Program Files\Panda Security\Panda ID Protect\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.205 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_205.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default\extensions\
foxmarks@kei.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-23 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23 193136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-23 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23 193136]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-04-11 7399968]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-04-11 1833504]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2009-08-19 487424]
"BackupManagerTray"=C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-04-01 249600]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-12 186904]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 135168]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 167424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 144384]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-08-27 1194504]
"ODDPwr"=C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [2009-09-04 186912]
"Panda Security Toolbar Antiphishing"=C:\ProgramData\Panda Security Toolbar Antiphishing\panda2_0dn.exe [2010-10-24 449192]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-09-22 587288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2010-11-20 144384]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-11-27 39408]
""= []
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe -s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-02 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.tscc"=tsccvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-29 00:56:03 ----D---- C:\Program Files\trend micro
2016-10-29 00:56:02 ----D---- C:\rsit
2016-10-28 12:11:09 ----D---- C:\AdwCleaner
2016-10-27 21:35:08 ----D---- C:\FRST
2016-10-27 21:24:52 ----A---- C:\Windows\ntbtlog.txt
2016-10-23 20:05:53 ----D---- C:\Program Files\Common Files\Java
2016-10-21 21:53:42 ----D---- C:\Program Files\Mozilla Firefox
2016-10-19 22:25:40 ----D---- C:\Program Files\paint.net
2016-10-11 20:47:18 ----A---- C:\Windows\system32\devinv.dll
2016-10-11 20:47:18 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-11 20:47:18 ----A---- C:\Windows\system32\appraiser.dll
2016-10-11 20:47:18 ----A---- C:\Windows\system32\aeinv.dll
2016-10-11 20:47:18 ----A---- C:\Windows\system32\acmigration.dll
2016-10-11 20:47:17 ----A---- C:\Windows\system32\invagent.dll
2016-10-11 20:47:17 ----A---- C:\Windows\system32\generaltel.dll
2016-10-11 20:47:17 ----A---- C:\Windows\system32\centel.dll
2016-10-11 20:47:17 ----A---- C:\Windows\system32\aepic.dll
2016-10-11 20:47:16 ----A---- C:\Windows\system32\poqexec.exe
2016-10-11 20:47:11 ----A---- C:\Windows\system32\mshtml.dll
2016-10-11 20:47:09 ----A---- C:\Windows\system32\wmp.dll
2016-10-11 20:47:08 ----A---- C:\Windows\system32\ieframe.dll
2016-10-11 20:47:07 ----A---- C:\Windows\system32\jscript9.dll
2016-10-11 20:47:06 ----A---- C:\Windows\system32\wininet.dll
2016-10-11 20:47:06 ----A---- C:\Windows\system32\mf.dll
2016-10-11 20:47:06 ----A---- C:\Windows\system32\drmv2clt.dll
2016-10-11 20:47:06 ----A---- C:\Windows\system32\blackbox.dll
2016-10-11 20:47:05 ----A---- C:\Windows\system32\WsmSvc.dll
2016-10-11 20:47:05 ----A---- C:\Windows\system32\urlmon.dll
2016-10-11 20:47:05 ----A---- C:\Windows\system32\iertutil.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\vbscript.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\scavengeui.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\quartz.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\qdvd.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\msfeeds.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\lsasrv.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\evr.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\audiosrv.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-10-11 20:47:03 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-10-11 20:47:03 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 20:47:03 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-10-11 20:47:03 ----A---- C:\Windows\system32\cryptui.dll
2016-10-11 20:47:03 ----A---- C:\Windows\system32\AudioEng.dll
2016-10-11 20:47:02 ----A---- C:\Windows\system32\WsmAuto.dll
2016-10-11 20:47:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-10-11 20:47:02 ----A---- C:\Windows\system32\mfplat.dll
2016-10-11 20:47:02 ----A---- C:\Windows\system32\EncDump.dll
2016-10-11 20:47:02 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-10-11 20:47:02 ----A---- C:\Windows\system32\AudioSes.dll
2016-10-11 20:47:01 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-11 20:47:01 ----A---- C:\Windows\system32\pcasvc.dll
2016-10-11 20:47:01 ----A---- C:\Windows\system32\DWrite.dll
2016-10-11 20:47:01 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-10-11 20:47:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-11 20:47:00 ----A---- C:\Windows\system32\FntCache.dll
2016-10-11 20:46:59 ----A---- C:\Windows\system32\inetcomm.dll
2016-10-11 20:46:59 ----A---- C:\Windows\system32\iedkcs32.dll
2016-10-11 20:46:59 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-11 20:46:59 ----A---- C:\Windows\system32\cryptsp.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\win32k.sys
2016-10-11 20:46:58 ----A---- C:\Windows\system32\WebClnt.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\ntdll.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 20:46:58 ----A---- C:\Windows\system32\msscp.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\msnetobj.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\mfps.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\ie4uinit.exe
2016-10-11 20:46:58 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-11 20:46:58 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-10-11 20:46:58 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-10-11 20:46:58 ----A---- C:\Windows\system32\audiodg.exe
2016-10-11 20:46:58 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-11 20:46:57 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-10-11 20:46:57 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-10-11 20:46:57 ----A---- C:\Windows\system32\rrinstaller.exe
2016-10-11 20:46:57 ----A---- C:\Windows\system32\pcawrk.exe
2016-10-11 20:46:57 ----A---- C:\Windows\system32\pcalua.exe
2016-10-11 20:46:57 ----A---- C:\Windows\system32\pcadm.dll
2016-10-11 20:46:57 ----A---- C:\Windows\system32\mfpmp.exe
2016-10-11 20:46:57 ----A---- C:\Windows\system32\davclnt.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\WsmRes.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\webcheck.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\spwmp.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\pcaevts.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\msmmsp.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\mferror.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\jscript.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\INETRES.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\ieui.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\ieapfltr.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\dxmasf.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\wintrust.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\wdigest.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\TSpkg.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\sspisrv.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\sspicli.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\srcore.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\smss.exe
2016-10-11 20:46:54 ----A---- C:\Windows\system32\schannel.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\secur32.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\rpchttp.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\rpcrt4.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\occache.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\ncrypt.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\msv1_0.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\msrating.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\mshtmled.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\lsass.exe
2016-10-11 20:46:54 ----A---- C:\Windows\system32\kerberos.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\jsproxy.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\jscript9diag.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\inseng.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\ieUnatt.exe
2016-10-11 20:46:54 ----A---- C:\Windows\system32\iesetup.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\iernonce.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-10-11 20:46:54 ----A---- C:\Windows\system32\dxtrans.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\dxtmsft.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-10-11 20:46:54 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-10-11 20:46:54 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-10-11 20:46:54 ----A---- C:\Windows\system32\drivers\appid.sys
2016-10-11 20:46:54 ----A---- C:\Windows\system32\cryptsvc.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\cryptnet.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\cryptbase.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\crypt32.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\credssp.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\apisetschema.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\advapi32.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\srclient.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\rstrui.exe
2016-10-11 20:46:53 ----A---- C:\Windows\system32\msobjs.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\msaudite.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\csrsrv.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\auditpol.exe
2016-10-11 20:46:53 ----A---- C:\Windows\system32\appidsvc.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 20:46:53 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 20:46:53 ----A---- C:\Windows\system32\appidapi.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\adtschema.dll
2016-10-11 20:46:07 ----A---- C:\Windows\system32\shell32.dll
2016-10-11 20:46:07 ----A---- C:\Windows\explorer.exe
2016-10-11 20:46:06 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-10-11 20:46:06 ----A---- C:\Windows\system32\authui.dll
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-10-10 22:17:53 ----D---- C:\Users\Ivčík\AppData\Roaming\Sun
2016-10-09 00:52:15 ----D---- C:\Users\Ivčík\AppData\Roaming\vlc
2016-10-07 00:33:20 ----D---- C:\Users\Ivčík\AppData\Roaming\inkscape
2016-10-05 21:06:10 ----D---- C:\Program Files\Inkscape
2016-10-05 20:58:59 ----D---- C:\Users\Ivčík\AppData\Roaming\Imagine
2016-10-05 20:58:36 ----D---- C:\Program Files\Imagine

======List of files/folders modified in the last 1 month======

2016-10-29 00:57:00 ----D---- C:\Windows\Temp
2016-10-29 00:56:03 ----D---- C:\Program Files
2016-10-29 00:55:24 ----D---- C:\Windows\system32\config
2016-10-29 00:52:42 ----D---- C:\ProgramData\Panda Security Toolbar Antiphishing
2016-10-29 00:52:40 ----D---- C:\Windows\system32\DriverStore
2016-10-28 22:14:59 ----D---- C:\Windows\Prefetch
2016-10-28 12:27:59 ----D---- C:\JUPIK
2016-10-28 12:21:32 ----D---- C:\ProgramData\ICQ
2016-10-28 12:21:31 ----HD---- C:\ProgramData
2016-10-27 23:38:11 ----D---- C:\Windows\System32
2016-10-27 23:38:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-10-27 23:38:07 ----D---- C:\Windows\system32\Macromed
2016-10-27 21:52:00 ----D---- C:\Windows
2016-10-27 21:13:53 ----SHD---- C:\Config.Msi
2016-10-26 23:01:36 ----D---- C:\INSTALL
2016-10-26 22:45:22 ----SHD---- C:\Windows\Installer
2016-10-26 22:45:19 ----D---- C:\Program Files\TomTom HOME 2
2016-10-26 11:17:22 ----D---- C:\Windows\inf
2016-10-25 23:37:16 ----D---- C:\Windows\system32\LogFiles
2016-10-25 23:37:13 ----D---- C:\Windows\debug
2016-10-23 20:13:58 ----D---- C:\ProgramData\Oracle
2016-10-23 20:06:29 ----D---- C:\Program Files\Java
2016-10-23 20:05:53 ----D---- C:\Program Files\Common Files
2016-10-23 20:05:11 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2016-10-23 19:56:03 ----D---- C:\FOTO
2016-10-23 12:20:31 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-10-22 20:17:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-19 22:42:55 ----D---- C:\Windows\Microsoft.NET
2016-10-19 22:42:53 ----RSD---- C:\Windows\assembly
2016-10-16 20:43:13 ----D---- C:\FILM
2016-10-16 20:18:28 ----D---- C:\Windows\system32\NDF
2016-10-12 13:45:58 ----D---- C:\Windows\rescache
2016-10-12 12:17:09 ----D---- C:\Windows\winsxs
2016-10-12 11:55:33 ----SHD---- C:\Boot
2016-10-12 11:55:13 ----D---- C:\Windows\Logs
2016-10-12 11:51:40 ----SD---- C:\Windows\system32\CompatTel
2016-10-12 11:51:40 ----D---- C:\Windows\system32\appraiser
2016-10-12 11:51:37 ----D---- C:\Windows\system32\drivers
2016-10-12 11:51:37 ----D---- C:\Windows\system32\Dism
2016-10-12 11:51:37 ----D---- C:\Windows\system32\cs-CZ
2016-10-12 11:51:36 ----D---- C:\Windows\system32\en-US
2016-10-12 11:51:33 ----D---- C:\Windows\AppPatch
2016-10-12 11:51:32 ----D---- C:\Program Files\Internet Explorer
2016-10-12 11:51:31 ----D---- C:\Program Files\Windows Media Player
2016-10-12 11:51:29 ----D---- C:\Windows\cs-CZ
2016-10-12 11:51:28 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-10-11 22:22:03 ----D---- C:\Windows\system32\MRT
2016-10-11 22:21:52 ----AC---- C:\Windows\system32\MRT.exe
2016-10-11 20:50:21 ----D---- C:\Windows\system32\Tasks
2016-10-11 20:42:52 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-02 5946368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-04-11 2358112]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-09-22 112128]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2009-11-13 57344]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\Drivers\NTIDrvr.sys [2009-03-26 15360]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-12-02 62976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-02-06 205232]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-17 582944]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2009-08-24 107016]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-08-19 688128]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-12 354840]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-04-01 54528]
R2 ODDPwrSvc;Acer ODD Power Service; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2009-09-04 125472]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2009-02-05 237568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-27 270016]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [2016-07-28 350064]
S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2016-07-28 210288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-28 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-30 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-21 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-24 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-11-05 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Panda anti/virus

#9 Příspěvek od Rudy »

OK, desítky nemáte, v sedmičkách se dá mazat i z RSIT. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
:files
C:\Program Files\Google\Google Toolbar
C:\Program Files\Google\GoogleToolbarNotifier
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]/64
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]

:commands
[Purity]
[Emptytemp]
[Emptyflash]
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
wilgefortz
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 04 čer 2007 13:29

Re: Panda anti/virus

#10 Příspěvek od wilgefortz »

Vypadalo to že se OTM kousl, ale pak restartoval (a během odhlašování se zase kously win)

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ivčík at 2016-10-29 13:24:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 370 GB (79%) free of 467 GB
Total RAM: 3002 MB (74% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:26:04, on 29.10.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
C:\ProgramData\Panda Security Toolbar Antiphishing\panda2_0dn.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Windows\system32\igfxext.exe
C:\Users\Ivčík\Desktop\RSIT.exe
C:\Program Files\trend micro\Ivčík.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACA ... pire_5810t
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -k
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ODDPwr] "C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe"
O4 - HKLM\..\Run: [Panda Security Toolbar Antiphishing] "C:\ProgramData\Panda Security Toolbar Antiphishing\panda2_0dn.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files\ICQ7.1\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9188 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default

prefs.js - "browser.startup.homepage" - "http://www.centrum.cz/"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"widgetruntime@surfsecret.com"=C:\Program Files\Panda Security\Panda ID Protect\Firefox


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.205 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_205.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.111.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.111.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nokia.com/EnablerPlugin]
"Description"=Nokia Suite Enabler Plugin
"Path"=C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default\extensions\
foxmarks@kei.com

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-23 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-23 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-04-11 7399968]
"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-04-11 1833504]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-02-06 1430824]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2009-08-19 487424]
"BackupManagerTray"=C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-04-01 249600]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-02-12 186904]
"PLFSetI"=C:\Windows\PLFSetI.exe [2008-07-29 200704]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-02 135168]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-02 167424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-02 144384]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"LManager"=C:\Program Files\Launch Manager\LManager.exe [2009-08-27 1194504]
"ODDPwr"=C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [2009-09-04 186912]
"Panda Security Toolbar Antiphishing"=C:\ProgramData\Panda Security Toolbar Antiphishing\panda2_0dn.exe [2010-10-24 449192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2010-11-20 144384]
""= []
"TomTomHOME.exe"=C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe -s []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-02 217088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.tscc"=tsccvid.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-10-29 12:27:37 ----D---- C:\_OTM
2016-10-29 00:56:03 ----D---- C:\Program Files\trend micro
2016-10-29 00:56:02 ----D---- C:\rsit
2016-10-28 12:11:09 ----D---- C:\AdwCleaner
2016-10-27 21:35:08 ----D---- C:\FRST
2016-10-27 21:24:52 ----A---- C:\Windows\ntbtlog.txt
2016-10-23 20:05:53 ----D---- C:\Program Files\Common Files\Java
2016-10-21 21:53:42 ----D---- C:\Program Files\Mozilla Firefox
2016-10-19 22:25:40 ----D---- C:\Program Files\paint.net
2016-10-11 20:47:18 ----A---- C:\Windows\system32\devinv.dll
2016-10-11 20:47:18 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-11 20:47:18 ----A---- C:\Windows\system32\appraiser.dll
2016-10-11 20:47:18 ----A---- C:\Windows\system32\aeinv.dll
2016-10-11 20:47:18 ----A---- C:\Windows\system32\acmigration.dll
2016-10-11 20:47:17 ----A---- C:\Windows\system32\invagent.dll
2016-10-11 20:47:17 ----A---- C:\Windows\system32\generaltel.dll
2016-10-11 20:47:17 ----A---- C:\Windows\system32\centel.dll
2016-10-11 20:47:17 ----A---- C:\Windows\system32\aepic.dll
2016-10-11 20:47:16 ----A---- C:\Windows\system32\poqexec.exe
2016-10-11 20:47:11 ----A---- C:\Windows\system32\mshtml.dll
2016-10-11 20:47:09 ----A---- C:\Windows\system32\wmp.dll
2016-10-11 20:47:08 ----A---- C:\Windows\system32\ieframe.dll
2016-10-11 20:47:07 ----A---- C:\Windows\system32\jscript9.dll
2016-10-11 20:47:06 ----A---- C:\Windows\system32\wininet.dll
2016-10-11 20:47:06 ----A---- C:\Windows\system32\mf.dll
2016-10-11 20:47:06 ----A---- C:\Windows\system32\drmv2clt.dll
2016-10-11 20:47:06 ----A---- C:\Windows\system32\blackbox.dll
2016-10-11 20:47:05 ----A---- C:\Windows\system32\WsmSvc.dll
2016-10-11 20:47:05 ----A---- C:\Windows\system32\urlmon.dll
2016-10-11 20:47:05 ----A---- C:\Windows\system32\iertutil.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\vbscript.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\scavengeui.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\quartz.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\qdvd.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\msfeeds.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\lsasrv.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\evr.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\audiosrv.dll
2016-10-11 20:47:04 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-10-11 20:47:03 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-10-11 20:47:03 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-10-11 20:47:03 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-10-11 20:47:03 ----A---- C:\Windows\system32\cryptui.dll
2016-10-11 20:47:03 ----A---- C:\Windows\system32\AudioEng.dll
2016-10-11 20:47:02 ----A---- C:\Windows\system32\WsmAuto.dll
2016-10-11 20:47:02 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-10-11 20:47:02 ----A---- C:\Windows\system32\mfplat.dll
2016-10-11 20:47:02 ----A---- C:\Windows\system32\EncDump.dll
2016-10-11 20:47:02 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-10-11 20:47:02 ----A---- C:\Windows\system32\AudioSes.dll
2016-10-11 20:47:01 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-11 20:47:01 ----A---- C:\Windows\system32\pcasvc.dll
2016-10-11 20:47:01 ----A---- C:\Windows\system32\DWrite.dll
2016-10-11 20:47:01 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-10-11 20:47:00 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-11 20:47:00 ----A---- C:\Windows\system32\FntCache.dll
2016-10-11 20:46:59 ----A---- C:\Windows\system32\inetcomm.dll
2016-10-11 20:46:59 ----A---- C:\Windows\system32\iedkcs32.dll
2016-10-11 20:46:59 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-11 20:46:59 ----A---- C:\Windows\system32\cryptsp.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\win32k.sys
2016-10-11 20:46:58 ----A---- C:\Windows\system32\WebClnt.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\ntdll.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-11 20:46:58 ----A---- C:\Windows\system32\msscp.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\msnetobj.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\mfps.dll
2016-10-11 20:46:58 ----A---- C:\Windows\system32\ie4uinit.exe
2016-10-11 20:46:58 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-11 20:46:58 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-10-11 20:46:58 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-10-11 20:46:58 ----A---- C:\Windows\system32\audiodg.exe
2016-10-11 20:46:58 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-11 20:46:57 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-10-11 20:46:57 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-10-11 20:46:57 ----A---- C:\Windows\system32\rrinstaller.exe
2016-10-11 20:46:57 ----A---- C:\Windows\system32\pcawrk.exe
2016-10-11 20:46:57 ----A---- C:\Windows\system32\pcalua.exe
2016-10-11 20:46:57 ----A---- C:\Windows\system32\pcadm.dll
2016-10-11 20:46:57 ----A---- C:\Windows\system32\mfpmp.exe
2016-10-11 20:46:57 ----A---- C:\Windows\system32\davclnt.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\WsmRes.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\webcheck.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\spwmp.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\pcaevts.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\msmmsp.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\mferror.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\jscript.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\INETRES.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\ieui.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\ieapfltr.dll
2016-10-11 20:46:56 ----A---- C:\Windows\system32\dxmasf.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\wintrust.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\wdigest.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\TSpkg.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\sspisrv.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\sspicli.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\srcore.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\smss.exe
2016-10-11 20:46:54 ----A---- C:\Windows\system32\schannel.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\secur32.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\rpchttp.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\rpcrt4.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\occache.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\ncrypt.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\msv1_0.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\msrating.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\mshtmled.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\lsass.exe
2016-10-11 20:46:54 ----A---- C:\Windows\system32\kerberos.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\jsproxy.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\jscript9diag.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\inseng.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\ieUnatt.exe
2016-10-11 20:46:54 ----A---- C:\Windows\system32\iesetup.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\iernonce.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-10-11 20:46:54 ----A---- C:\Windows\system32\dxtrans.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\dxtmsft.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-10-11 20:46:54 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-10-11 20:46:54 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-10-11 20:46:54 ----A---- C:\Windows\system32\drivers\appid.sys
2016-10-11 20:46:54 ----A---- C:\Windows\system32\cryptsvc.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\cryptnet.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\cryptbase.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\crypt32.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\credssp.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\apisetschema.dll
2016-10-11 20:46:54 ----A---- C:\Windows\system32\advapi32.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\srclient.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\rstrui.exe
2016-10-11 20:46:53 ----A---- C:\Windows\system32\msobjs.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\msaudite.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\csrsrv.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\auditpol.exe
2016-10-11 20:46:53 ----A---- C:\Windows\system32\appidsvc.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-10-11 20:46:53 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-10-11 20:46:53 ----A---- C:\Windows\system32\appidapi.dll
2016-10-11 20:46:53 ----A---- C:\Windows\system32\adtschema.dll
2016-10-11 20:46:07 ----A---- C:\Windows\system32\shell32.dll
2016-10-11 20:46:07 ----A---- C:\Windows\explorer.exe
2016-10-11 20:46:06 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-10-11 20:46:06 ----A---- C:\Windows\system32\authui.dll
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-10-11 20:46:05 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-10-10 22:17:53 ----D---- C:\Users\Ivčík\AppData\Roaming\Sun
2016-10-09 00:52:15 ----D---- C:\Users\Ivčík\AppData\Roaming\vlc
2016-10-07 00:33:20 ----D---- C:\Users\Ivčík\AppData\Roaming\inkscape
2016-10-05 21:06:10 ----D---- C:\Program Files\Inkscape
2016-10-05 20:58:59 ----D---- C:\Users\Ivčík\AppData\Roaming\Imagine
2016-10-05 20:58:36 ----D---- C:\Program Files\Imagine

======List of files/folders modified in the last 1 month======

2016-10-29 13:25:34 ----D---- C:\Windows\Temp
2016-10-29 13:24:54 ----D---- C:\Windows\Prefetch
2016-10-29 13:23:16 ----D---- C:\ProgramData\Panda Security Toolbar Antiphishing
2016-10-29 13:22:11 ----D---- C:\Windows\system32\DriverStore
2016-10-29 12:27:38 ----D---- C:\Windows\Tasks
2016-10-29 12:27:38 ----D---- C:\Program Files\Google
2016-10-29 01:53:10 ----D---- C:\Windows\system32\config
2016-10-29 00:56:03 ----D---- C:\Program Files
2016-10-28 12:27:59 ----D---- C:\JUPIK
2016-10-28 12:21:32 ----D---- C:\ProgramData\ICQ
2016-10-28 12:21:31 ----HD---- C:\ProgramData
2016-10-27 23:38:11 ----D---- C:\Windows\System32
2016-10-27 23:38:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-10-27 23:38:07 ----D---- C:\Windows\system32\Macromed
2016-10-27 21:52:00 ----D---- C:\Windows
2016-10-27 21:13:53 ----SHD---- C:\Config.Msi
2016-10-26 23:01:36 ----D---- C:\INSTALL
2016-10-26 22:45:22 ----SHD---- C:\Windows\Installer
2016-10-26 22:45:19 ----D---- C:\Program Files\TomTom HOME 2
2016-10-26 11:17:22 ----D---- C:\Windows\inf
2016-10-25 23:37:16 ----D---- C:\Windows\system32\LogFiles
2016-10-25 23:37:13 ----D---- C:\Windows\debug
2016-10-23 20:13:58 ----D---- C:\ProgramData\Oracle
2016-10-23 20:06:29 ----D---- C:\Program Files\Java
2016-10-23 20:05:53 ----D---- C:\Program Files\Common Files
2016-10-23 20:05:11 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2016-10-23 19:56:03 ----D---- C:\FOTO
2016-10-23 12:20:31 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-10-22 20:17:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-10-19 22:42:55 ----D---- C:\Windows\Microsoft.NET
2016-10-19 22:42:53 ----RSD---- C:\Windows\assembly
2016-10-16 20:43:13 ----D---- C:\FILM
2016-10-16 20:18:28 ----D---- C:\Windows\system32\NDF
2016-10-12 13:45:58 ----D---- C:\Windows\rescache
2016-10-12 12:17:09 ----D---- C:\Windows\winsxs
2016-10-12 11:55:33 ----SHD---- C:\Boot
2016-10-12 11:55:13 ----D---- C:\Windows\Logs
2016-10-12 11:51:40 ----SD---- C:\Windows\system32\CompatTel
2016-10-12 11:51:40 ----D---- C:\Windows\system32\appraiser
2016-10-12 11:51:37 ----D---- C:\Windows\system32\drivers
2016-10-12 11:51:37 ----D---- C:\Windows\system32\Dism
2016-10-12 11:51:37 ----D---- C:\Windows\system32\cs-CZ
2016-10-12 11:51:36 ----D---- C:\Windows\system32\en-US
2016-10-12 11:51:33 ----D---- C:\Windows\AppPatch
2016-10-12 11:51:32 ----D---- C:\Program Files\Internet Explorer
2016-10-12 11:51:31 ----D---- C:\Program Files\Windows Media Player
2016-10-12 11:51:29 ----D---- C:\Windows\cs-CZ
2016-10-12 11:51:28 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-10-11 22:22:03 ----D---- C:\Windows\system32\MRT
2016-10-11 22:21:52 ----AC---- C:\Windows\system32\MRT.exe
2016-10-11 20:50:21 ----D---- C:\Windows\system32\Tasks
2016-10-11 20:42:52 ----D---- C:\Windows\system32\catroot2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 330264]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2009-03-26 21000]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-02 5946368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-04-11 2358112]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-09-22 112128]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C60x86.sys [2009-11-13 57344]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-14 4231168]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\Drivers\NTIDrvr.sys [2009-03-26 15360]
R3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-12-02 62976]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-02-06 205232]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-07-01 108072]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 28160]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-07-17 582944]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files\Launch Manager\dsiwmis.exe [2009-08-24 107016]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2009-08-19 688128]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-02-12 354840]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-04-01 54528]
R2 ODDPwrSvc;Acer ODD Power Service; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2009-09-04 125472]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 RS_Service;Raw Socket Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [2009-02-05 237568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-27 270016]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [2016-07-28 350064]
S3 GamesAppService;GamesAppService; C:\Program Files\WildTangent Games\App\GamesAppService.exe [2016-07-28 210288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-07 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-28 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-30 102912]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-21 172488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-24 1343400]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-11-05 45744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Panda anti/virus

#11 Příspěvek od Rudy »

Dvouklikem na soubor spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:
R3 - URLSearchHook: (no name) - - (no file)
Klikněte na >FixChecked<. Pak znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
wilgefortz
Návštěvník
Návštěvník
Příspěvky: 64
Registrován: 04 čer 2007 13:29

Re: Panda anti/virus

#12 Příspěvek od wilgefortz »

Tak reset už funguje, díky. Jaký si mám teď pořídit firewall/antivirus?
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119672
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Panda anti/virus

#13 Příspěvek od Rudy »

Nemáte zač! Pro home usery postačí free anitivirus, např. Avast free: https://www.avast.com/cs-cz/lp-ppc-win- ... 0wod3bIDZw , nebo Avira: https://www.avira.com/en/download/produ ... -antivirus . Firewall postačí systémový, ve Win7 je již docela na úrovni.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“