Zdravim,
nedavno som sa pokusil o precistenie kamaratkinho PC pomocou aplikacii CCleaner, AVG, MBAM. Predovsetkym MBAM mi nahlasil dost vela nalezov, z toho aj nejakeho trojana. Taktiez sa vsak nasledovnom spusteni WIN MBAM v skusobnej verzii pokusil o kontrolu rootkitov, avsak neviem preco bola tato kontrola ukoncena - vyskocil error. Je mozne, ze nejaka haved este v PC je? Predovsetkym samotny start PC sa mi zda byt katastrofalny (ak nie horsi ako pred pokusom o odstranenie havede MBAMkom a AVG). PC mrzne, procesor nestiha a neviem prist na zdroj problemu. Prikladam log z RSIT.
Logfile of random's system information tool 1.14 (written by random/random)
Run by Danka at 2016-11-11 23:36:33
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 52 GB (18%) free of 290 GB
Total RAM: 3950 MB (40% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:37:18, on 11. 11. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18500)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Danka_RSITx64(1).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=av
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Active File Monitor V8 (AdobeActiveFileMonitor8.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14121 bytes
======Enumerating Processes======
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-70f1-f74d3260cd15 /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\Windows\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 4189344
\??\C:\Windows\system32\conhost.exe "-816716655-12841927941126488963-305269877-1888302512835300089-1790069949-471208867
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\AVG\Av\avgidsagenta.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvca.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Windows\system32\Dwm.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
"C:\Program Files\Apoint\Apvfb.exe"
"C:\Program Files\Sony\VAIO Update\vuagent.exe"
C:\Program Files\Apoint\Apntex.exe
\??\C:\Windows\system32\conhost.exe "365772140-492703166-2064673716840446641541173610-1113109743639878198-574085192
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskeng.exe
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -userlogon
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
\??\C:\Windows\system32\conhost.exe "201718431-557700223-11697058161987804042-15928187368959194621197065239-811110899
C:\Windows\system32\UI0Detect.exe
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="6468.0.603980526\2030392019" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 6468 "\\.\pipe\gecko-crash-server-pipe.6468" tab
"C:\Users\Danka\Downloads\RSITx64(1).exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AVG-SSU_0516piz.job - C:\ProgramData\Avg_Update_0516piz\AVG-Secure-Search-Update_0516piz.exe /CMPID=0516piz /RUNBY=AV
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2123528404-2394967441-1748161603-1000Core.job - C:\Users\Danka\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2123528404-2394967441-1748161603-1000UA.job - C:\Users\Danka\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d1ebd4bb825ba2.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d1ebd4bc58977b.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\ASC10_PerformanceMonitor - C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe /Task
C:\Windows\system32\tasks\ASC10_SkipUac_Danka - "C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe" /SkipUac
C:\Windows\system32\tasks\AVG EUpdate Task - avgsetupx.exe /eu
C:\Windows\system32\tasks\Driver Booster SkipUAC (Danka) - C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe /skipuac
C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2123528404-2394967441-1748161603-1000Core - C:\Users\Danka\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2123528404-2394967441-1748161603-1000UA - C:\Users\Danka\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore1d1ebd4bb825ba2 - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA1d1ebd4bc58977b - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Java Update Scheduler - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\tasks\User_Feed_Synchronization-{95277BC5-D03F-46A6-87E8-749CE9FD5C41} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\{02AB9EAB-6735-4212-AABF-67B47619A6D3} - "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/6.0.0.126/cs/a ... rogressBar
C:\Windows\system32\tasks\{3609C538-6F75-40A3-AF6D-448CABBD4777} - C:\Windows\system32\pcalua.exe -a C:\Users\Danka\AppData\Roaming\uTorrent\uTorrent.exe -c /UNINSTALL
C:\Windows\system32\tasks\{F98A40ED-AEB0-489F-A3E2-0DBABC21F6B0} - C:\Windows\system32\pcalua.exe -a "C:\Users\Danka\Desktop\winrar\winrar 3.70 cz.exe" -d C:\Users\Danka\Desktop\winrar
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-2123528404-2394967441-1748161603-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Sony Corporation\VAIO Update\VAIO Update - "C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
C:\Windows\system32\tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair - C:\Program Files\Sony\VAIO Update\VUSR.exe
C:\Windows\system32\tasks\Sony Corporation\VAIO Gate\StartExecuteProxy - "%programfiles%\Sony\VAIO Gate\ExecutionProxy.exe" /StartCounter
C:\Windows\system32\tasks\Sony Corporation\VAIO Gate\VAIO Gate - C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe /AutoStart
C:\Windows\system32\tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart - "%ProgramFiles%\Sony\VAIO Gate\VAIO Gate.exe"
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\ActiveStatusCollect - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -collectactivestatus
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\DeployCRMflag - "%ProgramFiles%\Sony\VAIO Care\DeployCRMflag.exe"
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\GetPOTInfo - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -getcollectdata
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\GetSystemInfo - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -getsysteminfo
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\UpdateSolution - "%ProgramFiles%\Sony\VAIO Care\Solution.Updater.exe"
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\UploadPOT - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -uploaddata
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\VAIO Care - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -userlogon
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\VCCheckIolo - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" CheckIoloLicense
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\VCMetrics - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -metrics
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\VCOneClick - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -autocheck
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\VCRLog - "%ProgramFiles%\Sony\VAIO Care\VCSystemTray.exe" -vcrautolog
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\VKSvcDaily - "%ProgramFiles%\Sony\VAIO Care\VAIOTM\VKSvc.exe" 1
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\VKSvcWeekly - "%ProgramFiles%\Sony\VAIO Care\VAIOTM\VKSvc.exe" 7
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\VTSvc - "%ProgramFiles%\Sony\VAIO Care\VAIOTM\VTSvc.exe"
C:\Windows\system32\tasks\Sony Corporation\VAIO Care\VTUsr - "%ProgramFiles%\Sony\VAIO Care\VAIOTM\VTUsr.exe"
C:\Windows\system32\tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool - C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
C:\Windows\system32\tasks\SONY\VAIO Power Management\VPM Logon Start - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe /Start
C:\Windows\system32\tasks\SONY\VAIO Power Management\VPM Session Change - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe /Start
C:\Windows\system32\tasks\SONY\VAIO Power Management\VPM Unlock - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe /Start
C:\Windows\system32\tasks\SONY\SUS-BCF\Level4Daily - C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe /Level4Daily
C:\Windows\system32\tasks\SONY\SUS-BCF\Level4Month - C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe /Level4Month
C:\Windows\system32\tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 - "%ProgramFiles%\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe" /AutoRun
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -upload
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\srtasks.exe ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\Shell\FamilySafetyMonitor - %windir%\System32\wpcmon.exe
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Lpksetup - C:\Windows\System32\lpksetup.exe -v
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\MUI\Mcbuilder - C:\Windows\System32\mcbuilder.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotificationWindows.exe
C:\Windows\system32\tasks\Microsoft\Windows\Location\WindowsActionDialog - %windir%\System32\WindowsActionDialog.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c -h -o -$
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
=========Mozilla firefox=========
ProfilePath - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\i26ejtr3.default-1478284543748
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.80.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.80.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
nppdf32.dll
npwachk.dll
C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\i26ejtr3.default-1478284543748\addons.json
Mozilla Firefox hotfix - extension - firefox-hotfix@mozilla.org
C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\i26ejtr3.default-1478284543748\extensions.json
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
PC Sync 2 Synchronisation Extension - extension - bkmrksync@nokia.com - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
Asynchronous Plugin Rendering - extension - asyncrendering@mozilla.org - C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\i26ejtr3.default-1478284543748\features\{37057a62-c891-4a72-9d98-defac0af5397}\asyncrendering@mozilla.org.xpi
C:\Users\Danka\AppData\Roaming\Mozilla\Firefox\Profiles\i26ejtr3.default-1478284543748\pluginreg.dat
Plugin - Adobe Acrobat - 10.1.10.18 - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\browser\nppdf32.dll
Plugin - Adobe Acrobat - 10.1.10.18 - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
Plugin - Google Update - 1.3.31.5 - C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
Plugin - Windows Live Photo Gallery - 15.4.3502.922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
Plugin - Microsoft Office 2010 - 14.0.4761.1000 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.50901.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Java(TM) Platform SE 7 U80 - 10.80.2.15 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 7.0.800.15 - 10.80.2.15 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
Plugin - Shockwave Flash - 23.0.0.162 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll
Plugin - Unity Player - 4.6.1.51269 - C:\Users\Danka\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
Plugin - Facebook Video Calling Plugin - 3.1.0.521 - C:\Users\Danka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
=========Google Chrome=========
C:\Users\Danka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Store 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 1 Seznam Lištička - Email 1.3.14
Extension blmojkbhnkkphngknkmgccmlenfaelkd 1 Seznam Lištička - Slovník 1.2.14
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Google Search 0.0.0.60
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ejpbbhjlbipncjklfjjaedaieimbmdda 0 uTorrentControl_v2 10.31.4.510
Extension ennkphjdgehloodpbhlhldgbnhmacadg Settings 0.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google v režime offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension nbpagnldghgfoolbancepceaanlmhfmd 1 Hotword triggering 0.0.1.4
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension olfeabkoenfaoljndfecamgilllcpiak 1 Seznam Lištička - Rychlá volba 1.7.13
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: http://www.google.com/ig/redirectdomain ... &bmod=SVEE
default_search_provider.search_url:
C:\Users\Danka\AppData\Local\Google\Chrome\User Data\Default\Preferences
Plugin 10,3,183,10 Shockwave Flash C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\gcswf32.dll
Plugin 10,3,183,5 Shockwave Flash C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
Plugin 6.0.200.2 Java Deployment Toolkit 6.0.200.2 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
Plugin 6.0.200.2 Java(TM) Platform SE 6 U20 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
Plugin 9.4.1.222 Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
Plugin 14.0.4761.1000 Microsoft Office 2010 C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
Plugin Remoting Viewer internal-remoting-viewer
Plugin Native Client C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\ppGoogleNaClPluginChrome.dll
Plugin Chrome PDF Viewer C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\pdf.dll
Plugin 5,5,8,2985 Winamp Application Detector C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
Plugin 1.3.21.69 Google Update C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
Plugin 14.0.8117.0416_ship.wlx.w3m3 (ship) Windows Live® Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
Plugin 1 Default Plug-in default_plugin
Homepage:
default_search_provider.search_url:
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}]
"URL"=http://www.google.com/search?q={searchT ... urceid=ie7
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}]
"URL"=http://slirsredirect.search.aol.com/sli ... 0winampie7
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-01 43520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-07-28 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-09-22 393600]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29 193136]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-07-28 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-29 255088]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-29 193136]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-05-31 10775584]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-05-31 2040352]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2010-05-31 212480]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-08-01 39408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 10]
C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe /Auto []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
C:\Users\Danka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-11 138096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2010-05-14 1479680]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
C:\Program Files (x86)\Winamp\winampa.exe [2010-07-12 74752]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-03-04 284696]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-06-01 600928]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10 271744]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-08-04 767176]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2016-09-13 218896]
"AVG_UI"=C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [2016-09-13 218896]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-06-24 269824]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mbamchameleon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mbamchameleon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-11-11 23:36:47 ----D---- C:\Program Files\trend micro
2016-11-11 23:36:33 ----D---- C:\rsit
2016-11-11 23:16:44 ----SHD---- C:\Config.Msi
2016-11-04 20:09:45 ----D---- C:\ProgramData\Avg_Update_0516piz
2016-11-04 20:06:26 ----D---- C:\Users\Danka\AppData\Roaming\AVG
2016-11-04 20:05:19 ----HD---- C:\$AVG
2016-11-04 20:04:47 ----D---- C:\ProgramData\MFAData
2016-11-04 20:00:47 ----D---- C:\Program Files (x86)\AVG
2016-11-04 20:00:31 ----D---- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-11-04 19:57:47 ----A---- C:\Windows\ntbtlog.txt
2016-11-04 19:47:30 ----D---- C:\Users\Danka\AppData\Roaming\library_dir
2016-11-04 19:47:22 ----D---- C:\Program Files (x86)\Raptr Inc
2016-11-04 19:46:41 ----D---- C:\Program Files\Common Files\ATI Technologies
2016-11-04 19:44:54 ----D---- C:\Program Files (x86)\AMD
2016-11-04 19:31:49 ----A---- C:\Windows\SYSWOW64\mfc45.dat
2016-11-04 19:29:44 ----D---- C:\ProgramData\Package Cache
2016-11-04 19:27:48 ----D---- C:\Program Files\AMD
2016-11-04 19:23:06 ----D---- C:\ProgramData\Avg
2016-11-04 19:23:02 ----D---- C:\Windows\IObit
2016-11-04 19:22:35 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2016-11-04 18:56:12 ----D---- C:\ProgramData\ProductData
2016-11-04 18:55:54 ----D---- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2016-11-04 18:54:29 ----D---- C:\Users\Danka\AppData\Roaming\IObit
2016-11-04 18:54:09 ----D---- C:\Program Files (x86)\IObit
2016-11-04 18:54:06 ----D---- C:\ProgramData\IObit
2016-11-04 18:49:12 ----D---- C:\ProgramData\Bitdefender
2016-11-04 18:35:28 ----D---- C:\Users\Danka\AppData\Roaming\QuickScan
2016-11-04 18:33:02 ----D---- C:\ProgramData\BDLogging
2016-11-04 18:33:01 ----D---- C:\ProgramData\Bitdefender Agent
2016-11-04 17:51:35 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-11-04 17:50:59 ----D---- C:\ProgramData\Malwarebytes
2016-11-04 17:50:59 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-04 17:50:59 ----A---- C:\Windows\system32\drivers\mwac.sys
2016-11-04 17:50:59 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2016-11-04 17:50:59 ----A---- C:\Windows\system32\drivers\mbam.sys
2016-10-21 15:58:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-10-12 13:49:51 ----A---- C:\Windows\system32\drivers\usbport.sys
2016-10-12 13:49:51 ----A---- C:\Windows\system32\drivers\usbehci.sys
2016-10-12 13:49:50 ----A---- C:\Windows\system32\drivers\usbuhci.sys
2016-10-12 13:49:50 ----A---- C:\Windows\system32\drivers\usbohci.sys
2016-10-12 13:49:50 ----A---- C:\Windows\system32\drivers\usbhub.sys
2016-10-12 13:49:50 ----A---- C:\Windows\system32\drivers\usbd.sys
2016-10-12 13:49:50 ----A---- C:\Windows\system32\drivers\usbccgp.sys
2016-10-12 13:49:42 ----A---- C:\Windows\system32\mshtml.dll
2016-10-12 13:49:41 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-10-12 13:49:39 ----A---- C:\Windows\system32\ieframe.dll
2016-10-12 13:49:38 ----A---- C:\Windows\system32\wmp.dll
2016-10-12 13:49:37 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-10-12 13:49:37 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-10-12 13:49:37 ----A---- C:\Windows\system32\jscript9.dll
2016-10-12 13:49:36 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-10-12 13:49:36 ----A---- C:\Windows\system32\mf.dll
2016-10-12 13:49:35 ----A---- C:\Windows\SYSWOW64\mf.dll
2016-10-12 13:49:35 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2016-10-12 13:49:35 ----A---- C:\Windows\system32\wininet.dll
2016-10-12 13:49:35 ----A---- C:\Windows\system32\drmv2clt.dll
2016-10-12 13:49:35 ----A---- C:\Windows\system32\blackbox.dll
2016-10-12 13:49:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-10-12 13:49:34 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2016-10-12 13:49:34 ----A---- C:\Windows\system32\WsmSvc.dll
2016-10-12 13:49:34 ----A---- C:\Windows\system32\iertutil.dll
2016-10-12 13:49:33 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2016-10-12 13:49:33 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-10-12 13:49:33 ----A---- C:\Windows\system32\urlmon.dll
2016-10-12 13:49:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-10-12 13:49:32 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2016-10-12 13:49:32 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-10-12 13:49:32 ----A---- C:\Windows\SYSWOW64\quartz.dll
2016-10-12 13:49:32 ----A---- C:\Windows\system32\wmdrmsdk.dll
2016-10-12 13:49:32 ----A---- C:\Windows\system32\scavengeui.dll
2016-10-12 13:49:32 ----A---- C:\Windows\system32\quartz.dll
2016-10-12 13:49:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-10-12 13:49:31 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2016-10-12 13:49:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-10-12 13:49:31 ----A---- C:\Windows\SYSWOW64\evr.dll
2016-10-12 13:49:31 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2016-10-12 13:49:31 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2016-10-12 13:49:31 ----A---- C:\Windows\system32\vbscript.dll
2016-10-12 13:49:31 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-10-12 13:49:31 ----A---- C:\Windows\system32\lsasrv.dll
2016-10-12 13:49:31 ----A---- C:\Windows\system32\evr.dll
2016-10-12 13:49:31 ----A---- C:\Windows\system32\drmmgrtn.dll
2016-10-12 13:49:31 ----A---- C:\Windows\system32\audiosrv.dll
2016-10-12 13:49:31 ----A---- C:\Windows\system32\AUDIOKSE.dll
2016-10-12 13:49:30 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2016-10-12 13:49:30 ----A---- C:\Windows\system32\WsmWmiPl.dll
2016-10-12 13:49:30 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2016-10-12 13:49:30 ----A---- C:\Windows\system32\DWrite.dll
2016-10-12 13:49:30 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2016-10-12 13:49:30 ----A---- C:\Windows\system32\cryptui.dll
2016-10-12 13:49:29 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2016-10-12 13:49:29 ----A---- C:\Windows\SYSWOW64\WSManMigrationPlugin.dll
2016-10-12 13:49:29 ----A---- C:\Windows\system32\qdvd.dll
2016-10-12 13:49:29 ----A---- C:\Windows\system32\AudioEng.dll
2016-10-12 13:49:28 ----A---- C:\Windows\SYSWOW64\WSManHTTPConfig.exe
2016-10-12 13:49:28 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-10-12 13:49:28 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2016-10-12 13:49:28 ----A---- C:\Windows\system32\msfeeds.dll
2016-10-12 13:49:28 ----A---- C:\Windows\system32\mfplat.dll
2016-10-12 13:49:28 ----A---- C:\Windows\system32\FntCache.dll
2016-10-12 13:49:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-10-12 13:49:27 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2016-10-12 13:49:27 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2016-10-12 13:49:27 ----A---- C:\Windows\system32\WsmAuto.dll
2016-10-12 13:49:27 ----A---- C:\Windows\system32\win32k.sys
2016-10-12 13:49:27 ----A---- C:\Windows\system32\AudioSes.dll
2016-10-12 13:49:26 ----A---- C:\Windows\SYSWOW64\WsmAuto.dll
2016-10-12 13:49:26 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2016-10-12 13:49:26 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2016-10-12 13:49:26 ----A---- C:\Windows\system32\pcasvc.dll
2016-10-12 13:49:26 ----A---- C:\Windows\system32\EncDump.dll
2016-10-12 13:49:26 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2016-10-12 13:49:25 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-10-12 13:49:25 ----A---- C:\Windows\system32\wmploc.DLL
2016-10-12 13:49:25 ----A---- C:\Windows\system32\audiodg.exe
2016-10-12 13:49:24 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-10-12 13:49:24 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-10-12 13:49:24 ----A---- C:\Windows\system32\mfps.dll
2016-10-12 13:49:24 ----A---- C:\Windows\system32\inetcomm.dll
2016-10-12 13:49:24 ----A---- C:\Windows\system32\drivers\dfsc.sys
2016-10-12 13:49:24 ----A---- C:\Windows\system32\cryptsp.dll
2016-10-12 13:49:23 ----A---- C:\Windows\SYSWOW64\mfps.dll
2016-10-12 13:49:23 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-10-12 13:49:23 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2016-10-12 13:49:23 ----A---- C:\Windows\system32\iedkcs32.dll
2016-10-12 13:49:23 ----A---- C:\Windows\system32\adsmsext.dll
2016-10-12 13:49:22 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-10-12 13:49:22 ----A---- C:\Windows\system32\ntdll.dll
2016-10-12 13:49:22 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-10-12 13:49:22 ----A---- C:\Windows\system32\msscp.dll
2016-10-12 13:49:22 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-10-12 13:49:21 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2016-10-12 13:49:21 ----A---- C:\Windows\SYSWOW64\msscp.dll
2016-10-12 13:49:21 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-10-12 13:49:21 ----A---- C:\Windows\SYSWOW64\adsmsext.dll
2016-10-12 13:49:21 ----A---- C:\Windows\system32\WebClnt.dll
2016-10-12 13:49:21 ----A---- C:\Windows\system32\msnetobj.dll
2016-10-12 13:49:21 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2016-10-12 13:49:21 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-10-12 13:49:20 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2016-10-12 13:49:20 ----A---- C:\Windows\system32\ie4uinit.exe
2016-10-12 13:49:20 ----A---- C:\Windows\system32\davclnt.dll
2016-10-12 13:49:19 ----A---- C:\Windows\SYSWOW64\wsmprovhost.exe
2016-10-12 13:49:19 ----A---- C:\Windows\SYSWOW64\wsmplpxy.dll
2016-10-12 13:49:19 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-10-12 13:49:19 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2016-10-12 13:49:19 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2016-10-12 13:49:19 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2016-10-12 13:49:19 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-10-12 13:49:19 ----A---- C:\Windows\system32\wsmprovhost.exe
2016-10-12 13:49:19 ----A---- C:\Windows\system32\wsmplpxy.dll
2016-10-12 13:49:19 ----A---- C:\Windows\system32\spwmp.dll
2016-10-12 13:49:19 ----A---- C:\Windows\system32\rrinstaller.exe
2016-10-12 13:49:19 ----A---- C:\Windows\system32\pcawrk.exe
2016-10-12 13:49:19 ----A---- C:\Windows\system32\pcalua.exe
2016-10-12 13:49:19 ----A---- C:\Windows\system32\pcadm.dll
2016-10-12 13:49:19 ----A---- C:\Windows\system32\msmmsp.dll
2016-10-12 13:49:19 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-10-12 13:49:19 ----A---- C:\Windows\system32\mfpmp.exe
2016-10-12 13:49:19 ----A---- C:\Windows\system32\certcli.dll
2016-10-12 13:49:18 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-10-12 13:49:18 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-10-12 13:49:18 ----A---- C:\Windows\system32\rpcrt4.dll
2016-10-12 13:49:18 ----A---- C:\Windows\system32\jscript.dll
2016-10-12 13:49:18 ----A---- C:\Windows\system32\INETRES.dll
2016-10-12 13:49:18 ----A---- C:\Windows\system32\dxmasf.dll
2016-10-12 13:49:17 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-10-12 13:49:17 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-10-12 13:49:17 ----A---- C:\Windows\system32\webcheck.dll
2016-10-12 13:49:17 ----A---- C:\Windows\system32\pcaevts.dll
2016-10-12 13:49:17 ----A---- C:\Windows\system32\ieui.dll
2016-10-12 13:49:17 ----A---- C:\Windows\system32\ieapfltr.dll
2016-10-12 13:49:17 ----A---- C:\Windows\system32\dxtrans.dll
2016-10-12 13:49:16 ----A---- C:\Windows\system32\msrating.dll
2016-10-12 13:49:16 ----A---- C:\Windows\system32\mshtmled.dll
2016-10-12 13:49:16 ----A---- C:\Windows\system32\dxtmsft.dll
2016-10-12 13:49:16 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-10-12 13:49:15 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-10-12 13:49:15 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-10-12 13:49:15 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-10-12 13:49:15 ----A---- C:\Windows\system32\occache.dll
2016-10-12 13:49:15 ----A---- C:\Windows\system32\kerberos.dll
2016-10-12 13:49:15 ----A---- C:\Windows\system32\jsproxy.dll
2016-10-12 13:49:15 ----A---- C:\Windows\system32\jscript9diag.dll
2016-10-12 13:49:14 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-10-12 13:49:14 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-10-12 13:49:14 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-10-12 13:49:13 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-10-12 13:49:13 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-10-12 13:49:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-10-12 13:49:13 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-10-12 13:49:13 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-10-12 13:49:13 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-10-12 13:49:13 ----A---- C:\Windows\system32\smss.exe
2016-10-12 13:49:13 ----A---- C:\Windows\system32\schannel.dll
2016-10-12 13:49:13 ----A---- C:\Windows\system32\msv1_0.dll
2016-10-12 13:49:13 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-10-12 13:49:13 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-10-12 13:49:13 ----A---- C:\Windows\system32\inseng.dll
2016-10-12 13:49:13 ----A---- C:\Windows\system32\ieUnatt.exe
2016-10-12 13:49:13 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-10-12 13:49:13 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-10-12 13:49:13 ----A---- C:\Windows\system32\crypt32.dll
2016-10-12 13:49:13 ----A---- C:\Windows\system32\advapi32.dll
2016-10-12 13:49:12 ----A---- C:\Windows\SYSWOW64\WsmRes.dll
2016-10-12 13:49:12 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-10-12 13:49:12 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-10-12 13:49:12 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-10-12 13:49:12 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-10-12 13:49:12 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-10-12 13:49:12 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-10-12 13:49:12 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-10-12 13:49:12 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-10-12 13:49:12 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\WsmRes.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\wow64win.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\wintrust.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\winsrv.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\wdigest.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\TSpkg.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\sspicli.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\rpchttp.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\ncrypt.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\KernelBase.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\kernel32.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\iesetup.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\iernonce.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-10-12 13:49:12 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-10-12 13:49:12 ----A---- C:\Windows\system32\cryptsvc.dll
2016-10-12 13:49:12 ----A---- C:\Windows\system32\cryptnet.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\mferror.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-10-12 13:49:11 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2016-10-12 13:49:11 ----A---- C:\Windows\system32\wow64cpu.dll
2016-10-12 13:49:11 ----A---- C:\Windows\system32\wow64.dll
2016-10-12 13:49:11 ----A---- C:\Windows\system32\sspisrv.dll
2016-10-12 13:49:11 ----A---- C:\Windows\system32\srcore.dll
2016-10-12 13:49:11 ----A---- C:\Windows\system32\secur32.dll
2016-10-12 13:49:11 ----A---- C:\Windows\system32\mferror.dll
2016-10-12 13:49:11 ----A---- C:\Windows\system32\lsass.exe
2016-10-12 13:49:11 ----A---- C:\Windows\system32\drivers\appid.sys
2016-10-12 13:49:11 ----A---- C:\Windows\system32\csrsrv.dll
2016-10-12 13:49:11 ----A---- C:\Windows\system32\cryptbase.dll
2016-10-12 13:49:11 ----A---- C:\Windows\system32\credssp.dll
2016-10-12 13:49:11 ----A---- C:\Windows\system32\conhost.exe
2016-10-12 13:49:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-10-12 13:49:10 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-10-12 13:49:10 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-10-12 13:49:10 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-10-12 13:49:10 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-10-12 13:49:10 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-10-12 13:49:10 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-10-12 13:49:10 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-10-12 13:49:10 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-10-12 13:49:10 ----A---- C:\Windows\system32\srclient.dll
2016-10-12 13:49:10 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-10-12 13:49:10 ----A---- C:\Windows\system32\rstrui.exe
2016-10-12 13:49:10 ----A---- C:\Windows\system32\ntvdm64.dll
2016-10-12 13:49:10 ----A---- C:\Windows\system32\auditpol.exe
2016-10-12 13:49:10 ----A---- C:\Windows\system32\appidsvc.dll
2016-10-12 13:49:10 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-10-12 13:49:10 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-10-12 13:49:10 ----A---- C:\Windows\system32\appidapi.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-10-12 13:49:09 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-10-12 13:49:09 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-10-12 13:49:09 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-10-12 13:49:08 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-10-12 13:49:08 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-10-12 13:49:08 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-10-12 13:49:08 ----A---- C:\Windows\SYSWOW64\user.exe
2016-10-12 13:49:08 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-10-12 13:49:08 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-10-12 13:49:08 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-10-12 13:49:08 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-10-12 13:49:08 ----A---- C:\Windows\system32\msobjs.dll
2016-10-12 13:49:08 ----A---- C:\Windows\system32\msaudite.dll
2016-10-12 13:49:08 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-10-12 13:49:08 ----A---- C:\Windows\system32\apisetschema.dll
2016-10-12 13:49:08 ----A---- C:\Windows\system32\adtschema.dll
2016-10-12 13:47:15 ----A---- C:\Windows\system32\generaltel.dll
2016-10-12 13:47:15 ----A---- C:\Windows\system32\devinv.dll
2016-10-12 13:47:15 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-10-12 13:47:15 ----A---- C:\Windows\system32\appraiser.dll
2016-10-12 13:47:15 ----A---- C:\Windows\system32\aeinv.dll
2016-10-12 13:47:15 ----A---- C:\Windows\system32\acmigration.dll
2016-10-12 13:47:14 ----A---- C:\Windows\system32\invagent.dll
2016-10-12 13:47:14 ----A---- C:\Windows\system32\centel.dll
2016-10-12 13:47:14 ----A---- C:\Windows\system32\aepic.dll
2016-10-12 13:47:13 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-10-12 13:47:13 ----A---- C:\Windows\system32\shell32.dll
2016-10-12 13:47:12 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-10-12 13:47:12 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-10-12 13:47:12 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-10-12 13:47:12 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-10-12 13:47:12 ----A---- C:\Windows\system32\authui.dll
2016-10-12 13:47:12 ----A---- C:\Windows\explorer.exe
2016-10-12 13:47:08 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-10-12 13:47:08 ----A---- C:\Windows\system32\poqexec.exe
======List of files/folders modified in the last 1 month======
2016-11-11 23:37:07 ----D---- C:\Windows\Prefetch
2016-11-11 23:36:47 ----D---- C:\Program Files
2016-11-11 23:35:57 ----D---- C:\Windows\system32\catroot2
2016-11-11 23:35:18 ----D---- C:\Windows\winsxs
2016-11-11 23:32:18 ----D---- C:\Windows\Temp
2016-11-11 23:29:24 ----RD---- C:\Program Files (x86)
2016-11-11 23:27:12 ----D---- C:\Windows\Tasks
2016-11-11 23:27:12 ----D---- C:\Windows\system32\Tasks
2016-11-11 23:20:42 ----D---- C:\Update
2016-11-11 23:19:46 ----D---- C:\Windows\System32
2016-11-11 23:19:46 ----D---- C:\Windows\inf
2016-11-11 23:19:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-11 23:17:23 ----SHD---- C:\Windows\Installer
2016-11-11 23:17:15 ----D---- C:\Windows\system32\config
2016-11-11 23:12:19 ----A---- C:\Windows\SYSWOW64\log.txt
2016-11-06 13:46:02 ----D---- C:\Windows\SysWOW64
2016-11-04 20:26:15 ----D---- C:\Windows\SoftwareDistribution
2016-11-04 20:19:55 ----D---- C:\Program Files\Common Files\AV
2016-11-04 20:09:45 ----HD---- C:\ProgramData
2016-11-04 20:06:11 ----D---- C:\Users\Danka\AppData\Roaming\TuneUp Software
2016-11-04 20:06:03 ----D---- C:\Windows\system32\drivers
2016-11-04 19:57:47 ----D---- C:\Windows
2016-11-04 19:51:34 ----D---- C:\Windows\debug
2016-11-04 19:51:22 ----D---- C:\ProgramData\AVAST Software
2016-11-04 19:51:00 ----D---- C:\Windows\Migration
2016-11-04 19:46:41 ----D---- C:\Program Files\Common Files
2016-11-04 19:46:41 ----D---- C:\Program Files (x86)\Common Files
2016-11-04 19:43:50 ----RSD---- C:\Windows\assembly
2016-11-04 19:42:44 ----D---- C:\Windows\system32\DriverStore
2016-11-04 19:36:28 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-11-04 19:34:22 ----D---- C:\Windows\system32\catroot
2016-11-04 19:31:48 ----D---- C:\ProgramData\iolo
2016-11-04 19:30:39 ----SHD---- C:\System Volume Information
2016-11-04 19:30:21 ----D---- C:\Program Files\Sony
2016-11-04 19:29:11 ----D---- C:\Program Files (x86)\Sony
2016-11-04 19:25:12 ----D---- C:\AMD
2016-11-04 19:22:35 ----D---- C:\Windows\SYSWOW64\drivers
2016-11-04 19:22:24 ----D---- C:\Windows\Panther
2016-11-04 19:02:04 ----D---- C:\ProgramData\Sony Corporation
2016-11-04 18:26:41 ----D---- C:\Program Files (x86)\Google
2016-11-04 18:20:28 ----D---- C:\Users\Danka\AppData\Roaming\Media Player Classic
2016-11-04 18:19:50 ----D---- C:\Windows\Minidump
2016-11-04 18:10:52 ----D---- C:\Windows\Microsoft.NET
2016-11-04 18:01:42 ----D---- C:\Program Files (x86)\Opera
2016-11-04 18:01:01 ----D---- C:\Users\Danka\AppData\Roaming\Opera
2016-11-04 17:58:33 ----SD---- C:\Users\Danka\AppData\Roaming\Microsoft
2016-11-04 17:58:32 ----SD---- C:\ProgramData\Microsoft
2016-11-04 17:58:31 ----D---- C:\Windows\system32\drivers\UMDF
2016-11-04 17:11:40 ----D---- C:\Windows\system32\LogFiles
2016-11-04 15:54:39 ----D---- C:\Users\Danka\AppData\Roaming\SoftGrid Client
2016-10-25 09:10:33 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-24 09:14:05 ----D---- C:\Users\Danka\AppData\Roaming\Skype
2016-10-24 09:13:24 ----D---- C:\ProgramData\Skype
2016-10-18 17:50:15 ----RD---- C:\Program Files (x86)\Skype
2016-10-13 14:39:52 ----D---- C:\Program Files\Windows Media Player
2016-10-13 14:39:52 ----D---- C:\Program Files\Internet Explorer
2016-10-13 14:39:52 ----D---- C:\Program Files (x86)\Internet Explorer
2016-10-13 14:39:51 ----D---- C:\Program Files (x86)\Windows Media Player
2016-10-13 14:39:50 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-10-13 14:39:50 ----D---- C:\Windows\SYSWOW64\en-US
2016-10-13 14:39:50 ----D---- C:\Windows\SYSWOW64\Dism
2016-10-13 14:39:43 ----D---- C:\Windows\system32\sk-SK
2016-10-13 14:39:43 ----D---- C:\Windows\system32\en-US
2016-10-13 14:39:43 ----D---- C:\Windows\system32\Dism
2016-10-13 14:39:36 ----D---- C:\Windows\AppPatch
2016-10-13 14:39:34 ----D---- C:\Windows\system32\Boot
2016-10-13 14:39:33 ----SD---- C:\Windows\system32\CompatTel
2016-10-13 14:39:33 ----D---- C:\Windows\system32\appraiser
2016-10-13 14:39:31 ----D---- C:\Windows\system32\drivers\en-US
2016-10-13 14:39:29 ----D---- C:\Windows\sk-SK
2016-10-13 14:36:50 ----D---- C:\Program Files\Microsoft Silverlight
2016-10-13 14:36:48 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-10-12 14:23:53 ----D---- C:\Windows\system32\MRT
2016-10-12 14:23:41 ----AC---- C:\Windows\system32\MRT.exe
2016-10-12 14:18:50 ----D---- C:\Windows\Logs
2016-10-12 14:03:57 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-10-12 14:03:53 ----D---- C:\Windows\system32\Macromed
2016-10-12 14:03:50 ----D---- C:\Windows\SYSWOW64\Macromed
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-07-27 272640]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2016-02-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-09-26 254208]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2016-06-01 52992]
R0 avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-06-20 77056]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-03-04 540696]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2008-06-16 55024]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2016-05-13 163072]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-09-22 311552]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2016-09-20 265472]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2016-07-27 299264]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-11-04 27552]
R1 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2016-11-04 109272]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2010-06-23 94208]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [2010-06-23 78848]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-08 6661120]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-10-08 195584]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys [2010-05-31 299568]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-05-28 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-05-31 2357024]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2016-03-10 27008]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-11-11 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2016-03-10 64896]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-05-31 7689216]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-05-31 231328]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-04-26 12032]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-05-31 1573888]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-08 6661120]
S3 blackberryncm;BlackBerryNCM Service; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [2016-04-06 36360]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-23 342056]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-06-23 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-06-23 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-23 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-23 21544]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-22 48488]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-06-24 10326784]
S3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-05-28 158976]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-06-24 271872]
S3 LgBttPort;LGE Bluetooth TransPort; C:\Windows\system32\DRIVERS\lgbtpt64.sys []
S3 lgbusenum;LG Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\lgbtbs64.sys []
S3 LGVMODEM;LGE Virtual Modem; C:\Windows\system32\DRIVERS\lgvmdm64.sys []
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdcx64;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136]
S3 nmwcdx64;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmbx64.sys [2010-02-26 19456]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 semav6msr64;semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys []
S3 semav6thermal64ro;semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2010-02-26 9216]
S3 usbbus;LGE Mobile Composite USB Device; C:\Windows\system32\DRIVERS\lgx64bus.sys []
S3 UsbDiag;LGE Mobile USB Serial Port; C:\Windows\system32\DRIVERS\lgx64diag.sys []
S3 USBModem;LGE Mobile USB Modem; C:\Windows\system32\DRIVERS\lgx64modem.sys []
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys [2010-02-26 9216]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8; C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-10-08 202752]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [2016-10-13 5332384]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-09-13 1149712]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [2016-10-13 727512]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-08 952096]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-03-05 1425168]
R2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-05-28 268824]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-06-01 367456]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-03-05 831760]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-05-28 2320920]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2010-05-31 217968]
R2 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-06-21 575856]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-06-08 836608]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2016-03-18 76856]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [2016-03-31 1656600]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-12 270016]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-10-13 647864]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-01 867080]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-22 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-21 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-30 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-21 172488]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-05-25 613888]
S3 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-09-20 324224]
S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-06-20 108400]
S3 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-06-18 423280]
S3 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-06-20 67952]
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-06-09 384880]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pozostatok virusu?
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Pozostatok virusu?
Zdravim 
Spustte MBAM a nekde v protokolech zkuste najit vysledky jeho testu. Potreboval bych videt, co odstranil.
Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/
Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Spustte MBAM a nekde v protokolech zkuste najit vysledky jeho testu. Potreboval bych videt, co odstranil. Stahnete crystal disk info http://www.slunecnice.cz/sw/crystaldiskinfo/Nainstalujte (pozor na pripadne doplnky, ty odmitnete zrusenim zatrzitka) a spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pozostatok virusu?
s virusmi sa "pobil" 
aj AVG. prikladam aj vysledky hlasenia z AVG. dufam, ze to nebude na skodu! MBAM log sa mi nevosiel do samotnej spravy, nahrat ho tu vo formate .txt ani .xml mi nedovoli forum. mam teda log rozdelit?
Kontrola celého počítača
Vysoká závažnosť;"3";"3";"0"
Stredná závažnosť;"1";"1";"0"
Oznámenia;"2";"0";"2"
Prehľadané:;"Kontrola celého počítača"
Spustené:;"6. 11. 2016, 12:37:53"
Ukončené:;"6. 11. 2016, 14:47:44"
Počet položiek:;"279597"
Spustil:;"Danka"
Názov;"Opis";"Stav";"Stav";"Priorita"
C:\Users\Danka\AppData\Local\Mozilla\Firefox\Profiles\i26ejtr3.default-1478284543748\cache2\entries\6FDA00EC4383C52E5B8906FB0E0C6D9E972E72A5;"Súbor je podpísaný poškodeným digitálnym podpisom, ktorého vystavovateľom je: Malwarebytes Corporation.";"Oznámenie";"Nevyriešené";"Hlásenie"
C:\Windows\SysWOW64\mfc45.dll;"Poškodený spúšťací súbor";"Zabezpečené";"Vyliečený";"Stredný"
C:\Users\Danka\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\2c24b53-4d47e320;"Vírus nájdený XPL/Gen.DE.1958_40";"Zabezpečené";"Vyliečený";"Vysoký"
C:\Users\Danka\AppData\Local\Temp\amd-catalyst-15.7.1-without-dotnet45-win7-64bit.exe;"Súbor je podpísaný poškodeným digitálnym podpisom, ktorého vystavovateľom je: Advanced Micro Devices.";"Oznámenie";"Nevyriešené";"Hlásenie"
C:\Windows\inf\mseibec\mseibec.exe;"Trójsky kôň CoinMiner.WG";"Zabezpečené";"Vyliečený";"Vysoký"
C:\Windows\inf\msnsscyg\msnsscyg.exe;"Trójsky kôň CoinMiner.WG";"Zabezpečené";"Vyliečený";"Vysoký"
aj AVG. prikladam aj vysledky hlasenia z AVG. dufam, ze to nebude na skodu! MBAM log sa mi nevosiel do samotnej spravy, nahrat ho tu vo formate .txt ani .xml mi nedovoli forum. mam teda log rozdelit?Kontrola celého počítača
Vysoká závažnosť;"3";"3";"0"
Stredná závažnosť;"1";"1";"0"
Oznámenia;"2";"0";"2"
Prehľadané:;"Kontrola celého počítača"
Spustené:;"6. 11. 2016, 12:37:53"
Ukončené:;"6. 11. 2016, 14:47:44"
Počet položiek:;"279597"
Spustil:;"Danka"
Názov;"Opis";"Stav";"Stav";"Priorita"
C:\Users\Danka\AppData\Local\Mozilla\Firefox\Profiles\i26ejtr3.default-1478284543748\cache2\entries\6FDA00EC4383C52E5B8906FB0E0C6D9E972E72A5;"Súbor je podpísaný poškodeným digitálnym podpisom, ktorého vystavovateľom je: Malwarebytes Corporation.";"Oznámenie";"Nevyriešené";"Hlásenie"
C:\Windows\SysWOW64\mfc45.dll;"Poškodený spúšťací súbor";"Zabezpečené";"Vyliečený";"Stredný"
C:\Users\Danka\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\2c24b53-4d47e320;"Vírus nájdený XPL/Gen.DE.1958_40";"Zabezpečené";"Vyliečený";"Vysoký"
C:\Users\Danka\AppData\Local\Temp\amd-catalyst-15.7.1-without-dotnet45-win7-64bit.exe;"Súbor je podpísaný poškodeným digitálnym podpisom, ktorého vystavovateľom je: Advanced Micro Devices.";"Oznámenie";"Nevyriešené";"Hlásenie"
C:\Windows\inf\mseibec\mseibec.exe;"Trójsky kôň CoinMiner.WG";"Zabezpečené";"Vyliečený";"Vysoký"
C:\Windows\inf\msnsscyg\msnsscyg.exe;"Trójsky kôň CoinMiner.WG";"Zabezpečené";"Vyliečený";"Vysoký"
Re: Pozostatok virusu?
vysledok z crystal disk info:
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2016/11/12 16:34:59
-- Controller Map ----------------------------------------------------------
- Ricoh PCIe Memory Stick Host Controller [ATA]
- Ricoh PCIe SD Bus Host Adapter [ATA]
+ Intel(R) 5 Series 4 Port SATA AHCI Controller [ATA]
- SAMSUNG HM321HI
- MATSHITA DVD-RAM UJ890AS
-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HM321HI : 320,0 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) SAMSUNG HM321HI
----------------------------------------------------------------------------
Model : SAMSUNG HM321HI
Firmware : 2AJ100P5
Serial Number : S29NJ90Z902203
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : ---- | SATA/300
Power On Hours : 14336 hours
Power On Count : 6882 count
Temperature : 33 C (91 F)
Health Status : Good
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [OFF]
AAM Level : FE00h [OFF]
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 00000000000B Read Error Rate
02 252 252 __0 000000000000 Throughput Performance
03 _94 _93 _25 0000000007DF Spin-Up Time
04 _94 _94 __0 000000001AE8 Start/Stop Count
05 252 252 _10 000000000000 Reallocated Sectors Count
07 252 252 _51 000000000000 Seek Error Rate
08 252 252 _15 000000000000 Seek Time Performance
09 100 100 __0 000000003800 Power-On Hours
0A 252 252 _51 000000000000 Spin Retry Count
0B _97 _97 __0 000000000ECF Recalibration Retries
0C _94 _94 __0 000000001AE2 Power Cycle Count
BF 100 100 __0 000000000E75 G-Sense Error Rate
C0 252 252 __0 000000000000 Power-off Retract Count
C2 _64 _58 __0 002C000C0021 Temperature
C3 100 100 __0 000000000000 Hardware ECC recovered
C4 252 252 __0 000000000000 Reallocation Event Count
C5 252 252 __0 000000000000 Current Pending Sector Count
C6 252 252 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 100 __0 00000000241D Write Error Rate
DF _97 _97 __0 000000000ECF Load/Unload Retry Count
E1 _78 _78 __0 000000037C8A Load/Unload Cycle Count
FE 100 100 __0 000000000001 Free Fall Protection
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5332 394E 4A39 305A 3930 3232 3033 2020 2020 2020
020: 0000 4000 0004 3241 4A31 3030 5035 5341 4D53 554E
030: 4720 484D 3332 3148 4920 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FF 0028 746B 7F69 6123 7469 BC41 6123 407F 0026
090: 0026 0080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 4000 0000 5002 4E92
110: 034B AFD4 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 4000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 35A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 0B 00 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 5E 5D DF
020: 07 00 00 00 00 00 04 32 00 5E 5E E8 1A 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 00 38 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0B 32
070: 00 61 61 CF 0E 00 00 00 00 00 0C 32 00 5E 5E E2
080: 1A 00 00 00 00 00 BF 22 00 64 64 75 0E 00 00 00
090: 00 00 C0 22 00 FC FC 00 00 00 00 00 00 00 C2 02
0A0: 00 40 3A 21 00 0C 00 2C 00 00 C3 3A 00 64 64 00
0B0: 00 00 00 00 00 00 C4 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C5 32 00 FC FC 00 00 00 00 00 00 00 C6 30
0D0: 00 FC FC 00 00 00 00 00 00 00 C7 36 00 C8 C8 00
0E0: 00 00 00 00 00 00 C8 2A 00 64 64 1D 24 00 00 00
0F0: 00 00 DF 32 00 61 61 CF 0E 00 00 00 00 00 E1 32
100: 00 4E 4E 8A 7C 03 00 00 00 00 FE 32 00 64 64 01
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 18 84 12 00 5B
170: 03 00 01 00 02 4F 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DC
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0B 00
070: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
080: 00 00 00 00 00 00 BF 00 00 00 00 00 00 00 00 00
090: 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0B0: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 C8 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E1 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B
----------------------------------------------------------------------------
CrystalDiskInfo 7.0.4 (C) 2008-2016 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------
OS : Windows 7 Home Premium SP1 [6.1 Build 7601] (x64)
Date : 2016/11/12 16:34:59
-- Controller Map ----------------------------------------------------------
- Ricoh PCIe Memory Stick Host Controller [ATA]
- Ricoh PCIe SD Bus Host Adapter [ATA]
+ Intel(R) 5 Series 4 Port SATA AHCI Controller [ATA]
- SAMSUNG HM321HI
- MATSHITA DVD-RAM UJ890AS
-- Disk List ---------------------------------------------------------------
(1) SAMSUNG HM321HI : 320,0 GB [0/0/0, pd1]
----------------------------------------------------------------------------
(1) SAMSUNG HM321HI
----------------------------------------------------------------------------
Model : SAMSUNG HM321HI
Firmware : 2AJ100P5
Serial Number : S29NJ90Z902203
Disk Size : 320,0 GB (8,4/137,4/320,0/320,0)
Buffer Size : 8192 KB
Queue Depth : 32
# of Sectors : 625142448
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 6
Transfer Mode : ---- | SATA/300
Power On Hours : 14336 hours
Power On Count : 6882 count
Temperature : 33 C (91 F)
Health Status : Good
Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
APM Level : 0080h [OFF]
AAM Level : FE00h [OFF]
Drive Letter : C:
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 00000000000B Read Error Rate
02 252 252 __0 000000000000 Throughput Performance
03 _94 _93 _25 0000000007DF Spin-Up Time
04 _94 _94 __0 000000001AE8 Start/Stop Count
05 252 252 _10 000000000000 Reallocated Sectors Count
07 252 252 _51 000000000000 Seek Error Rate
08 252 252 _15 000000000000 Seek Time Performance
09 100 100 __0 000000003800 Power-On Hours
0A 252 252 _51 000000000000 Spin Retry Count
0B _97 _97 __0 000000000ECF Recalibration Retries
0C _94 _94 __0 000000001AE2 Power Cycle Count
BF 100 100 __0 000000000E75 G-Sense Error Rate
C0 252 252 __0 000000000000 Power-off Retract Count
C2 _64 _58 __0 002C000C0021 Temperature
C3 100 100 __0 000000000000 Hardware ECC recovered
C4 252 252 __0 000000000000 Reallocation Event Count
C5 252 252 __0 000000000000 Current Pending Sector Count
C6 252 252 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 100 __0 00000000241D Write Error Rate
DF _97 _97 __0 000000000ECF Load/Unload Retry Count
E1 _78 _78 __0 000000037C8A Load/Unload Cycle Count
FE 100 100 __0 000000000001 Free Fall Protection
-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5332 394E 4A39 305A 3930 3232 3033 2020 2020 2020
020: 0000 4000 0004 3241 4A31 3030 5035 5341 4D53 554E
030: 4720 484D 3332 3148 4920 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 1F06 0000 004C 004C
080: 01FF 0028 746B 7F69 6123 7469 BC41 6123 407F 0026
090: 0026 0080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: EAB0 2542 0000 0000 0000 0000 4000 0000 5002 4E92
110: 034B AFD4 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 4000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 101F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0400 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 35A5
-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 0B 00 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 5E 5D DF
020: 07 00 00 00 00 00 04 32 00 5E 5E E8 1A 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 00 38 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0B 32
070: 00 61 61 CF 0E 00 00 00 00 00 0C 32 00 5E 5E E2
080: 1A 00 00 00 00 00 BF 22 00 64 64 75 0E 00 00 00
090: 00 00 C0 22 00 FC FC 00 00 00 00 00 00 00 C2 02
0A0: 00 40 3A 21 00 0C 00 2C 00 00 C3 3A 00 64 64 00
0B0: 00 00 00 00 00 00 C4 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C5 32 00 FC FC 00 00 00 00 00 00 00 C6 30
0D0: 00 FC FC 00 00 00 00 00 00 00 C7 36 00 C8 C8 00
0E0: 00 00 00 00 00 00 C8 2A 00 64 64 1D 24 00 00 00
0F0: 00 00 DF 32 00 61 61 CF 0E 00 00 00 00 00 E1 32
100: 00 4E 4E 8A 7C 03 00 00 00 00 FE 32 00 64 64 01
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 18 84 12 00 5B
170: 03 00 01 00 02 4F 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DC
-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0B 00
070: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
080: 00 00 00 00 00 00 BF 00 00 00 00 00 00 00 00 00
090: 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0B0: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 C8 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E1 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3B
Re: Pozostatok virusu?
Na skodu to urcite neni, ale mne zajima hlavne ten MBAMDex4 píše:prikladam aj vysledky hlasenia z AVG. dufam, ze to nebude na skodu!
Bud ho rozdelte, nebo dejte treba na leteckou postu a sem dejte odkaz na stazeniDex4 píše:MBAM log sa mi nevosiel do samotnej spravy, nahrat ho tu vo formate .txt ani .xml mi nedovoli forum. mam teda log rozdelit?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pozostatok virusu?
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Udelejte novou kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pozostatok virusu?
log zo scanu:
# AdwCleaner v6.030 - *Logfile created 12/11/2016 *at 23:27:38
# *Updated on 19/10/2016 by Malwarebytes
# *Database : 2016-11-12.1 [*Server]
# *Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# *Username : Danka - DANKA-VAIO
# *Running from : C:\Users\Danka\Desktop\adwcleaner_6.030.exe
# *Mode: Clean
# *Support : hxxps://www.malwarebytes.com/support
***** [ *Services ] *****
***** [ *Folders ] *****
[-] *Folder deleted: C:\Users\Danka\AppData\Local\Winamp Toolbar
[-] *Folder deleted: C:\Users\Danka\AppData\LocalLow\Toolbar4
[-] *Folder deleted: C:\Users\Danka\AppData\Roaming\RHEng
[-] *Folder deleted: C:\Users\Danka\AppData\Local\VirtualStore\Program Files (x86)\Play
[-] *Folder deleted: C:\ProgramData\Partner
[-] *Folder deleted: C:\ProgramData\Winamp Toolbar
[#] *Folder deleted on reboot: C:\ProgramData\Application Data\Partner
[#] *Folder deleted on reboot: C:\ProgramData\Application Data\Winamp Toolbar
[-] *Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play
[-] *Folder deleted: C:\Program Files (x86)\Play
[-] *Folder deleted: C:\Program Files (x86)\Winamp Toolbar
***** [ *Files ] *****
[-] *File deleted: C:\Windows\SysNative\LavasoftTcpService64.dll
[-] *File deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[-] *File deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] *File deleted: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
[-] *Key deleted: HKU\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Classes\pokki
[#] *Key deleted on reboot: HKCU\Software\Classes\pokki
[-] *Key deleted: HKLM\SOFTWARE\Classes\PCSuiteContactsView
[-] *Key deleted: HKLM\SOFTWARE\Classes\PCSuiteMessagesView
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbRequest
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbTask
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
[#] *Key deleted on reboot: [x64] HKCU\Software\Classes\pokki
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\PCSuiteContactsView
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\PCSuiteMessagesView
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbRequest
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbTask
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
[-] *Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
[-] *Value deleted: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
[-] *Key deleted: HKU\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Conduit
[-] *Key deleted: HKU\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Winamp Toolbar
[-] *Key deleted: HKU\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\AppDataLow\Software\Conduit
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Somoto Toolbar
[#] *Key deleted on reboot: HKCU\Software\Conduit
[#] *Key deleted on reboot: HKCU\Software\Winamp Toolbar
[#] *Key deleted on reboot: HKCU\Software\AppDataLow\Software\Conduit
[-] *Key deleted: HKLM\SOFTWARE\Conduit
[-] *Key deleted: HKLM\SOFTWARE\Winamp Toolbar
[-] *Key deleted: HKLM\SOFTWARE\Lavasoft\Web Companion
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Somoto Toolbar
[#] *Key deleted on reboot: [x64] HKCU\Software\Conduit
[#] *Key deleted on reboot: [x64] HKCU\Software\Winamp Toolbar
[#] *Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Conduit
[-] *Key deleted: HKU\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
[-] *Key deleted: HKU\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[#] *Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
[#] *Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[-] *Key deleted: HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
[-] *Key deleted: HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
[-] *Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ *Browsers ] *****
*************************
:: *"Tracing" keys deleted
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [7621 *Bytes] - [12/11/2016 23:27:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [7214 *Bytes] - [12/11/2016 23:24:28]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7769 *Bytes] ##########
# AdwCleaner v6.030 - *Logfile created 12/11/2016 *at 23:27:38
# *Updated on 19/10/2016 by Malwarebytes
# *Database : 2016-11-12.1 [*Server]
# *Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# *Username : Danka - DANKA-VAIO
# *Running from : C:\Users\Danka\Desktop\adwcleaner_6.030.exe
# *Mode: Clean
# *Support : hxxps://www.malwarebytes.com/support
***** [ *Services ] *****
***** [ *Folders ] *****
[-] *Folder deleted: C:\Users\Danka\AppData\Local\Winamp Toolbar
[-] *Folder deleted: C:\Users\Danka\AppData\LocalLow\Toolbar4
[-] *Folder deleted: C:\Users\Danka\AppData\Roaming\RHEng
[-] *Folder deleted: C:\Users\Danka\AppData\Local\VirtualStore\Program Files (x86)\Play
[-] *Folder deleted: C:\ProgramData\Partner
[-] *Folder deleted: C:\ProgramData\Winamp Toolbar
[#] *Folder deleted on reboot: C:\ProgramData\Application Data\Partner
[#] *Folder deleted on reboot: C:\ProgramData\Application Data\Winamp Toolbar
[-] *Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Play
[-] *Folder deleted: C:\Program Files (x86)\Play
[-] *Folder deleted: C:\Program Files (x86)\Winamp Toolbar
***** [ *Files ] *****
[-] *File deleted: C:\Windows\SysNative\LavasoftTcpService64.dll
[-] *File deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[-] *File deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] *File deleted: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
***** [ DLL ] *****
***** [ WMI ] *****
***** [ *Shortcuts ] *****
***** [ *Scheduled Tasks ] *****
***** [ *Registry ] *****
[-] *Key deleted: HKU\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Classes\pokki
[#] *Key deleted on reboot: HKCU\Software\Classes\pokki
[-] *Key deleted: HKLM\SOFTWARE\Classes\PCSuiteContactsView
[-] *Key deleted: HKLM\SOFTWARE\Classes\PCSuiteMessagesView
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbRequest
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbTask
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
[-] *Key deleted: HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
[#] *Key deleted on reboot: [x64] HKCU\Software\Classes\pokki
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\PCSuiteContactsView
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\PCSuiteMessagesView
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbRequest
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbTask
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
[#] *Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] *Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
[-] *Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
[-] *Value deleted: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}]
[-] *Key deleted: HKU\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Conduit
[-] *Key deleted: HKU\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Winamp Toolbar
[-] *Key deleted: HKU\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\AppDataLow\Software\Conduit
[-] *Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Somoto Toolbar
[#] *Key deleted on reboot: HKCU\Software\Conduit
[#] *Key deleted on reboot: HKCU\Software\Winamp Toolbar
[#] *Key deleted on reboot: HKCU\Software\AppDataLow\Software\Conduit
[-] *Key deleted: HKLM\SOFTWARE\Conduit
[-] *Key deleted: HKLM\SOFTWARE\Winamp Toolbar
[-] *Key deleted: HKLM\SOFTWARE\Lavasoft\Web Companion
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Somoto Toolbar
[#] *Key deleted on reboot: [x64] HKCU\Software\Conduit
[#] *Key deleted on reboot: [x64] HKCU\Software\Winamp Toolbar
[#] *Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\Conduit
[-] *Key deleted: HKU\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
[-] *Key deleted: HKU\S-1-5-21-2123528404-2394967441-1748161603-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[#] *Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
[#] *Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[-] *Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
[#] *Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[-] *Key deleted: HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
[-] *Key deleted: HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
[-] *Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
***** [ *Browsers ] *****
*************************
:: *"Tracing" keys deleted
:: *Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [7621 *Bytes] - [12/11/2016 23:27:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [7214 *Bytes] - [12/11/2016 23:24:28]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7769 *Bytes] ##########
Re: Pozostatok virusu?
prikladam aj log z MBAM:
Malwarebytes Anti-Malware
www.malwarebytes.org
Dátum kontroly: 13. 11. 2016
Čas kontroly: 9:14
Protokol: mbam log 2.txt
Správca: Áno
Verzia: 2.2.1.1043
Dazabáza malware: v2016.11.13.04
Databáza rootkitov: v2016.10.31.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Zapnuté
OS: Windows 7 Service Pack 1
CPU: x64
Súborový systém: NTFS
Používateľ: Danka
Typ kontroly: Vlastná kontrola
Výsledok: Dokončená
Skontrolovaných objektov: 523373
Uplynulý čas: 3 hod, 30 min 47 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Zapnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 0
(Žiadne škodlivé položky neboli zistené)
Súbory: 0
(Žiadne škodlivé položky neboli zistené)
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Dátum kontroly: 13. 11. 2016
Čas kontroly: 9:14
Protokol: mbam log 2.txt
Správca: Áno
Verzia: 2.2.1.1043
Dazabáza malware: v2016.11.13.04
Databáza rootkitov: v2016.10.31.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Zapnuté
OS: Windows 7 Service Pack 1
CPU: x64
Súborový systém: NTFS
Používateľ: Danka
Typ kontroly: Vlastná kontrola
Výsledok: Dokončená
Skontrolovaných objektov: 523373
Uplynulý čas: 3 hod, 30 min 47 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Zapnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 0
(Žiadne škodlivé položky neboli zistené)
Súbory: 0
(Žiadne škodlivé položky neboli zistené)
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
Re: Pozostatok virusu?
MBAM odinstalujte. Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach (Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Pozostatok virusu?
Zialbohu, musel som PC vratit kamaratke, ktora ho uz potrebovala a nemozem tak asistovane cistenie uz dokoncit 
Dakujem velmi pekne za pomoc, velmi si to cenim a ospravedlnujem sa za takyto nahly koniec!
Dakujem velmi pekne za pomoc, velmi si to cenim a ospravedlnujem sa za takyto nahly koniec!
Re: Pozostatok virusu?
Neni proc se omlouvat, naopak, je fajn, ze jste dal vedet!
Kdyby to kamaradka chtela dokoncit, necham chvili tema otevrene.
Jinak nemate zac, mejte se
Kdyby to kamaradka chtela dokoncit, necham chvili tema otevrene.
Jinak nemate zac, mejte se
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?