Zavirovany PC
Napsal: 16 kvě 2014 19:15
Dobrý den,
nějak mi rodina zavirovala PC. Prosím o kontrolu a případně pomoc. Předem děkuji
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041
Run by Jirka at 20:08:22 on 2014-05-16
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4095.2015 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\MSMPENG.EXE
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\ARM\1.0\ARMSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Surftastic\updateSurftastic.exe
C:\PROGRAM FILES (X86)\SURFTASTIC\BIN\UTILSURFTASTIC.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\Windows\system32\Dwm.exe
C:\WINDOWS\EXPLORER.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
C:\PROGRAM FILES (X86)\WINDOWS SIDEBAR\SIDEBAR.EXE
D:\PROGRAM FILES (X86)\KIES\KIES.EXE
C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORUPDATE.EXE
D:\PROGRAM FILES (X86)\KIES\KIESTRAYAGENT.EXE
D:\PROGRAM FILES (X86)\DAEMON TOOLS LITE\DTSHELLHLP.EXE
C:\PROGRAM FILES (X86)\SURFTASTIC\BIN\SURFTASTIC.PURBROWSE64.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\PROGRAM FILES (X86)\SURFTASTIC\BIN\SURFTASTIC.BROWSERADAPTER.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE
C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\NISSRV.EXE
C:\WINDOWS\SYSTEM32\TASKENG.EXE
C:\PROGRAM FILES (X86)\NERO\UPDATE\NASVC.EXE
C:\PROGRAMDATA\BATTLE.NET\AGENT\AGENT.2880\AGENT.EXE
C:\WINDOWS\SYSTEM32\TASKENG.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPDMC.EXE
C:\PROGRAM FILES (X86)\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
C:\PROGRAM FILES (X86)\DIABLO III\DIABLO III.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE
C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\CSCRIPT.EXE
.
============== Pseudo HJT Report ===============
.
uSearch Page = www.bing.com
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
uRun: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
uRun: [KiesPreload] D:\Program Files (x86)\Kies\Kies.exe /preload
uRun: [KiesAirMessage] D:\Program Files (x86)\Kies\KiesAirMessage.exe -startup
uRun: [] D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
mRun: [KiesTrayAgent] D:\Program Files (x86)\Kies\KiesTrayAgent.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 37.44.16.254 37.44.17.254
TCP: Interfaces\{9E98D580-AB1F-4FD0-9AB5-353E9101719B} : NameServer = 192.168.1.1,8.8.8.8
TCP: Interfaces\{9E98D580-AB1F-4FD0-9AB5-353E9101719B} : DHCPNameServer = 37.44.16.254 37.44.17.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mSearch Page = www.bing.com
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
x64-Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R1 {01531192-f7ef-415f-a549-cfdb11836731}w64;{01531192-f7ef-415f-a549-cfdb11836731}w64;C:\Windows\System32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys [2014-4-28 61120]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-7-18 762192]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 133928]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;C:\Windows\System32\drivers\stflt.sys [2014-3-17 51496]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2014-3-17 1149104]
R2 Update Surftastic;Update Surftastic;C:\Program Files (x86)\Surftastic\updateSurftastic.exe [2014-3-13 317352]
R2 Util Surftastic;Util Surftastic;C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe [2014-3-14 317352]
R3 NisSrv;Kontrola sítě Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-12 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-12 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-3-18 108800]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-29 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-3-8 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-3-18 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\Windows\System32\drivers\ssudserd.sys [2014-3-18 206080]
S3 StorSvc;Služba úložiště;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2012-1-12 27648]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-8 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-3-8 30208]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-8 1255736]
.
=============== File Associations ===============
.
ShellExec: SC2Editor.exe: open="D:/Games/StarCraft II/Support/SC2Editor.exe" "%1"
ShellExec: SC2Switcher.exe: open="D:/Games/StarCraft II/Support/SC2Switcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-05-15 22:13:32 1031560 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{26599AAB-EBEB-4EB5-9AFA-05E8141A70D8}\gapaengine.dll
2014-05-15 22:13:20 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7974AADC-1F0A-406C-BBDF-DC1FF523624B}\mpengine.dll
2014-05-14 06:35:48 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-14 01:02:55 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-14 01:02:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-06 20:25:44 -------- d-s---w- C:\Windows\System32\CompatTel
2014-04-29 05:59:59 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-04-28 19:47:40 61120 ----a-w- C:\Windows\System32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys
2014-04-19 10:03:59 -------- d-----w- C:\Users\Jirka\AppData\Roaming\TS3Client
2014-04-19 10:03:51 -------- d-----w- C:\Program Files\TeamSpeak 3 Client
2014-04-19 09:20:45 34064 ----a-w- C:\Windows\SysWow64\lhacm.acm
2014-04-17 14:21:52 -------- d-----w- C:\Users\Jirka\AppData\Local\Adobe
.
==================== Find3M ====================
.
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-12 02:34:44 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:34:43 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:32:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-04-12 02:32:21 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-04-12 02:32:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-04-12 02:32:20 215552 ----a-w- C:\Windows\System32\winsrv.dll
2014-04-12 02:32:08 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:32:08 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:32:07 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:32:04 307712 ----a-w- C:\Windows\System32\ncrypt.dll
2014-04-12 02:32:04 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-04-12 02:32:01 1461248 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:31:57 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2014-04-12 02:31:56 463872 ----a-w- C:\Windows\System32\certcli.dll
2014-04-12 02:31:55 58368 ----a-w- C:\Windows\System32\appidapi.dll
2014-04-12 02:31:55 34304 ----a-w- C:\Windows\System32\appidsvc.dll
2014-04-12 02:31:44 112640 ----a-w- C:\Windows\System32\smss.exe
2014-04-12 02:31:33 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:31:24 338432 ----a-w- C:\Windows\System32\conhost.exe
2014-04-12 02:31:21 64000 ----a-w- C:\Windows\System32\auditpol.exe
2014-04-12 02:31:21 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2014-04-12 02:31:21 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2014-04-12 02:30:01 60416 ----a-w- C:\Windows\System32\msobjs.dll
2014-04-12 02:29:56 145920 ----a-w- C:\Windows\System32\msaudite.dll
2014-04-12 02:06:49 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:06:46 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-04-12 02:06:46 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-04-12 02:06:35 342528 ----a-w- C:\Windows\SysWow64\certcli.dll
2014-04-12 02:06:34 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2014-04-12 02:06:34 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-04-12 02:06:23 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-04-12 02:06:05 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2014-04-12 02:05:54 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-12 02:05:54 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-04-12 02:04:51 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2014-04-12 02:04:47 145920 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-04-12 01:34:45 61952 ----a-w- C:\Windows\System32\drivers\appid.sys
2014-04-12 01:03:16 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-04-12 01:03:15 2048 ----a-w- C:\Windows\SysWow64\user.exe
2014-04-12 01:00:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2014-04-12 01:00:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-12 01:00:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2014-04-12 01:00:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2014-04-05 08:12:51 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-31 20:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2014-03-31 20:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-03-17 19:17:51 51496 ----a-w- C:\Windows\System32\drivers\stflt.sys
2014-03-11 07:52:30 133928 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2014-03-08 13:54:46 381440 ----a-w- C:\Windows\System32\drivers\sptd.sys
2014-03-07 16:39:20 0 ----a-w- C:\Windows\ativpsrm.bin
2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll
2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-03-04 11:11:29 5553088 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-03-04 10:42:44 3974080 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2014-03-04 10:42:44 3918784 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2014-03-04 10:39:39 38912 ----a-w- C:\Windows\SysWow64\wincredprovider.dll
2014-03-04 10:39:27 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-03-04 10:39:25 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-03-04 10:39:22 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-03-04 10:39:17 260096 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-03-04 10:39:13 551424 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-03-04 10:39:08 49152 ----a-w- C:\Windows\SysWow64\dpapiprovider.dll
2014-03-04 10:39:08 39424 ----a-w- C:\Windows\SysWow64\dimsroam.dll
2014-03-04 10:39:07 56320 ----a-w- C:\Windows\SysWow64\cngprovider.dll
2014-03-04 10:39:07 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-03-04 10:39:06 53248 ----a-w- C:\Windows\SysWow64\capiprovider.dll
2014-03-04 10:39:05 51200 ----a-w- C:\Windows\SysWow64\adprovider.dll
2014-03-04 10:38:24 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2014-03-04 09:44:03 722944 ----a-w- C:\Windows\System32\objsel.dll
2014-03-04 09:17:19 538112 ----a-w- C:\Windows\SysWow64\objsel.dll
.
============= FINISH: 20:09:44,62 ===============
nějak mi rodina zavirovala PC. Prosím o kontrolu a případně pomoc. Předem děkuji
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041
Run by Jirka at 20:08:22 on 2014-05-16
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.4095.2015 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\MSMPENG.EXE
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\PROGRAM FILES (X86)\COMMON FILES\ADOBE\ARM\1.0\ARMSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Surftastic\updateSurftastic.exe
C:\PROGRAM FILES (X86)\SURFTASTIC\BIN\UTILSURFTASTIC.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\Windows\system32\Dwm.exe
C:\WINDOWS\EXPLORER.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
C:\PROGRAM FILES (X86)\WINDOWS SIDEBAR\SIDEBAR.EXE
D:\PROGRAM FILES (X86)\KIES\KIES.EXE
C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORUPDATE.EXE
D:\PROGRAM FILES (X86)\KIES\KIESTRAYAGENT.EXE
D:\PROGRAM FILES (X86)\DAEMON TOOLS LITE\DTSHELLHLP.EXE
C:\PROGRAM FILES (X86)\SURFTASTIC\BIN\SURFTASTIC.PURBROWSE64.EXE
C:\WINDOWS\SYSTEM32\SEARCHINDEXER.EXE
C:\PROGRAM FILES (X86)\SURFTASTIC\BIN\SURFTASTIC.BROWSERADAPTER.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE
C:\PROGRAM FILES\MICROSOFT SECURITY CLIENT\NISSRV.EXE
C:\WINDOWS\SYSTEM32\TASKENG.EXE
C:\PROGRAM FILES (X86)\NERO\UPDATE\NASVC.EXE
C:\PROGRAMDATA\BATTLE.NET\AGENT\AGENT.2880\AGENT.EXE
C:\WINDOWS\SYSTEM32\TASKENG.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPDMC.EXE
C:\PROGRAM FILES (X86)\WINDOWS MEDIA PLAYER\WMPLAYER.EXE
C:\PROGRAM FILES (X86)\DIABLO III\DIABLO III.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\WINDOWS\SYSTEM32\TASKHOST.EXE
C:\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE
C:\WINDOWS\SYSTEM32\SEARCHPROTOCOLHOST.EXE
C:\WINDOWS\SYSTEM32\SEARCHFILTERHOST.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
C:\WINDOWS\SYSTEM32\CSCRIPT.EXE
.
============== Pseudo HJT Report ===============
.
uSearch Page = www.bing.com
mWinlogon: Userinit = userinit.exe
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
uRun: [DAEMON Tools Lite] "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
uRun: [KiesPreload] D:\Program Files (x86)\Kies\Kies.exe /preload
uRun: [KiesAirMessage] D:\Program Files (x86)\Kies\KiesAirMessage.exe -startup
uRun: [] D:\Program Files (x86)\Kies\External\FirmwareUpdate\KiesPDLR.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
mRun: [KiesTrayAgent] D:\Program Files (x86)\Kies\KiesTrayAgent.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 37.44.16.254 37.44.17.254
TCP: Interfaces\{9E98D580-AB1F-4FD0-9AB5-353E9101719B} : NameServer = 192.168.1.1,8.8.8.8
TCP: Interfaces\{9E98D580-AB1F-4FD0-9AB5-353E9101719B} : DHCPNameServer = 37.44.16.254 37.44.17.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mSearch Page = www.bing.com
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
x64-Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R1 {01531192-f7ef-415f-a549-cfdb11836731}w64;{01531192-f7ef-415f-a549-cfdb11836731}w64;C:\Windows\System32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys [2014-4-28 61120]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2009-8-18 203264]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-7-18 762192]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2013-9-27 133928]
R2 sp_rsdrv2;Spyware Terminator Driver Filter;C:\Windows\System32\drivers\stflt.sys [2014-3-17 51496]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2014-3-17 1149104]
R2 Update Surftastic;Update Surftastic;C:\Program Files (x86)\Surftastic\updateSurftastic.exe [2014-3-13 317352]
R2 Util Surftastic;Util Surftastic;C:\Program Files (x86)\Surftastic\bin\utilSurftastic.exe [2014-3-14 317352]
R3 NisSrv;Kontrola sítě Microsoft;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-12 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-12 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-3-18 108800]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-29 111616]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-3-8 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-3-18 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\Windows\System32\drivers\ssudserd.sys [2014-3-18 206080]
S3 StorSvc;Služba úložiště;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2012-1-12 27648]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-8 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-3-8 30208]
S3 WatAdminSvc;Služba Technologie aktivace Windows;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-8 1255736]
.
=============== File Associations ===============
.
ShellExec: SC2Editor.exe: open="D:/Games/StarCraft II/Support/SC2Editor.exe" "%1"
ShellExec: SC2Switcher.exe: open="D:/Games/StarCraft II/Support/SC2Switcher.exe" "%1"
.
=============== Created Last 30 ================
.
2014-05-15 22:13:32 1031560 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{26599AAB-EBEB-4EB5-9AFA-05E8141A70D8}\gapaengine.dll
2014-05-15 22:13:20 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7974AADC-1F0A-406C-BBDF-DC1FF523624B}\mpengine.dll
2014-05-14 06:35:48 10651704 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-14 01:02:55 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-05-14 01:02:55 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-05-06 20:25:44 -------- d-s---w- C:\Windows\System32\CompatTel
2014-04-29 05:59:59 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-04-28 19:47:40 61120 ----a-w- C:\Windows\System32\drivers\{01531192-f7ef-415f-a549-cfdb11836731}w64.sys
2014-04-19 10:03:59 -------- d-----w- C:\Users\Jirka\AppData\Roaming\TS3Client
2014-04-19 10:03:51 -------- d-----w- C:\Program Files\TeamSpeak 3 Client
2014-04-19 09:20:45 34064 ----a-w- C:\Windows\SysWow64\lhacm.acm
2014-04-17 14:21:52 -------- d-----w- C:\Users\Jirka\AppData\Local\Adobe
.
==================== Find3M ====================
.
2014-05-09 06:14:03 477184 ----a-w- C:\Windows\System32\aepdu.dll
2014-05-09 06:11:23 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-04-12 02:34:44 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-04-12 02:34:43 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-04-12 02:32:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
2014-04-12 02:32:21 243712 ----a-w- C:\Windows\System32\wow64.dll
2014-04-12 02:32:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2014-04-12 02:32:20 215552 ----a-w- C:\Windows\System32\winsrv.dll
2014-04-12 02:32:08 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-04-12 02:32:08 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-04-12 02:32:07 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-04-12 02:32:04 307712 ----a-w- C:\Windows\System32\ncrypt.dll
2014-04-12 02:32:04 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2014-04-12 02:32:01 1461248 ----a-w- C:\Windows\System32\lsasrv.dll
2014-04-12 02:31:57 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2014-04-12 02:31:56 463872 ----a-w- C:\Windows\System32\certcli.dll
2014-04-12 02:31:55 58368 ----a-w- C:\Windows\System32\appidapi.dll
2014-04-12 02:31:55 34304 ----a-w- C:\Windows\System32\appidsvc.dll
2014-04-12 02:31:44 112640 ----a-w- C:\Windows\System32\smss.exe
2014-04-12 02:31:33 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-04-12 02:31:24 338432 ----a-w- C:\Windows\System32\conhost.exe
2014-04-12 02:31:21 64000 ----a-w- C:\Windows\System32\auditpol.exe
2014-04-12 02:31:21 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2014-04-12 02:31:21 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2014-04-12 02:30:01 60416 ----a-w- C:\Windows\System32\msobjs.dll
2014-04-12 02:29:56 145920 ----a-w- C:\Windows\System32\msaudite.dll
2014-04-12 02:06:49 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-04-12 02:06:46 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-04-12 02:06:46 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2014-04-12 02:06:35 342528 ----a-w- C:\Windows\SysWow64\certcli.dll
2014-04-12 02:06:34 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2014-04-12 02:06:34 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2014-04-12 02:06:23 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2014-04-12 02:06:05 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2014-04-12 02:05:54 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-04-12 02:05:54 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2014-04-12 02:04:51 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2014-04-12 02:04:47 145920 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-04-12 01:34:45 61952 ----a-w- C:\Windows\System32\drivers\appid.sys
2014-04-12 01:03:16 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2014-04-12 01:03:15 2048 ----a-w- C:\Windows\SysWow64\user.exe
2014-04-12 01:00:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2014-04-12 01:00:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2014-04-12 01:00:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2014-04-12 01:00:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2014-04-05 08:12:51 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-31 20:46:48 130712 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2014-03-31 20:46:48 1070232 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX
2014-03-17 19:17:51 51496 ----a-w- C:\Windows\System32\drivers\stflt.sys
2014-03-11 07:52:30 133928 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2014-03-08 13:54:46 381440 ----a-w- C:\Windows\System32\drivers\sptd.sys
2014-03-07 16:39:20 0 ----a-w- C:\Windows\ativpsrm.bin
2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-03-06 08:57:34 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll
2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-03-06 08:02:33 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll
2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-03-04 11:11:29 5553088 ----a-w- C:\Windows\System32\ntoskrnl.exe
2014-03-04 10:42:44 3974080 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2014-03-04 10:42:44 3918784 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2014-03-04 10:39:39 38912 ----a-w- C:\Windows\SysWow64\wincredprovider.dll
2014-03-04 10:39:27 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-03-04 10:39:25 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-03-04 10:39:22 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-03-04 10:39:17 260096 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-03-04 10:39:13 551424 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-03-04 10:39:08 49152 ----a-w- C:\Windows\SysWow64\dpapiprovider.dll
2014-03-04 10:39:08 39424 ----a-w- C:\Windows\SysWow64\dimsroam.dll
2014-03-04 10:39:07 56320 ----a-w- C:\Windows\SysWow64\cngprovider.dll
2014-03-04 10:39:07 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-03-04 10:39:06 53248 ----a-w- C:\Windows\SysWow64\capiprovider.dll
2014-03-04 10:39:05 51200 ----a-w- C:\Windows\SysWow64\adprovider.dll
2014-03-04 10:38:24 275456 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2014-03-04 09:44:03 722944 ----a-w- C:\Windows\System32\objsel.dll
2014-03-04 09:17:19 538112 ----a-w- C:\Windows\SysWow64\objsel.dll
.
============= FINISH: 20:09:44,62 ===============
Stahnete Junkware Removal Tool 
