Prosím o kontrolu. Preventivně.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-11-2014 03
Ran by Tereza (administrator) on MOLLY on 17-11-2014 17:34:30
Running from C:\Users\Tereza\Downloads
Loaded Profile: Tereza (Available profiles: UpdatusUser & Tereza)
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avira GmbH) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768 2011-01-10] (Avira GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1942424 2014-09-22] (APN)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-25] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-03-27] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1355792 2011-03-08] (Gemfor s.r.o.)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\MountPoints2: {7f91514e-6f16-11e3-be78-6c71d997701a} - "F:\Autorun.exe"
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\MountPoints2: {93c6f07d-9e4c-11e3-be83-74d02bbfcfab} - "F:\Startme.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-14] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\S-1-5-21-1915464551-1954478582-3578973987-1002 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.111.1.2 109.205.75.156
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-25]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.eurocarvik.opeldealer.cz/vozy-k-odb ... opel.xhtml
CHR StartupUrls: Default -> "hxxp://10.102.136.1/login"
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefi ... earchTerms}
CHR Profile: C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Disk Google) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (YouTube) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (Peněženka Google) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR Extension: (Gmail) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2014-09-22]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2014-09-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-25]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [122608 2011-03-08] (Gemfor s.r.o.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [135336 2011-01-10] (Avira GmbH)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [267944 2011-01-10] (Avira GmbH)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-09-22] (APN LLC.)
S3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-03-27] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-25] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
S3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
S3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-03-27] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-25] ()
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [83120 2011-01-10] (Avira GmbH)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [116568 2011-01-10] (Avira GmbH)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-03-27] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 massfilter; system32\drivers\massfilter.sys [X]
U0 msahci; No ImagePath
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-17 17:34 - 2014-11-17 17:35 - 00016207 _____ () C:\Users\Tereza\Downloads\FRST.txt
2014-11-17 17:34 - 2014-11-17 17:34 - 00000000 ____D () C:\FRST
2014-11-17 17:32 - 2014-11-17 17:32 - 02117120 _____ (Farbar) C:\Users\Tereza\Downloads\FRST64.exe
2014-11-16 23:12 - 2014-11-16 23:12 - 00068600 _____ () C:\Users\Tereza\Downloads\Greys-Anatomy-11x07.zip
2014-11-16 17:19 - 2014-11-16 17:31 - 222485886 _____ () C:\Users\Tereza\Downloads\Greys.Anatomy.S11E07.HDTV.x264-LOL.mp4
2014-11-16 16:33 - 2014-10-30 01:53 - 00713672 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-16 16:33 - 2014-10-30 01:53 - 00106432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-14 18:40 - 2014-11-14 18:40 - 00008434 _____ () C:\Windows\DPINST.LOG
2014-11-13 07:48 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 07:48 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 07:47 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 07:47 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 07:47 - 2014-10-18 09:44 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 07:47 - 2014-10-18 08:05 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 07:47 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 07:47 - 2014-10-11 08:44 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-13 07:47 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-11-13 07:47 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 07:47 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-11-13 07:47 - 2014-10-11 06:41 - 00713728 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 07:47 - 2014-10-11 06:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 07:47 - 2014-10-11 06:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 07:47 - 2014-10-11 06:04 - 00713728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 07:47 - 2014-10-03 02:21 - 00522728 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 07:47 - 2014-10-02 23:29 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 07:47 - 2014-10-02 23:29 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 07:47 - 2014-10-02 23:29 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-13 07:47 - 2014-10-02 00:05 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 07:47 - 2014-09-25 00:29 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 07:47 - 2014-09-25 00:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-11-13 07:47 - 2014-09-25 00:01 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 07:47 - 2014-09-25 00:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-11-13 07:47 - 2014-09-03 03:21 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-11-13 07:46 - 2014-11-05 07:40 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-13 07:46 - 2014-11-05 07:38 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-13 07:46 - 2014-11-05 04:16 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-13 07:46 - 2014-10-11 08:45 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-11-13 07:46 - 2014-10-11 08:44 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 07:46 - 2014-10-11 08:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-13 07:46 - 2014-10-11 08:43 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-13 07:46 - 2014-10-11 06:58 - 08858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-11-13 07:46 - 2014-10-11 06:57 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 07:46 - 2014-10-11 06:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-13 07:46 - 2014-10-11 06:56 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-13 07:46 - 2014-09-22 06:53 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-11-13 07:46 - 2014-09-13 07:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-13 07:46 - 2014-09-06 01:46 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-11-13 07:46 - 2014-09-03 03:48 - 00457728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-11-13 07:46 - 2014-09-03 03:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-11-13 07:46 - 2014-09-03 03:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-11-13 07:46 - 2014-09-03 03:21 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-11-13 07:46 - 2014-08-29 05:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-11-13 07:46 - 2014-08-29 05:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-11-13 07:46 - 2014-08-29 05:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-11-13 07:46 - 2014-08-29 05:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-11-13 07:46 - 2014-08-28 07:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2014-11-13 07:46 - 2014-08-28 07:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-11-13 07:46 - 2014-08-28 06:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-11-13 07:46 - 2014-08-28 06:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-11-13 07:46 - 2014-08-28 06:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2014-11-13 07:46 - 2014-08-28 06:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
2014-11-13 07:46 - 2014-08-26 23:08 - 00270024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-11-13 07:46 - 2014-07-24 14:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-11-13 07:45 - 2014-10-26 02:56 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 07:45 - 2014-10-26 02:56 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 07:45 - 2014-10-26 02:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-11-13 07:45 - 2014-10-26 02:56 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-11-13 07:45 - 2014-10-26 02:56 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 07:45 - 2014-10-26 02:55 - 19284480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 07:45 - 2014-10-26 02:55 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 07:45 - 2014-10-26 02:55 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 07:45 - 2014-10-26 02:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 07:45 - 2014-10-26 02:53 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 07:45 - 2014-10-26 01:36 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 13758464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 07:45 - 2014-10-26 01:34 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 07:45 - 2014-10-26 01:19 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 07:45 - 2014-10-26 01:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 07:45 - 2014-10-25 22:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-11-10 19:22 - 2014-11-14 18:44 - 00483286 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 09:04 - 2014-11-16 23:09 - 00006024 _____ () C:\Windows\PFRO.log
2014-11-10 09:04 - 2014-11-16 16:32 - 00430088 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-09 12:08 - 2014-11-09 12:08 - 00010757 _____ () C:\Users\Tereza\Desktop\Untitled2.ods
2014-11-09 12:08 - 2014-11-09 12:08 - 00000104 ____H () C:\Users\Tereza\Desktop\.~lock.Untitled 1.ods#
2014-11-08 21:52 - 2014-11-08 21:59 - 00000000 ____D () C:\Users\Tereza\Desktop\100ANDRO
2014-11-08 17:35 - 2014-10-25 21:41 - 1179827260 _____ () C:\Users\Tereza\Desktop\Fakju-pane-uciteli-CZ-dab..avi
2014-11-04 20:36 - 2014-11-04 20:36 - 00000000 ____D () C:\Users\Tereza\Desktop\mytýsek
2014-11-02 19:17 - 2014-11-02 19:17 - 00001992 _____ () C:\Users\Public\Desktop\NHL 2001.lnk
2014-11-02 19:16 - 2014-11-02 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA SPORTS
2014-11-02 19:13 - 2014-11-02 19:13 - 00000000 ____D () C:\Program Files (x86)\EA SPORTS
2014-11-02 17:57 - 2014-11-02 17:57 - 00011664 _____ () C:\Users\Tereza\Desktop\Untitled 1.ods
2014-11-02 12:52 - 2014-11-02 13:11 - 00000000 ____D () C:\Users\Tereza\Desktop\peugeot307
2014-11-01 17:17 - 2014-11-01 17:19 - 00000000 ____D () C:\Users\Tereza\Desktop\OpenOfficePortable
2014-11-01 17:16 - 2014-11-01 17:16 - 93893672 _____ (PortableApps.com) C:\Users\Tereza\Downloads\OpenOfficePortable_3.2.0_English.paf (1).exe
2014-10-29 20:02 - 2014-10-31 20:32 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2014-10-29 12:15 - 2014-10-22 04:34 - 00010777 _____ () C:\Windows\system32\AutoconfigV2.cab
2014-10-29 12:15 - 2014-10-22 04:33 - 00581016 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2014-10-29 12:15 - 2014-10-22 04:33 - 00462760 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-10-29 12:15 - 2014-10-22 02:08 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-29 12:15 - 2014-10-22 02:08 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 12:15 - 2014-10-22 02:01 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-29 12:15 - 2014-10-22 02:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-10-29 12:15 - 2014-10-22 02:01 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 12:15 - 2014-10-22 02:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2014-10-23 14:17 - 2014-10-23 14:18 - 00000000 ____D () C:\Users\Tereza\Desktop\Molly
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-17 17:34 - 2013-12-28 13:52 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-17 16:00 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-11-17 15:34 - 2013-12-27 16:55 - 00000000 ____D () C:\Users\Tereza\AppData\Local\Packages
2014-11-17 14:29 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-11-17 13:29 - 2013-12-28 13:55 - 00000000 ____D () C:\Users\Tereza\AppData\Local\CrashDumps
2014-11-17 12:51 - 2012-08-02 19:06 - 00727488 _____ () C:\Windows\system32\perfh005.dat
2014-11-17 12:51 - 2012-08-02 19:06 - 00148006 _____ () C:\Windows\system32\perfc005.dat
2014-11-17 12:51 - 2012-07-26 08:28 - 01714430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-17 12:45 - 2013-12-28 13:52 - 00000968 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-17 12:44 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-17 09:46 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-11-16 23:29 - 2013-12-28 13:52 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 23:29 - 2013-12-28 13:52 - 00003708 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 23:12 - 2014-08-25 22:00 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-16 17:19 - 2014-06-26 18:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-16 16:47 - 2014-02-06 18:06 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-14 18:44 - 2014-07-13 19:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-14 18:40 - 2014-02-27 21:53 - 00002028 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-11-14 18:40 - 2014-02-27 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-11-14 18:39 - 2013-06-01 07:40 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-13 14:41 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-13 14:35 - 2013-12-29 21:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 14:29 - 2013-12-29 21:18 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-08 17:31 - 2014-06-26 17:39 - 00000000 ____D () C:\Users\Tereza\AppData\Roaming\vlc
2014-11-04 00:26 - 2014-05-14 20:23 - 00000000 ____D () C:\Users\Tereza\Desktop\Lucka mobil
2014-10-29 20:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-10-29 18:31 - 2013-12-28 13:55 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 12:21 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-11 20:09
==================== End Of Log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Preventivka
Zdravim 
Nejprve si rozmyslete, ktery antivir chcete pouzivat. Bezi tam Avast a Avira. Za sebe doporucuji ponechat Avast a Aviru odinstalovat. Volba je samozrejme ale na vas.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Nejprve si rozmyslete, ktery antivir chcete pouzivat. Bezi tam Avast a Avira. Za sebe doporucuji ponechat Avast a Aviru odinstalovat. Volba je samozrejme ale na vas. Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Taky zdravím 
1.) Aviru jsem odinstalovala, nechala jsem Avast
2.) tady máte to co mi vyjelo, jak jste poradil
# AdwCleaner v4.101 - Report created 17/11/2014 at 19:23:25
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 8 (64 bits)
# Username : Tereza - MOLLY
# Running from : C:\Users\Tereza\Desktop\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : APNMCP
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Users\Tereza\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Tereza\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Tereza\AppData\Roaming\OpenCandy
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.17148
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R0].txt - [1578 octets] - [17/11/2014 19:20:58]
AdwCleaner[S0].txt - [1470 octets] - [17/11/2014 19:23:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1530 octets] ##########
1.) Aviru jsem odinstalovala, nechala jsem Avast
2.) tady máte to co mi vyjelo, jak jste poradil
# AdwCleaner v4.101 - Report created 17/11/2014 at 19:23:25
# Updated 09/11/2014 by Xplode
# Database : 2014-11-16.1 [Live]
# Operating System : Windows 8 (64 bits)
# Username : Tereza - MOLLY
# Running from : C:\Users\Tereza\Desktop\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : APNMCP
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Users\Tereza\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Tereza\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Tereza\AppData\Roaming\OpenCandy
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.17148
-\\ Google Chrome v38.0.2125.111
*************************
AdwCleaner[R0].txt - [1578 octets] - [17/11/2014 19:20:58]
AdwCleaner[S0].txt - [1470 octets] - [17/11/2014 19:23:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1530 octets] ##########
Re: Preventivka
Vyborne 
Odinstalujte jeste Spybot - Search & Destroy, program je zastaraly, cili k nicemu. A navic muze byt v konfliktu s antivirem.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Odinstalujte jeste Spybot - Search & Destroy, program je zastaraly, cili k nicemu. A navic muze byt v konfliktu s antivirem. Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Tak trvalo to dlouho, ale už to vyjelo. Tamten program jsem podle pokynů vymazala
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 17. 11. 2014
Čas skenování: 19:40:51
Protokol: MBAM.txt
Správce: Ano
Verze: 2.00.3.1025
Databáze malwaru: v2014.11.17.06
Databáze rootkitů: v2014.11.12.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto
OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Tereza
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 561029
Uplynulý čas: 2 hod, 6 min, 39 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 2
PUP.Optional.Unizeto, C:\$Recycle.Bin\S-1-5-21-1915464551-1954478582-3578973987-1002\$RE7I36S.exe, , [6a705fdd5b21a294f0e6855fa85937c9],
PUP.Optional.Bandoo, C:\Users\Tereza\Downloads\iLividSetup-r1236-n-bc.exe, , [8f4bcb713a4274c2c27c4ed5e21ffa06],
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 17. 11. 2014
Čas skenování: 19:40:51
Protokol: MBAM.txt
Správce: Ano
Verze: 2.00.3.1025
Databáze malwaru: v2014.11.17.06
Databáze rootkitů: v2014.11.12.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto
OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Tereza
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 561029
Uplynulý čas: 2 hod, 6 min, 39 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 2
PUP.Optional.Unizeto, C:\$Recycle.Bin\S-1-5-21-1915464551-1954478582-3578973987-1002\$RE7I36S.exe, , [6a705fdd5b21a294f0e6855fa85937c9],
PUP.Optional.Bandoo, C:\Users\Tereza\Downloads\iLividSetup-r1236-n-bc.exe, , [8f4bcb713a4274c2c27c4ed5e21ffa06],
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
Re: Preventivka
Sikulka
Nalezy hodte do karanteny. Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Nalezy hodte do karanteny. Po restartu pc test zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Zdravíčko omlouvám se za delší dobu, než jsem provedla poslední pokyny. Neměla jsem čas a ty skeny trvaly strašně dlouho. Každopádně tady je poslední výsledek:
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 20. 11. 2014
Čas skenování: 19:21:38
Protokol: MBAM2.txt
Správce: Ano
Verze: 2.00.3.1025
Databáze malwaru: v2014.11.20.06
Databáze rootkitů: v2014.11.18.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto
OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Tereza
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 562679
Uplynulý čas: 2 hod, 5 min, 12 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 0
(Žádné zákerné zjištěny položek)
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
omlouvám se za delší dobu, než jsem provedla poslední pokyny. Neměla jsem čas a ty skeny trvaly strašně dlouho. Každopádně tady je poslední výsledek:Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 20. 11. 2014
Čas skenování: 19:21:38
Protokol: MBAM2.txt
Správce: Ano
Verze: 2.00.3.1025
Databáze malwaru: v2014.11.20.06
Databáze rootkitů: v2014.11.18.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto
OS: Windows 8
CPU: x64
Souborový systém: NTFS
Uživatel: Tereza
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 562679
Uplynulý čas: 2 hod, 5 min, 12 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 0
(Žádné zákerné zjištěny položek)
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
Re: Preventivka
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
tak dávám požadovaný log
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014
Ran by Tereza (administrator) on MOLLY on 23-11-2014 17:32:59
Running from C:\Users\Tereza\Downloads
Loaded Profiles: Tereza & (Available profiles: UpdatusUser & Tereza)
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-25] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-03-27] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1355792 2011-03-08] (Gemfor s.r.o.)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\MountPoints2: {7f91514e-6f16-11e3-be78-6c71d997701a} - "F:\Autorun.exe"
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\MountPoints2: {93c6f07d-9e4c-11e3-be83-74d02bbfcfab} - "F:\Startme.exe"
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1355792 2011-03-08] (Gemfor s.r.o.)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7f91514e-6f16-11e3-be78-6c71d997701a} - "F:\Autorun.exe"
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {93c6f07d-9e4c-11e3-be83-74d02bbfcfab} - "F:\Startme.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-14] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKU\S-1-5-21-1915464551-1954478582-3578973987-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1915464551-1954478582-3578973987-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.111.1.2 109.205.75.156
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-25]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.eurocarvik.opeldealer.cz/vozy-k-odb ... opel.xhtml
CHR StartupUrls: Default -> "hxxp://10.102.136.1/login"
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefi ... earchTerms}
CHR Profile: C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Disk Google) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (YouTube) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (Peněženka Google) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR Extension: (Gmail) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-25]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [122608 2011-03-08] (Gemfor s.r.o.)
S3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-03-27] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-25] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
S3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
S3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-03-27] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-25] ()
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-03-27] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 massfilter; system32\drivers\massfilter.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U0 msahci; No ImagePath
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-23 17:32 - 2014-11-23 17:32 - 00000000 ____D () C:\Users\Tereza\Downloads\FRST-OlderVersion
2014-11-23 17:26 - 2014-11-23 17:26 - 37353725 _____ () C:\Users\Tereza\Downloads\Greys.Anatomy.S11E08.HDTV.x264-LOL.mp4.crdownload
2014-11-17 19:38 - 2014-11-17 19:38 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Tereza\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-17 19:38 - 2014-11-17 19:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-17 19:35 - 2014-11-17 19:35 - 00000085 _____ () C:\Windows\wininit.ini
2014-11-17 19:20 - 2014-11-17 19:23 - 00000000 ____D () C:\AdwCleaner
2014-11-17 19:19 - 2014-11-17 19:19 - 02140160 _____ () C:\Users\Tereza\Desktop\adwcleaner_4.101.exe
2014-11-17 17:50 - 2014-11-17 17:50 - 04646656 _____ () C:\Users\Tereza\Downloads\BANDIZIP-SETUP.EXE
2014-11-17 17:50 - 2014-11-17 17:50 - 00000930 _____ () C:\Users\Public\Desktop\Bandizip.lnk
2014-11-17 17:50 - 2014-11-17 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip
2014-11-17 17:50 - 2014-11-17 17:50 - 00000000 ____D () C:\Program Files\Bandizip
2014-11-17 17:48 - 2014-11-17 17:48 - 00030341 _____ () C:\Users\Tereza\Desktop\Addition.txt
2014-11-17 17:36 - 2014-11-17 17:37 - 00030341 _____ () C:\Users\Tereza\Downloads\Addition.txt
2014-11-17 17:34 - 2014-11-23 17:33 - 00016448 _____ () C:\Users\Tereza\Downloads\FRST.txt
2014-11-17 17:34 - 2014-11-23 17:33 - 00000000 ____D () C:\FRST
2014-11-17 17:32 - 2014-11-23 17:32 - 02118144 _____ (Farbar) C:\Users\Tereza\Downloads\FRST64.exe
2014-11-16 23:12 - 2014-11-16 23:12 - 00068600 _____ () C:\Users\Tereza\Downloads\Greys-Anatomy-11x07.zip
2014-11-16 17:19 - 2014-11-16 17:31 - 222485886 _____ () C:\Users\Tereza\Downloads\Greys.Anatomy.S11E07.HDTV.x264-LOL.mp4
2014-11-16 16:33 - 2014-10-30 01:53 - 00713672 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-16 16:33 - 2014-10-30 01:53 - 00106432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-14 18:40 - 2014-11-14 18:40 - 00008434 _____ () C:\Windows\DPINST.LOG
2014-11-13 07:48 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 07:48 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 07:47 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 07:47 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 07:47 - 2014-10-18 09:44 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 07:47 - 2014-10-18 08:05 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 07:47 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 07:47 - 2014-10-11 08:44 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-13 07:47 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-11-13 07:47 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 07:47 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-11-13 07:47 - 2014-10-11 06:41 - 00713728 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 07:47 - 2014-10-11 06:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 07:47 - 2014-10-11 06:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 07:47 - 2014-10-11 06:04 - 00713728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 07:47 - 2014-10-03 02:21 - 00522728 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 07:47 - 2014-10-02 23:29 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 07:47 - 2014-10-02 23:29 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 07:47 - 2014-10-02 23:29 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-13 07:47 - 2014-10-02 00:05 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 07:47 - 2014-09-25 00:29 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 07:47 - 2014-09-25 00:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-11-13 07:47 - 2014-09-25 00:01 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 07:47 - 2014-09-25 00:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-11-13 07:47 - 2014-09-03 03:21 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-11-13 07:46 - 2014-11-05 07:40 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-13 07:46 - 2014-11-05 07:38 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-13 07:46 - 2014-11-05 04:16 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-13 07:46 - 2014-10-11 08:45 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-11-13 07:46 - 2014-10-11 08:44 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 07:46 - 2014-10-11 08:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-13 07:46 - 2014-10-11 08:43 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-13 07:46 - 2014-10-11 06:58 - 08858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-11-13 07:46 - 2014-10-11 06:57 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 07:46 - 2014-10-11 06:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-13 07:46 - 2014-10-11 06:56 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-13 07:46 - 2014-09-22 06:53 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-11-13 07:46 - 2014-09-13 07:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-13 07:46 - 2014-09-06 01:46 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-11-13 07:46 - 2014-09-03 03:48 - 00457728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-11-13 07:46 - 2014-09-03 03:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-11-13 07:46 - 2014-09-03 03:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-11-13 07:46 - 2014-09-03 03:21 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-11-13 07:46 - 2014-08-29 05:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-11-13 07:46 - 2014-08-29 05:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-11-13 07:46 - 2014-08-29 05:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-11-13 07:46 - 2014-08-29 05:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-11-13 07:46 - 2014-08-28 07:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2014-11-13 07:46 - 2014-08-28 07:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-11-13 07:46 - 2014-08-28 06:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-11-13 07:46 - 2014-08-28 06:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-11-13 07:46 - 2014-08-28 06:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2014-11-13 07:46 - 2014-08-28 06:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
2014-11-13 07:46 - 2014-08-26 23:08 - 00270024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-11-13 07:46 - 2014-07-24 14:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-11-13 07:45 - 2014-10-26 02:56 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 07:45 - 2014-10-26 02:56 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 07:45 - 2014-10-26 02:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-11-13 07:45 - 2014-10-26 02:56 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-11-13 07:45 - 2014-10-26 02:56 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 07:45 - 2014-10-26 02:55 - 19284480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 07:45 - 2014-10-26 02:55 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 07:45 - 2014-10-26 02:55 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 07:45 - 2014-10-26 02:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 07:45 - 2014-10-26 02:53 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 07:45 - 2014-10-26 01:36 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 13758464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 07:45 - 2014-10-26 01:34 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 07:45 - 2014-10-26 01:19 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 07:45 - 2014-10-26 01:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 07:45 - 2014-10-25 22:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-11-10 19:22 - 2014-11-14 18:44 - 00483286 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 09:04 - 2014-11-20 13:01 - 00010830 _____ () C:\Windows\PFRO.log
2014-11-10 09:04 - 2014-11-16 16:32 - 00430088 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-09 12:08 - 2014-11-09 12:08 - 00010757 _____ () C:\Users\Tereza\Desktop\Untitled2.ods
2014-11-09 12:08 - 2014-11-09 12:08 - 00000104 ____H () C:\Users\Tereza\Desktop\.~lock.Untitled 1.ods#
2014-11-08 21:52 - 2014-11-08 21:59 - 00000000 ____D () C:\Users\Tereza\Desktop\100ANDRO
2014-11-08 17:35 - 2014-10-25 21:41 - 1179827260 _____ () C:\Users\Tereza\Desktop\Fakju-pane-uciteli-CZ-dab..avi
2014-11-04 20:36 - 2014-11-04 20:36 - 00000000 ____D () C:\Users\Tereza\Desktop\mytýsek
2014-11-02 19:17 - 2014-11-02 19:17 - 00001992 _____ () C:\Users\Public\Desktop\NHL 2001.lnk
2014-11-02 19:16 - 2014-11-02 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA SPORTS
2014-11-02 19:13 - 2014-11-02 19:13 - 00000000 ____D () C:\Program Files (x86)\EA SPORTS
2014-11-02 17:57 - 2014-11-02 17:57 - 00011664 _____ () C:\Users\Tereza\Desktop\Untitled 1.ods
2014-11-02 12:52 - 2014-11-02 13:11 - 00000000 ____D () C:\Users\Tereza\Desktop\peugeot307
2014-11-01 17:17 - 2014-11-01 17:19 - 00000000 ____D () C:\Users\Tereza\Desktop\OpenOfficePortable
2014-11-01 17:16 - 2014-11-01 17:16 - 93893672 _____ (PortableApps.com) C:\Users\Tereza\Downloads\OpenOfficePortable_3.2.0_English.paf (1).exe
2014-10-29 20:02 - 2014-10-31 20:32 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2014-10-29 12:15 - 2014-10-22 04:34 - 00010777 _____ () C:\Windows\system32\AutoconfigV2.cab
2014-10-29 12:15 - 2014-10-22 04:33 - 00581016 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2014-10-29 12:15 - 2014-10-22 04:33 - 00462760 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-10-29 12:15 - 2014-10-22 02:08 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-29 12:15 - 2014-10-22 02:08 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 12:15 - 2014-10-22 02:01 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-29 12:15 - 2014-10-22 02:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-10-29 12:15 - 2014-10-22 02:01 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 12:15 - 2014-10-22 02:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-23 17:30 - 2014-08-25 21:12 - 00000000 ____D () C:\Users\Tereza\AppData\Roaming\Samsung
2014-11-23 17:30 - 2014-08-25 21:11 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-11-23 17:30 - 2013-06-01 07:40 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-23 17:27 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-11-21 15:34 - 2013-12-28 13:52 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-20 23:34 - 2013-12-28 13:52 - 00000968 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-20 13:34 - 2013-12-28 13:55 - 00000000 ____D () C:\Users\Tereza\AppData\Local\CrashDumps
2014-11-20 13:08 - 2012-08-02 19:06 - 00727488 _____ () C:\Windows\system32\perfh005.dat
2014-11-20 13:08 - 2012-08-02 19:06 - 00148006 _____ () C:\Windows\system32\perfc005.dat
2014-11-20 13:08 - 2012-07-26 08:28 - 01714430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-20 13:03 - 2014-08-25 22:00 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-20 13:01 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-20 05:52 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-11-19 22:36 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-11-17 19:35 - 2014-06-26 18:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-17 19:35 - 2014-06-26 18:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-17 15:34 - 2013-12-27 16:55 - 00000000 ____D () C:\Users\Tereza\AppData\Local\Packages
2014-11-17 14:29 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-11-16 23:29 - 2013-12-28 13:52 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 23:29 - 2013-12-28 13:52 - 00003708 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 16:47 - 2014-02-06 18:06 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-14 18:44 - 2014-07-13 19:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-14 18:40 - 2014-02-27 21:53 - 00002028 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-11-14 18:40 - 2014-02-27 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-11-13 14:41 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-13 14:35 - 2013-12-29 21:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 14:29 - 2013-12-29 21:18 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-08 17:31 - 2014-06-26 17:39 - 00000000 ____D () C:\Users\Tereza\AppData\Roaming\vlc
2014-11-04 00:26 - 2014-05-14 20:23 - 00000000 ____D () C:\Users\Tereza\Desktop\Lucka mobil
2014-10-29 20:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-10-29 18:31 - 2013-12-28 13:55 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 12:21 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Some content of TEMP:
====================
C:\Users\Tereza\AppData\Local\Temp\binkw32.dll
C:\Users\Tereza\AppData\Local\Temp\Core.dll
C:\Users\Tereza\AppData\Local\Temp\Engine.dll
C:\Users\Tereza\AppData\Local\Temp\IFC23.dll
C:\Users\Tereza\AppData\Local\Temp\msvci70.dll
C:\Users\Tereza\AppData\Local\Temp\msvci70d.dll
C:\Users\Tereza\AppData\Local\Temp\msvcirt.dll
C:\Users\Tereza\AppData\Local\Temp\msvcp70.dll
C:\Users\Tereza\AppData\Local\Temp\msvcp70d.dll
C:\Users\Tereza\AppData\Local\Temp\msvcp71.dll
C:\Users\Tereza\AppData\Local\Temp\msvcp71d.dll
C:\Users\Tereza\AppData\Local\Temp\MSVCR70.dll
C:\Users\Tereza\AppData\Local\Temp\MSVCR70d.dll
C:\Users\Tereza\AppData\Local\Temp\MSVCR71.dll
C:\Users\Tereza\AppData\Local\Temp\MSVCR71d.dll
C:\Users\Tereza\AppData\Local\Temp\MSVCRt.dll
C:\Users\Tereza\AppData\Local\Temp\ogg.dll
C:\Users\Tereza\AppData\Local\Temp\ogg_d.dll
C:\Users\Tereza\AppData\Local\Temp\protect.dll
C:\Users\Tereza\AppData\Local\Temp\protect.exe
C:\Users\Tereza\AppData\Local\Temp\Quarantine.exe
C:\Users\Tereza\AppData\Local\Temp\Setup.exe
C:\Users\Tereza\AppData\Local\Temp\sqlite3.dll
C:\Users\Tereza\AppData\Local\Temp\TouchURL.exe
C:\Users\Tereza\AppData\Local\Temp\vorbis.dll
C:\Users\Tereza\AppData\Local\Temp\vorbisfile.dll
C:\Users\Tereza\AppData\Local\Temp\vorbisfile_d.dll
C:\Users\Tereza\AppData\Local\Temp\vorbis_d.dll
C:\Users\Tereza\AppData\Local\Temp\Window.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-21 14:54
==================== End Of Log ============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014
Ran by Tereza (administrator) on MOLLY on 23-11-2014 17:32:59
Running from C:\Users\Tereza\Downloads
Loaded Profiles: Tereza & (Available profiles: UpdatusUser & Tereza)
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-25] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-03-27] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1355792 2011-03-08] (Gemfor s.r.o.)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\MountPoints2: {7f91514e-6f16-11e3-be78-6c71d997701a} - "F:\Autorun.exe"
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\MountPoints2: {93c6f07d-9e4c-11e3-be83-74d02bbfcfab} - "F:\Startme.exe"
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1355792 2011-03-08] (Gemfor s.r.o.)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7f91514e-6f16-11e3-be78-6c71d997701a} - "F:\Autorun.exe"
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {93c6f07d-9e4c-11e3-be83-74d02bbfcfab} - "F:\Startme.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-14] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKU\S-1-5-21-1915464551-1954478582-3578973987-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1915464551-1954478582-3578973987-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.111.1.2 109.205.75.156
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-25]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.eurocarvik.opeldealer.cz/vozy-k-odb ... opel.xhtml
CHR StartupUrls: Default -> "hxxp://10.102.136.1/login"
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefi ... earchTerms}
CHR Profile: C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Disk Google) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (YouTube) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Vyhledávání Google) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (Peněženka Google) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-28]
CHR Extension: (Gmail) - C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-25]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [122608 2011-03-08] (Gemfor s.r.o.)
S3 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227968 2013-03-27] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-25] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
S3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
S3 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-03-27] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-25] ()
S3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-16] (ASUS Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-03-27] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 massfilter; system32\drivers\massfilter.sys [X]
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
U0 msahci; No ImagePath
S3 ZTEusbmdm6k; \SystemRoot\system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; \SystemRoot\system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; \SystemRoot\system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-23 17:32 - 2014-11-23 17:32 - 00000000 ____D () C:\Users\Tereza\Downloads\FRST-OlderVersion
2014-11-23 17:26 - 2014-11-23 17:26 - 37353725 _____ () C:\Users\Tereza\Downloads\Greys.Anatomy.S11E08.HDTV.x264-LOL.mp4.crdownload
2014-11-17 19:38 - 2014-11-17 19:38 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Tereza\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-17 19:38 - 2014-11-17 19:38 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-17 19:35 - 2014-11-17 19:35 - 00000085 _____ () C:\Windows\wininit.ini
2014-11-17 19:20 - 2014-11-17 19:23 - 00000000 ____D () C:\AdwCleaner
2014-11-17 19:19 - 2014-11-17 19:19 - 02140160 _____ () C:\Users\Tereza\Desktop\adwcleaner_4.101.exe
2014-11-17 17:50 - 2014-11-17 17:50 - 04646656 _____ () C:\Users\Tereza\Downloads\BANDIZIP-SETUP.EXE
2014-11-17 17:50 - 2014-11-17 17:50 - 00000930 _____ () C:\Users\Public\Desktop\Bandizip.lnk
2014-11-17 17:50 - 2014-11-17 17:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip
2014-11-17 17:50 - 2014-11-17 17:50 - 00000000 ____D () C:\Program Files\Bandizip
2014-11-17 17:48 - 2014-11-17 17:48 - 00030341 _____ () C:\Users\Tereza\Desktop\Addition.txt
2014-11-17 17:36 - 2014-11-17 17:37 - 00030341 _____ () C:\Users\Tereza\Downloads\Addition.txt
2014-11-17 17:34 - 2014-11-23 17:33 - 00016448 _____ () C:\Users\Tereza\Downloads\FRST.txt
2014-11-17 17:34 - 2014-11-23 17:33 - 00000000 ____D () C:\FRST
2014-11-17 17:32 - 2014-11-23 17:32 - 02118144 _____ (Farbar) C:\Users\Tereza\Downloads\FRST64.exe
2014-11-16 23:12 - 2014-11-16 23:12 - 00068600 _____ () C:\Users\Tereza\Downloads\Greys-Anatomy-11x07.zip
2014-11-16 17:19 - 2014-11-16 17:31 - 222485886 _____ () C:\Users\Tereza\Downloads\Greys.Anatomy.S11E07.HDTV.x264-LOL.mp4
2014-11-16 16:33 - 2014-10-30 01:53 - 00713672 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-16 16:33 - 2014-10-30 01:53 - 00106432 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-14 18:40 - 2014-11-14 18:40 - 00008434 _____ () C:\Windows\DPINST.LOG
2014-11-13 07:48 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 07:48 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 07:47 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 07:47 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 07:47 - 2014-10-18 09:44 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 07:47 - 2014-10-18 08:05 - 00567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 07:47 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 07:47 - 2014-10-11 08:44 - 03248640 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-13 07:47 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-11-13 07:47 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 07:47 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-11-13 07:47 - 2014-10-11 06:41 - 00713728 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 07:47 - 2014-10-11 06:41 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 07:47 - 2014-10-11 06:05 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 07:47 - 2014-10-11 06:04 - 00713728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 07:47 - 2014-10-03 02:21 - 00522728 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 07:47 - 2014-10-02 23:29 - 00783872 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 07:47 - 2014-10-02 23:29 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 07:47 - 2014-10-02 23:29 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-13 07:47 - 2014-10-02 00:05 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 07:47 - 2014-09-25 00:29 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 07:47 - 2014-09-25 00:29 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-11-13 07:47 - 2014-09-25 00:01 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 07:47 - 2014-09-25 00:01 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-11-13 07:47 - 2014-09-03 03:21 - 00623104 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-11-13 07:46 - 2014-11-05 07:40 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-13 07:46 - 2014-11-05 07:38 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-13 07:46 - 2014-11-05 04:16 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-13 07:46 - 2014-10-11 08:45 - 10115072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-11-13 07:46 - 2014-10-11 08:44 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 07:46 - 2014-10-11 08:44 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-13 07:46 - 2014-10-11 08:43 - 02307072 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-13 07:46 - 2014-10-11 06:58 - 08858624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-11-13 07:46 - 2014-10-11 06:57 - 02416640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 07:46 - 2014-10-11 06:57 - 00295424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-13 07:46 - 2014-10-11 06:56 - 02037760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-13 07:46 - 2014-09-22 06:53 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-11-13 07:46 - 2014-09-13 07:24 - 02233152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-13 07:46 - 2014-09-06 01:46 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-11-13 07:46 - 2014-09-03 03:48 - 00457728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-11-13 07:46 - 2014-09-03 03:48 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-11-13 07:46 - 2014-09-03 03:22 - 00188928 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-11-13 07:46 - 2014-09-03 03:21 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-11-13 07:46 - 2014-08-29 05:17 - 02043392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-11-13 07:46 - 2014-08-29 05:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-11-13 07:46 - 2014-08-29 05:04 - 02837504 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-11-13 07:46 - 2014-08-29 05:04 - 00309248 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-11-13 07:46 - 2014-08-28 07:04 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSCOMEX.dll
2014-11-13 07:46 - 2014-08-28 07:04 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-11-13 07:46 - 2014-08-28 06:59 - 00616448 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-11-13 07:46 - 2014-08-28 06:59 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-11-13 07:46 - 2014-08-28 06:59 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2014-11-13 07:46 - 2014-08-28 06:59 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\FXST30.dll
2014-11-13 07:46 - 2014-08-26 23:08 - 00270024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-11-13 07:46 - 2014-07-24 14:12 - 00328512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-11-13 07:45 - 2014-10-26 02:56 - 02237952 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 07:45 - 2014-10-26 02:56 - 01409536 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 07:45 - 2014-10-26 02:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-11-13 07:45 - 2014-10-26 02:56 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-11-13 07:45 - 2014-10-26 02:56 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 07:45 - 2014-10-26 02:55 - 19284480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 07:45 - 2014-10-26 02:55 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 07:45 - 2014-10-26 02:55 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 07:45 - 2014-10-26 02:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 07:45 - 2014-10-26 02:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 07:45 - 2014-10-26 02:53 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 07:45 - 2014-10-26 01:36 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 01181696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 07:45 - 2014-10-26 01:35 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 13758464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 07:45 - 2014-10-26 01:34 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 07:45 - 2014-10-26 01:34 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 07:45 - 2014-10-26 01:19 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 07:45 - 2014-10-26 01:13 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 07:45 - 2014-10-25 22:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-11-10 19:22 - 2014-11-14 18:44 - 00483286 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 09:04 - 2014-11-20 13:01 - 00010830 _____ () C:\Windows\PFRO.log
2014-11-10 09:04 - 2014-11-16 16:32 - 00430088 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-09 12:08 - 2014-11-09 12:08 - 00010757 _____ () C:\Users\Tereza\Desktop\Untitled2.ods
2014-11-09 12:08 - 2014-11-09 12:08 - 00000104 ____H () C:\Users\Tereza\Desktop\.~lock.Untitled 1.ods#
2014-11-08 21:52 - 2014-11-08 21:59 - 00000000 ____D () C:\Users\Tereza\Desktop\100ANDRO
2014-11-08 17:35 - 2014-10-25 21:41 - 1179827260 _____ () C:\Users\Tereza\Desktop\Fakju-pane-uciteli-CZ-dab..avi
2014-11-04 20:36 - 2014-11-04 20:36 - 00000000 ____D () C:\Users\Tereza\Desktop\mytýsek
2014-11-02 19:17 - 2014-11-02 19:17 - 00001992 _____ () C:\Users\Public\Desktop\NHL 2001.lnk
2014-11-02 19:16 - 2014-11-02 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA SPORTS
2014-11-02 19:13 - 2014-11-02 19:13 - 00000000 ____D () C:\Program Files (x86)\EA SPORTS
2014-11-02 17:57 - 2014-11-02 17:57 - 00011664 _____ () C:\Users\Tereza\Desktop\Untitled 1.ods
2014-11-02 12:52 - 2014-11-02 13:11 - 00000000 ____D () C:\Users\Tereza\Desktop\peugeot307
2014-11-01 17:17 - 2014-11-01 17:19 - 00000000 ____D () C:\Users\Tereza\Desktop\OpenOfficePortable
2014-11-01 17:16 - 2014-11-01 17:16 - 93893672 _____ (PortableApps.com) C:\Users\Tereza\Downloads\OpenOfficePortable_3.2.0_English.paf (1).exe
2014-10-29 20:02 - 2014-10-31 20:32 - 00000000 ____D () C:\Windows\system32\AutoUpdateLicense
2014-10-29 12:15 - 2014-10-22 04:34 - 00010777 _____ () C:\Windows\system32\AutoconfigV2.cab
2014-10-29 12:15 - 2014-10-22 04:33 - 00581016 _____ (Microsoft Corporation) C:\Windows\system32\AutoUpdate.exe
2014-10-29 12:15 - 2014-10-22 04:33 - 00462760 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-10-29 12:15 - 2014-10-22 02:08 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-10-29 12:15 - 2014-10-22 02:08 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 12:15 - 2014-10-22 02:01 - 00695808 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-10-29 12:15 - 2014-10-22 02:01 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-10-29 12:15 - 2014-10-22 02:01 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 12:15 - 2014-10-22 02:00 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-23 17:30 - 2014-08-25 21:12 - 00000000 ____D () C:\Users\Tereza\AppData\Roaming\Samsung
2014-11-23 17:30 - 2014-08-25 21:11 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-11-23 17:30 - 2013-06-01 07:40 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-23 17:27 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\system32\sru
2014-11-21 15:34 - 2013-12-28 13:52 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-20 23:34 - 2013-12-28 13:52 - 00000968 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-20 13:34 - 2013-12-28 13:55 - 00000000 ____D () C:\Users\Tereza\AppData\Local\CrashDumps
2014-11-20 13:08 - 2012-08-02 19:06 - 00727488 _____ () C:\Windows\system32\perfh005.dat
2014-11-20 13:08 - 2012-08-02 19:06 - 00148006 _____ () C:\Windows\system32\perfc005.dat
2014-11-20 13:08 - 2012-07-26 08:28 - 01714430 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-20 13:03 - 2014-08-25 22:00 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-11-20 13:01 - 2012-07-26 08:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-20 05:52 - 2012-07-26 06:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-11-19 22:36 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-11-17 19:35 - 2014-06-26 18:33 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-11-17 19:35 - 2014-06-26 18:33 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-17 15:34 - 2013-12-27 16:55 - 00000000 ____D () C:\Users\Tereza\AppData\Local\Packages
2014-11-17 14:29 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\rescache
2014-11-16 23:29 - 2013-12-28 13:52 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 23:29 - 2013-12-28 13:52 - 00003708 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-16 16:47 - 2014-02-06 18:06 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-14 18:44 - 2014-07-13 19:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ___RD () C:\Windows\ToastData
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-14 18:44 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-14 18:40 - 2014-02-27 21:53 - 00002028 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-11-14 18:40 - 2014-02-27 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-11-13 14:41 - 2012-07-26 08:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-13 14:35 - 2013-12-29 21:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 14:29 - 2013-12-29 21:18 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-08 17:31 - 2014-06-26 17:39 - 00000000 ____D () C:\Users\Tereza\AppData\Roaming\vlc
2014-11-04 00:26 - 2014-05-14 20:23 - 00000000 ____D () C:\Users\Tereza\Desktop\Lucka mobil
2014-10-29 20:02 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\WinStore
2014-10-29 18:31 - 2013-12-28 13:55 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-27 12:21 - 2012-07-26 09:12 - 00000000 ____D () C:\Windows\AUInstallAgent
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
Some content of TEMP:
====================
C:\Users\Tereza\AppData\Local\Temp\binkw32.dll
C:\Users\Tereza\AppData\Local\Temp\Core.dll
C:\Users\Tereza\AppData\Local\Temp\Engine.dll
C:\Users\Tereza\AppData\Local\Temp\IFC23.dll
C:\Users\Tereza\AppData\Local\Temp\msvci70.dll
C:\Users\Tereza\AppData\Local\Temp\msvci70d.dll
C:\Users\Tereza\AppData\Local\Temp\msvcirt.dll
C:\Users\Tereza\AppData\Local\Temp\msvcp70.dll
C:\Users\Tereza\AppData\Local\Temp\msvcp70d.dll
C:\Users\Tereza\AppData\Local\Temp\msvcp71.dll
C:\Users\Tereza\AppData\Local\Temp\msvcp71d.dll
C:\Users\Tereza\AppData\Local\Temp\MSVCR70.dll
C:\Users\Tereza\AppData\Local\Temp\MSVCR70d.dll
C:\Users\Tereza\AppData\Local\Temp\MSVCR71.dll
C:\Users\Tereza\AppData\Local\Temp\MSVCR71d.dll
C:\Users\Tereza\AppData\Local\Temp\MSVCRt.dll
C:\Users\Tereza\AppData\Local\Temp\ogg.dll
C:\Users\Tereza\AppData\Local\Temp\ogg_d.dll
C:\Users\Tereza\AppData\Local\Temp\protect.dll
C:\Users\Tereza\AppData\Local\Temp\protect.exe
C:\Users\Tereza\AppData\Local\Temp\Quarantine.exe
C:\Users\Tereza\AppData\Local\Temp\Setup.exe
C:\Users\Tereza\AppData\Local\Temp\sqlite3.dll
C:\Users\Tereza\AppData\Local\Temp\TouchURL.exe
C:\Users\Tereza\AppData\Local\Temp\vorbis.dll
C:\Users\Tereza\AppData\Local\Temp\vorbisfile.dll
C:\Users\Tereza\AppData\Local\Temp\vorbisfile_d.dll
C:\Users\Tereza\AppData\Local\Temp\vorbis_d.dll
C:\Users\Tereza\AppData\Local\Temp\Window.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-21 14:54
==================== End Of Log ============================
Re: Preventivka
To ale nebylo podle navodu 
Ale nevadi.
Presunte FRST na plochu!
Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Ale nevadi. Presunte FRST na plochu! Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
CHR HomePage: Default -> hxxp://www.eurocarvik.opeldealer.cz/voz ... opel.xhtml
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
já jsem tak blbá! pardon, já od návodu odběhla na chvíli v půlce a pak jsem asi myslela, že sem to přečetla a nějakjsem to zmatlala!!! 
každopádně děkuju! Teď by snad mělo být vše přesně:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-11-2014
Ran by Tereza at 2014-11-23 20:32:33 Run:1
Running from C:\Users\Tereza\Desktop
Loaded Profiles: Tereza & (Available profiles: UpdatusUser & Tereza)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-10-15] (Sony)
HKU\S-1-5-21-1915464551-1954478582-3578973987-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTer ... &pc=ASU2JS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
CHR HomePage: Default -> hxxp://www.eurocarvik.opeldealer.cz/voz ... opel.xhtml
CHR DefaultSuggestURL: Default -> http://ssmsp.ask.com/query?sstype=prefi ... earchTerms}
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value deleted successfully.
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\Sony PC Companion => value deleted successfully.
HKU\S-1-5-21-1915464551-1954478582-3578973987-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1915464551-1954478582-3578973987-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-1915464551-1954478582-3578973987-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => Key deleted successfully.
"HKCR\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => Key deleted successfully.
"HKCR\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}" => Key deleted successfully.
Chrome HomePage deleted successfully.
Chrome DefaultSuggestURL not detected.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 402.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Re: Preventivka
V pohode, nic se nedeje
Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe . Navod zde http://forum.viry.cz/viewtopic.php?f=30&t=130787
Dejte log z RSITx64 http://images.malwareremoval.com/random/RSITx64.exe . Navod zde http://forum.viry.cz/viewtopic.php?f=30&t=130787
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
Dobrý večer
tak tady dle návodu:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tereza at 2014-11-25 20:44:58
Microsoft Windows 8
System drive C: has 136 GB (48%) free of 286 GB
Total RAM: 3982 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:00, on 25. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Tereza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9388 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\system32\svchost.exe -k imgsvc
dashost.exe {4a41c353-1a6a-4a00-9bc70343b527cd46}
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
ngservice.exe pipeserver
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4004.0.318676157\2016867317" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4004.42.371078575\419985960" /prefetch:673131151
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4004.60.811818344\1270872258" /prefetch:673131151
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tereza\Downloads\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-03-27 66688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-23 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-23 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-03-27 132736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2011-03-08 1355792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-09-03 40312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2012-11-23 3187360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [2012-08-31 3423104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4]
c:\windows\temp\DisableS3S464\sethigh.cmd []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-12-13 399984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-12-13 172144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-03-08 1278024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-04-10 13519432]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-11-23 5226600]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-03-27 132736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-13 442880]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-25 20:41:12 ----D---- C:\Program Files\trend micro
2014-11-25 20:41:11 ----D---- C:\rsit
2014-11-23 20:36:44 ----D---- C:\Windows\SYSWOW64\vbox
2014-11-23 20:36:44 ----D---- C:\Windows\system32\vbox
2014-11-23 17:46:49 ----A---- C:\Windows\system32\aswBoot.exe
2014-11-23 17:46:44 ----A---- C:\Windows\avastSS.scr
2014-11-17 19:38:59 ----D---- C:\ProgramData\Malwarebytes
2014-11-17 19:35:05 ----A---- C:\Windows\wininit.ini
2014-11-17 19:20:51 ----D---- C:\AdwCleaner
2014-11-17 17:50:40 ----D---- C:\Program Files\Bandizip
2014-11-17 17:34:05 ----D---- C:\FRST
2014-11-16 16:33:31 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-13 07:48:03 ----A---- C:\Windows\system32\msxml3.dll
2014-11-13 07:48:02 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-13 07:47:55 ----A---- C:\Windows\system32\schannel.dll
2014-11-13 07:47:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-13 07:47:49 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-13 07:47:48 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-13 07:47:43 ----A---- C:\Windows\system32\win32k.sys
2014-11-13 07:47:36 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-13 07:47:34 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-13 07:47:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-13 07:47:31 ----A---- C:\Windows\system32\SHCore.dll
2014-11-13 07:47:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-13 07:47:31 ----A---- C:\Windows\system32\adtschema.dll
2014-11-13 07:47:30 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-11-13 07:47:29 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-13 07:47:29 ----A---- C:\Windows\system32\msaudite.dll
2014-11-13 07:47:21 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-13 07:47:21 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-13 07:47:20 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-13 07:47:20 ----A---- C:\Windows\system32\packager.dll
2014-11-13 07:47:14 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-13 07:47:14 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-13 07:47:13 ----A---- C:\Windows\system32\EncDump.dll
2014-11-13 07:47:13 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-13 07:47:07 ----A---- C:\Windows\system32\dnsapi.dll
2014-11-13 07:46:59 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-11-13 07:46:59 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-13 07:46:58 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-13 07:46:58 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-13 07:46:58 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-11-13 07:46:58 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-11-13 07:46:57 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-11-13 07:46:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-11-13 07:46:57 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-11-13 07:46:57 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-13 07:46:56 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-11-13 07:46:56 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-11-13 07:46:56 ----A---- C:\Windows\system32\FXST30.dll
2014-11-13 07:46:56 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-13 07:46:56 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-13 07:46:55 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-13 07:46:44 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-13 07:46:44 ----A---- C:\Windows\system32\msi.dll
2014-11-13 07:46:40 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-13 07:46:40 ----A---- C:\Windows\system32\twinui.dll
2014-11-13 07:46:39 ----A---- C:\Windows\system32\authui.dll
2014-11-13 07:46:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-13 07:46:38 ----A---- C:\Windows\system32\msihnd.dll
2014-11-13 07:46:37 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-13 07:46:18 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-13 07:46:17 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-13 07:46:13 ----A---- C:\Windows\system32\aepdu.dll
2014-11-13 07:46:12 ----A---- C:\Windows\system32\generaltel.dll
2014-11-13 07:46:11 ----A---- C:\Windows\system32\aeinv.dll
2014-11-13 07:45:46 ----A---- C:\Windows\system32\mshtml.dll
2014-11-13 07:45:40 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-13 07:45:35 ----A---- C:\Windows\system32\ieframe.dll
2014-11-13 07:45:34 ----A---- C:\Windows\system32\wininet.dll
2014-11-13 07:45:34 ----A---- C:\Windows\system32\iertutil.dll
2014-11-13 07:45:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-13 07:45:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-13 07:45:32 ----A---- C:\Windows\system32\urlmon.dll
2014-11-13 07:45:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-13 07:45:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-13 07:45:29 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-13 07:45:29 ----A---- C:\Windows\system32\uxtheme.dll
2014-11-13 07:45:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-13 07:45:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-13 07:45:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-13 07:45:28 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-13 07:45:26 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-13 07:45:26 ----A---- C:\Windows\system32\jscript9.dll
2014-11-13 07:45:25 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-13 07:45:25 ----A---- C:\Windows\system32\jscript.dll
2014-11-13 07:45:25 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-13 07:45:24 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-13 07:45:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-13 07:45:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-13 07:45:24 ----A---- C:\Windows\system32\msrating.dll
2014-11-13 07:45:24 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-13 07:45:24 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-13 07:45:24 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-13 07:45:23 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-11-13 07:45:23 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-13 07:45:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-13 07:45:23 ----A---- C:\Windows\system32\UXInit.dll
2014-11-13 07:45:23 ----A---- C:\Windows\system32\iernonce.dll
2014-11-13 07:45:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-13 07:45:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-13 07:45:22 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-13 07:45:22 ----A---- C:\Windows\system32\iesetup.dll
2014-11-13 07:45:22 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-13 07:45:21 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-11-10 09:04:18 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-02 19:13:35 ----D---- C:\Program Files (x86)\EA SPORTS
2014-10-29 20:02:45 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-10-29 12:15:16 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-10-29 12:15:14 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-10-29 12:15:14 ----A---- C:\Windows\system32\WSShared.dll
2014-10-29 12:15:13 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 12:15:13 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-10-29 12:15:13 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 12:15:13 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-10-29 12:15:13 ----A---- C:\Windows\system32\NotificationUI.exe
======List of files/folders modified in the last 1 month======
2014-11-25 20:41:19 ----D---- C:\Windows\Prefetch
2014-11-25 20:41:12 ----RD---- C:\Program Files
2014-11-25 20:40:27 ----D---- C:\Windows\system32\config
2014-11-25 20:39:09 ----D---- C:\Windows\system32\sru
2014-11-25 17:00:57 ----D---- C:\Windows\Temp
2014-11-25 15:42:35 ----D---- C:\Windows\Microsoft.NET
2014-11-25 14:44:46 ----RD---- C:\Windows\System32
2014-11-25 14:42:44 ----D---- C:\Windows\Inf
2014-11-23 21:02:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-23 20:37:13 ----SHD---- C:\System Volume Information
2014-11-23 20:36:44 ----D---- C:\Windows\SysWOW64
2014-11-23 20:32:45 ----D---- C:\Windows\system32\drivers\etc
2014-11-23 17:47:04 ----D---- C:\Windows\system32\Drivers
2014-11-23 17:46:55 ----D---- C:\Windows\system32\Tasks
2014-11-23 17:46:48 ----D---- C:\Windows
2014-11-23 17:31:14 ----SHD---- C:\Windows\Installer
2014-11-23 17:30:51 ----D---- C:\Users\Tereza\AppData\Roaming\Samsung
2014-11-23 17:30:51 ----D---- C:\Program Files (x86)\Samsung
2014-11-23 17:30:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-23 17:29:16 ----RD---- C:\Program Files (x86)
2014-11-19 22:36:45 ----RD---- C:\Windows\ImmersiveControlPanel
2014-11-18 10:05:52 ----RD---- C:\Windows\assembly
2014-11-17 19:38:59 ----HD---- C:\ProgramData
2014-11-17 19:35:47 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-17 19:35:07 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-11-17 15:07:15 ----D---- C:\Windows\WinSxS
2014-11-17 14:29:45 ----D---- C:\Windows\rescache
2014-11-16 23:29:19 ----D---- C:\Windows\Tasks
2014-11-16 16:49:53 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-16 16:47:28 ----D---- C:\Program Files\Microsoft Office 15
2014-11-16 16:40:26 ----D---- C:\Windows\system32\catroot
2014-11-14 18:44:45 ----D---- C:\Program Files\Windows Defender
2014-11-14 18:44:42 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-14 18:44:37 ----SD---- C:\Windows\system32\CompatTel
2014-11-14 18:44:36 ----RD---- C:\Windows\ToastData
2014-11-14 18:44:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-14 18:44:29 ----D---- C:\Windows\system32\cs-CZ
2014-11-14 18:44:18 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-14 18:44:13 ----D---- C:\Program Files\Internet Explorer
2014-11-14 18:44:11 ----D---- C:\Windows\system32\DriverStore
2014-11-13 14:41:37 ----D---- C:\Windows\CbsTemp
2014-11-13 14:35:19 ----D---- C:\Windows\system32\MRT
2014-11-13 14:29:41 ----A---- C:\Windows\system32\MRT.exe
2014-11-13 07:44:57 ----D---- C:\Windows\system32\catroot2
2014-11-10 19:22:01 ----D---- C:\Windows\SoftwareDistribution
2014-11-09 23:34:44 ----D---- C:\Windows\debug
2014-11-08 17:31:55 ----D---- C:\Users\Tereza\AppData\Roaming\vlc
2014-10-29 20:02:48 ----D---- C:\Windows\WinStore
2014-10-27 12:21:59 ----D---- C:\Windows\AUInstallAgent
2014-10-27 12:19:53 ----HD---- C:\Program Files\WindowsApps
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-23 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-23 267632]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-09-14 647736]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-02-14 30496]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-23 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-23 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-23 436624]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-23 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-23 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-23 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-23 271752]
R3 athr;@oem13.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2012-11-18 3728384]
R3 BTATH_BUS;@oem14.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2013-03-27 34384]
R3 HIDSwitch;@oem19.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2012-05-31 21152]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-13 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-04-17 3355336]
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-01-09 342528]
R3 kbfiltr;@oem21.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\Windows\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem4.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-14 11060512]
R3 RSBASTOR;@oem10.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2012-10-08 298640]
R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-10-24 723088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2012-06-02 1146880]
S3 AthBTPort;@oem18.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-03-27 89168]
S3 ATP;@oem12.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\Windows\System32\drivers\AsusTP.sys [2013-04-16 65784]
S3 BTATH_A2DP;@oem17.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-03-27 346192]
S3 btath_avdt;@oem17.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-03-27 115280]
S3 BTATH_HCRP;@oem20.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2013-03-27 179432]
S3 BTATH_LWFLT;@oem22.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-03-27 77464]
S3 BTATH_RCP;@oem24.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2013-03-27 136784]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-03-27 584272]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
S3 dg_ssudbus;@oem29.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
S3 ssudmdm;@oem32.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2013-01-07 1280768]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-23 50344]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-23 4012248]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-28 116648]
S3 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-03-27 227968]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-13 277616]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-28 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-09-13 2466448]
S3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
S3 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
S3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
S3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
S3 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-02-14 884512]
S3 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-14 1260320]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-12-04 150600]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
-----------------EOF-----------------
tak tady dle návodu:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Tereza at 2014-11-25 20:44:58
Microsoft Windows 8
System drive C: has 136 GB (48%) free of 286 GB
Total RAM: 3982 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:45:00, on 25. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17148)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Tereza.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [T-Mobile Communication Centre] "C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" -autorun
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 9388 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\system32\svchost.exe -k imgsvc
dashost.exe {4a41c353-1a6a-4a00-9bc70343b527cd46}
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
ngservice.exe pipeserver
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="4004.0.318676157\2016867317" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0156 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /Play -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4004.42.371078575\419985960" /prefetch:673131151
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/control/EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/ControlBootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_47/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="4004.60.811818344\1270872258" /prefetch:673131151
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Tereza\Downloads\RSITx64 (1).exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-03-27 66688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-23 705448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-14 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-23 586968]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-14 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-03-27 132736]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"=C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [2011-03-08 1355792]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-09-03 40312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSPRP]
C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2012-11-23 3187360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUSWebStorage]
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.10.123\AsusWSPanel.exe [2012-08-31 3423104]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisableS3S4]
c:\windows\temp\DisableS3S464\sethigh.cmd []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\Windows\system32\hkcmd.exe [2012-12-13 399984]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\Windows\system32\igfxtray.exe [2012-12-13 172144]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe]
C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl10]
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVBg]
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2013-03-08 1278024]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-04-10 13519432]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-11-23 5226600]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-03-27 132736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-13 442880]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-25 20:41:12 ----D---- C:\Program Files\trend micro
2014-11-25 20:41:11 ----D---- C:\rsit
2014-11-23 20:36:44 ----D---- C:\Windows\SYSWOW64\vbox
2014-11-23 20:36:44 ----D---- C:\Windows\system32\vbox
2014-11-23 17:46:49 ----A---- C:\Windows\system32\aswBoot.exe
2014-11-23 17:46:44 ----A---- C:\Windows\avastSS.scr
2014-11-17 19:38:59 ----D---- C:\ProgramData\Malwarebytes
2014-11-17 19:35:05 ----A---- C:\Windows\wininit.ini
2014-11-17 19:20:51 ----D---- C:\AdwCleaner
2014-11-17 17:50:40 ----D---- C:\Program Files\Bandizip
2014-11-17 17:34:05 ----D---- C:\FRST
2014-11-16 16:33:31 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-13 07:48:03 ----A---- C:\Windows\system32\msxml3.dll
2014-11-13 07:48:02 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-13 07:47:55 ----A---- C:\Windows\system32\schannel.dll
2014-11-13 07:47:50 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-13 07:47:49 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-11-13 07:47:48 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-11-13 07:47:43 ----A---- C:\Windows\system32\win32k.sys
2014-11-13 07:47:36 ----A---- C:\Windows\system32\rdpcorets.dll
2014-11-13 07:47:34 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-13 07:47:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-13 07:47:31 ----A---- C:\Windows\system32\SHCore.dll
2014-11-13 07:47:31 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-13 07:47:31 ----A---- C:\Windows\system32\adtschema.dll
2014-11-13 07:47:30 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-11-13 07:47:29 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-13 07:47:29 ----A---- C:\Windows\system32\msaudite.dll
2014-11-13 07:47:21 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-13 07:47:21 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-13 07:47:20 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-13 07:47:20 ----A---- C:\Windows\system32\packager.dll
2014-11-13 07:47:14 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-13 07:47:14 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-13 07:47:13 ----A---- C:\Windows\system32\EncDump.dll
2014-11-13 07:47:13 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-13 07:47:07 ----A---- C:\Windows\system32\dnsapi.dll
2014-11-13 07:46:59 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-11-13 07:46:59 ----A---- C:\Windows\system32\WsmSvc.dll
2014-11-13 07:46:58 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-11-13 07:46:58 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-11-13 07:46:58 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-11-13 07:46:58 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-11-13 07:46:57 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-11-13 07:46:57 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-11-13 07:46:57 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-11-13 07:46:57 ----A---- C:\Windows\system32\rpchttp.dll
2014-11-13 07:46:56 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-11-13 07:46:56 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-11-13 07:46:56 ----A---- C:\Windows\system32\FXST30.dll
2014-11-13 07:46:56 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-11-13 07:46:56 ----A---- C:\Windows\system32\FXSAPI.dll
2014-11-13 07:46:55 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-11-13 07:46:44 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-13 07:46:44 ----A---- C:\Windows\system32\msi.dll
2014-11-13 07:46:40 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-11-13 07:46:40 ----A---- C:\Windows\system32\twinui.dll
2014-11-13 07:46:39 ----A---- C:\Windows\system32\authui.dll
2014-11-13 07:46:38 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-11-13 07:46:38 ----A---- C:\Windows\system32\msihnd.dll
2014-11-13 07:46:37 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-11-13 07:46:18 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-11-13 07:46:17 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-11-13 07:46:13 ----A---- C:\Windows\system32\aepdu.dll
2014-11-13 07:46:12 ----A---- C:\Windows\system32\generaltel.dll
2014-11-13 07:46:11 ----A---- C:\Windows\system32\aeinv.dll
2014-11-13 07:45:46 ----A---- C:\Windows\system32\mshtml.dll
2014-11-13 07:45:40 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-13 07:45:35 ----A---- C:\Windows\system32\ieframe.dll
2014-11-13 07:45:34 ----A---- C:\Windows\system32\wininet.dll
2014-11-13 07:45:34 ----A---- C:\Windows\system32\iertutil.dll
2014-11-13 07:45:33 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-13 07:45:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-13 07:45:32 ----A---- C:\Windows\system32\urlmon.dll
2014-11-13 07:45:31 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-13 07:45:31 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-13 07:45:29 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-11-13 07:45:29 ----A---- C:\Windows\system32\uxtheme.dll
2014-11-13 07:45:28 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-13 07:45:28 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-13 07:45:28 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-13 07:45:28 ----A---- C:\Windows\system32\iesysprep.dll
2014-11-13 07:45:26 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-13 07:45:26 ----A---- C:\Windows\system32\jscript9.dll
2014-11-13 07:45:25 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-11-13 07:45:25 ----A---- C:\Windows\system32\jscript.dll
2014-11-13 07:45:25 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-13 07:45:24 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-13 07:45:24 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-13 07:45:24 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-13 07:45:24 ----A---- C:\Windows\system32\msrating.dll
2014-11-13 07:45:24 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-13 07:45:24 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-13 07:45:24 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-13 07:45:23 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-11-13 07:45:23 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-13 07:45:23 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-13 07:45:23 ----A---- C:\Windows\system32\UXInit.dll
2014-11-13 07:45:23 ----A---- C:\Windows\system32\iernonce.dll
2014-11-13 07:45:22 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-13 07:45:22 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-13 07:45:22 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-13 07:45:22 ----A---- C:\Windows\system32\iesetup.dll
2014-11-13 07:45:22 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-13 07:45:21 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-11-10 09:04:18 ----A---- C:\Windows\system32\FNTCACHE.DAT
2014-11-02 19:13:35 ----D---- C:\Program Files (x86)\EA SPORTS
2014-10-29 20:02:45 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-10-29 12:15:16 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-10-29 12:15:14 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-10-29 12:15:14 ----A---- C:\Windows\system32\WSShared.dll
2014-10-29 12:15:13 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 12:15:13 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-10-29 12:15:13 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-29 12:15:13 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-10-29 12:15:13 ----A---- C:\Windows\system32\NotificationUI.exe
======List of files/folders modified in the last 1 month======
2014-11-25 20:41:19 ----D---- C:\Windows\Prefetch
2014-11-25 20:41:12 ----RD---- C:\Program Files
2014-11-25 20:40:27 ----D---- C:\Windows\system32\config
2014-11-25 20:39:09 ----D---- C:\Windows\system32\sru
2014-11-25 17:00:57 ----D---- C:\Windows\Temp
2014-11-25 15:42:35 ----D---- C:\Windows\Microsoft.NET
2014-11-25 14:44:46 ----RD---- C:\Windows\System32
2014-11-25 14:42:44 ----D---- C:\Windows\Inf
2014-11-23 21:02:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-23 20:37:13 ----SHD---- C:\System Volume Information
2014-11-23 20:36:44 ----D---- C:\Windows\SysWOW64
2014-11-23 20:32:45 ----D---- C:\Windows\system32\drivers\etc
2014-11-23 17:47:04 ----D---- C:\Windows\system32\Drivers
2014-11-23 17:46:55 ----D---- C:\Windows\system32\Tasks
2014-11-23 17:46:48 ----D---- C:\Windows
2014-11-23 17:31:14 ----SHD---- C:\Windows\Installer
2014-11-23 17:30:51 ----D---- C:\Users\Tereza\AppData\Roaming\Samsung
2014-11-23 17:30:51 ----D---- C:\Program Files (x86)\Samsung
2014-11-23 17:30:50 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-23 17:29:16 ----RD---- C:\Program Files (x86)
2014-11-19 22:36:45 ----RD---- C:\Windows\ImmersiveControlPanel
2014-11-18 10:05:52 ----RD---- C:\Windows\assembly
2014-11-17 19:38:59 ----HD---- C:\ProgramData
2014-11-17 19:35:47 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-17 19:35:07 ----D---- C:\ProgramData\Spybot - Search & Destroy
2014-11-17 15:07:15 ----D---- C:\Windows\WinSxS
2014-11-17 14:29:45 ----D---- C:\Windows\rescache
2014-11-16 23:29:19 ----D---- C:\Windows\Tasks
2014-11-16 16:49:53 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2014-11-16 16:47:28 ----D---- C:\Program Files\Microsoft Office 15
2014-11-16 16:40:26 ----D---- C:\Windows\system32\catroot
2014-11-14 18:44:45 ----D---- C:\Program Files\Windows Defender
2014-11-14 18:44:42 ----D---- C:\Program Files (x86)\Windows Defender
2014-11-14 18:44:37 ----SD---- C:\Windows\system32\CompatTel
2014-11-14 18:44:36 ----RD---- C:\Windows\ToastData
2014-11-14 18:44:29 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-14 18:44:29 ----D---- C:\Windows\system32\cs-CZ
2014-11-14 18:44:18 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-14 18:44:13 ----D---- C:\Program Files\Internet Explorer
2014-11-14 18:44:11 ----D---- C:\Windows\system32\DriverStore
2014-11-13 14:41:37 ----D---- C:\Windows\CbsTemp
2014-11-13 14:35:19 ----D---- C:\Windows\system32\MRT
2014-11-13 14:29:41 ----A---- C:\Windows\system32\MRT.exe
2014-11-13 07:44:57 ----D---- C:\Windows\system32\catroot2
2014-11-10 19:22:01 ----D---- C:\Windows\SoftwareDistribution
2014-11-09 23:34:44 ----D---- C:\Windows\debug
2014-11-08 17:31:55 ----D---- C:\Users\Tereza\AppData\Roaming\vlc
2014-10-29 20:02:48 ----D---- C:\Windows\WinStore
2014-10-27 12:21:59 ----D---- C:\Windows\AUInstallAgent
2014-10-27 12:19:53 ----HD---- C:\Program Files\WindowsApps
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-23 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-23 267632]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-09-14 647736]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2013-02-14 30496]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-23 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-23 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-23 436624]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-23 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-23 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-23 116728]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-23 271752]
R3 athr;@oem13.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2012-11-18 3728384]
R3 BTATH_BUS;@oem14.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2013-03-27 34384]
R3 HIDSwitch;@oem19.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2012-05-31 21152]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-13 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-04-17 3355336]
R3 IntcDAud;@oem6.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-01-09 342528]
R3 kbfiltr;@oem21.inf,%kbfiltr.SvcDesc%;Keyboard Filter; C:\Windows\System32\drivers\kbfiltr.sys [2012-08-02 14992]
R3 MEIx64;@oem4.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-14 11060512]
R3 RSBASTOR;@oem10.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2012-10-08 298640]
R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-10-24 723088]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 AgereSoftModem;@mdmags64.inf,%FullProductName%;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2012-06-02 1146880]
S3 AthBTPort;@oem18.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-03-27 89168]
S3 ATP;@oem12.inf,%PS2.DeviceDesc%;ASUS Input Device; C:\Windows\System32\drivers\AsusTP.sys [2013-04-16 65784]
S3 BTATH_A2DP;@oem17.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-03-27 346192]
S3 btath_avdt;@oem17.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-03-27 115280]
S3 BTATH_HCRP;@oem20.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2013-03-27 179432]
S3 BTATH_LWFLT;@oem22.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-03-27 77464]
S3 BTATH_RCP;@oem24.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2013-03-27 136784]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-03-27 584272]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-01-09 51712]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2013-01-09 74752]
S3 dg_ssudbus;@oem29.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 e1iexpress;@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\Windows\system32\DRIVERS\e1i63x64.sys [2012-06-02 333824]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys []
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 NETwNs64;@netwns64.inf,___ %NIC_Service_DispName_WIN7_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2012-06-02 8604672]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
S3 ssudmdm;@oem32.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-09-03 65640]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2013-01-07 1280768]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2011-03-08 122608]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-23 50344]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2014-10-30 2443960]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-23 4012248]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-28 116648]
S3 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-03-27 227968]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-13 277616]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-28 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-01-06 136120]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-09-13 2466448]
S3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
S3 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-06-27 129856]
S3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
S3 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
S3 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-02-14 884512]
S3 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-14 1260320]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-12-04 150600]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
-----------------EOF-----------------
Re: Preventivka
Dobre ranko
Posledni sken a pak budem mazat. Ctete pozorne, OTL umi i mazat, tak at si neposkodite system.
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne
Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Posledni sken a pak budem mazat. Ctete pozorne, OTL umi i mazat, tak at si neposkodite system.
Jestli bude Avast rvat, ze to chce otevrit v sandboxu, nedovolte to! Vyberte moznost Otevrit normalne Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text
Kód: Vybrat vše
CREATERESTOREPOINT
netsvcs
drivers32
savembr:0
/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop
%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5
*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: Preventivka
zdravím 
tak tady je ten děsně dlouhej sken
nevejde se na ráz, tak musím tedy víckrát
OTL logfile created on: 26. 11. 2014 20:57:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tereza\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17148)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy
3,89 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 66,61% Memory free
4,95 Gb Paging File | 3,53 Gb Available in Paging File | 71,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,01 Gb Total Space | 132,55 Gb Free Space | 47,50% Space Free | Partition Type: NTFS
Drive D: | 397,87 Gb Total Space | 397,23 Gb Free Space | 99,84% Space Free | Partition Type: NTFS
Computer Name: MOLLY | User Name: Tereza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/11/26 20:55:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tereza\Desktop\OTL.exe
PRC - [2014/11/23 17:47:02 | 005,226,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/11/23 17:46:34 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/11/14 22:15:26 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/09/03 06:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/08 18:38:36 | 000,122,608 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
========== Modules (No Company Name) ==========
MOD - [2014/11/23 17:46:38 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/11/14 22:15:23 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\pdf.dll
MOD - [2014/11/14 22:15:19 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libglesv2.dll
MOD - [2014/11/14 22:15:17 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libegl.dll
MOD - [2014/11/14 22:15:16 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\ffmpegsumo.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/11/23 17:46:34 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/11/23 17:46:14 | 004,012,248 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2014/10/30 01:24:10 | 002,443,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/10/02 23:29:16 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/09/22 07:04:33 | 000,016,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/07/07 06:52:33 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/05/30 00:02:28 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/16 06:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/07/27 07:05:15 | 002,676,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/06/01 10:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 07:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 07:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/03/02 03:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/02 03:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/10 00:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/07 13:04:48 | 001,280,768 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2012/11/23 22:54:09 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/07/26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013/09/03 06:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/07/27 07:05:15 | 002,676,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/03/27 11:39:42 | 000,227,968 | ---- | M] (Qualcomm Atheros Commnucations) [On_Demand | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/03/27 10:57:52 | 000,323,584 | R--- | M] (Atheros) [On_Demand | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2013/02/14 10:14:08 | 001,260,320 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/12/13 23:14:24 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/09/13 04:59:08 | 002,466,448 | ---- | M] (Realsil Microelectronics Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/07/26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/06/27 12:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2011/03/08 18:38:36 | 000,122,608 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe -- (ameisvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/11/23 17:47:04 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/11/23 17:46:46 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/11/23 17:46:46 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/11/23 17:46:46 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/11/23 17:46:46 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/11/23 17:46:46 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/11/23 17:46:46 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/11/23 17:46:45 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/11/23 17:46:14 | 000,271,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2014/09/22 06:53:10 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/08/26 23:08:01 | 000,270,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/07/24 14:50:54 | 000,447,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/10/28 01:12:10 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/10/10 12:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 07:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/08/16 06:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/10 07:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/09 09:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/02 02:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/02 02:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/29 07:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/01 04:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/04/16 17:25:46 | 000,065,784 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AsusTP.sys -- (ATP)
DRV:64bit: - [2013/03/27 11:18:54 | 000,584,272 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/03/27 11:18:52 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/03/27 11:18:50 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/03/27 11:18:50 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/03/27 11:18:50 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/03/27 11:18:48 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/03/27 11:18:48 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/03/27 11:18:48 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/03/02 11:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 11:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/14 10:14:08 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/01/10 02:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/01/09 03:26:24 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/12/13 23:14:20 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/11/27 04:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/23 22:53:42 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/11/23 22:53:42 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/11/20 05:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/18 23:57:58 | 003,728,384 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/11/06 04:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/24 19:18:32 | 000,723,088 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/10/12 09:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 08:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 06:19:44 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2012/10/08 10:47:42 | 000,298,640 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:64bit: - [2012/09/14 06:15:10 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/08/02 04:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2012/07/26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 03:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 03:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/02 15:34:37 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2012/06/02 15:31:50 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2012/06/02 15:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2012/05/31 04:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys -- (HIDSwitch)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/11/23 17:46:48 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
CHR - Extension: No name found = C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
O1 HOSTS File: ([2014/11/23 20:32:45 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-1915464551-1954478582-3578973987-1002..\Run: [T-Mobile Communication Centre] C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.111.1.2 109.205.75.156
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{802EE88A-55F8-41FE-9732-86DB330C1064}: DhcpNameServer = 10.111.1.2 109.205.75.156
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A98B3BC5-4BE5-4818-B50A-0FBCFAE15811}: DhcpNameServer = 84.16.106.1 84.16.96.2
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7f91514e-6f16-11e3-be78-6c71d997701a}\Shell - "" = AutoRun
O33 - MountPoints2\{7f91514e-6f16-11e3-be78-6c71d997701a}\Shell\AutoRun\command - "" = "F:\Autorun.exe"
O33 - MountPoints2\{93c6f07d-9e4c-11e3-be83-74d02bbfcfab}\Shell - "" = AutoRun
O33 - MountPoints2\{93c6f07d-9e4c-11e3-be83-74d02bbfcfab}\Shell\AutoRun\command - "" = "F:\Startme.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/11/26 20:55:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tereza\Desktop\OTL.exe
[2014/11/25 20:51:41 | 000,582,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AutoUpdate.exe
[2014/11/25 20:51:41 | 000,462,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationUI.exe
[2014/11/25 20:41:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/11/25 20:41:11 | 000,000,000 | ---D | C] -- C:\rsit
[2014/11/24 10:15:14 | 000,000,000 | ---D | C] -- C:\Users\Tereza\Desktop\dort mamka
[2014/11/23 20:36:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vbox
[2014/11/23 20:36:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vbox
[2014/11/23 20:27:42 | 002,118,144 | ---- | C] (Farbar) -- C:\Users\Tereza\Desktop\FRST64.exe
[2014/11/23 17:46:49 | 000,364,512 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/11/23 17:46:44 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/11/17 19:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/11/17 19:20:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/11/17 17:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip
[2014/11/17 17:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\Bandizip
[2014/11/17 17:34:05 | 000,000,000 | ---D | C] -- C:\FRST
[2014/11/16 16:33:31 | 000,713,672 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/11/16 16:33:31 | 000,106,440 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/13 07:47:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptsslp.dll
[2014/11/13 07:47:48 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptsslp.dll
[2014/11/13 07:47:36 | 003,248,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/11/13 07:47:34 | 001,281,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/11/13 07:47:31 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/11/13 07:47:31 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/11/13 07:47:31 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SHCore.dll
[2014/11/13 07:47:30 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SHCore.dll
[2014/11/13 07:47:29 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2014/11/13 07:47:29 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2014/11/13 07:47:21 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/11/13 07:47:20 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/11/13 07:47:20 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/11/13 07:47:14 | 000,522,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/11/13 07:47:13 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014/11/13 07:47:13 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEndpointBuilder.dll
[2014/11/13 07:47:07 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014/11/13 07:46:58 | 000,328,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2014/11/13 07:46:57 | 000,309,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014/11/13 07:46:57 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2014/11/13 07:46:57 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2014/11/13 07:46:57 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2014/11/13 07:46:56 | 000,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSAPI.dll
[2014/11/13 07:46:56 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOMEX.dll
[2014/11/13 07:46:56 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FXSCOMEX.dll
[2014/11/13 07:46:56 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXST30.dll
[2014/11/13 07:46:56 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FXSAPI.dll
[2014/11/13 07:46:55 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSTIFF.dll
[2014/11/13 07:46:44 | 002,885,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/11/13 07:46:40 | 010,115,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/11/13 07:46:40 | 008,858,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/11/13 07:46:39 | 002,307,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/11/13 07:46:38 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/11/13 07:46:38 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/11/13 07:46:37 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/11/13 07:46:18 | 000,270,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2014/11/13 07:46:17 | 000,035,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2014/11/13 07:46:13 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/11/13 07:46:12 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/11/13 07:46:11 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/11/13 07:45:30 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/11/13 07:45:30 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/11/13 07:45:29 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/11/13 07:45:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/11/13 07:45:28 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/11/13 07:45:26 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/11/13 07:45:26 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/11/13 07:45:25 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/11/13 07:45:25 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/11/13 07:45:24 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/11/13 07:45:24 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/11/13 07:45:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/11/13 07:45:24 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/11/13 07:45:24 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/11/13 07:45:24 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/11/13 07:45:23 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/11/13 07:45:23 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/11/13 07:45:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/11/13 07:45:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/11/13 07:45:22 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/11/13 07:45:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/11/13 07:45:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/11/08 21:52:13 | 000,000,000 | ---D | C] -- C:\Users\Tereza\Desktop\100ANDRO
[2014/11/04 20:36:27 | 000,000,000 | ---D | C] -- C:\Users\Tereza\Desktop\mytýsek
[2014/11/02 19:16:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA SPORTS
[2014/11/02 19:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA SPORTS
[2014/11/02 12:52:49 | 000,000,000 | ---D | C] -- C:\Users\Tereza\Desktop\peugeot307
[2014/11/01 17:17:16 | 000,000,000 | ---D | C] -- C:\Users\Tereza\Desktop\OpenOfficePortable
[2014/10/29 20:02:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\AutoUpdateLicense
[2014/10/29 12:15:14 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/10/29 12:15:14 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/10/29 12:15:13 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll
[2014/10/29 12:15:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/10/29 12:15:13 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2014/10/29 12:15:13 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
========== Files - Modified Within 30 Days ==========
[2014/11/26 20:59:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/11/26 20:55:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tereza\Desktop\OTL.exe
[2014/11/26 20:35:37 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/26 20:35:36 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/11/26 19:56:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/26 19:54:45 | 000,000,968 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/26 19:54:25 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/11/26 19:54:24 | 3340,075,008 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/23 22:57:46 | 000,232,749 | ---- | M] () -- C:\Users\Tereza\Desktop\xcpidmsprtgypn.jpg
[2014/11/23 22:46:06 | 000,000,510 | ---- | M] () -- C:\Users\Tereza\Desktop\pošták.htm
[2014/11/23 21:02:36 | 001,714,430 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/11/23 21:02:36 | 000,727,488 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014/11/23 21:02:36 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/11/23 21:02:36 | 000,148,006 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014/11/23 21:02:36 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/11/23 20:32:45 | 000,000,035 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/11/23 17:47:06 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/11/23 17:47:04 | 001,050,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014/11/23 17:46:46 | 000,436,624 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/11/23 17:46:46 | 000,364,512 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/11/23 17:46:46 | 000,267,632 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/11/23 17:46:46 | 000,116,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/11/23 17:46:46 | 000,083,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/11/23 17:46:46 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/11/23 17:46:46 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/11/23 17:46:45 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/11/23 17:46:44 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/11/23 17:32:01 | 002,118,144 | ---- | M] (Farbar) -- C:\Users\Tereza\Desktop\FRST64.exe
[2014/11/20 21:56:55 | 000,713,672 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/11/20 21:56:55 | 000,106,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/19 08:29:32 | 000,582,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AutoUpdate.exe
[2014/11/19 08:29:31 | 000,462,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationUI.exe
[2014/11/17 19:35:09 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2014/11/17 19:19:59 | 002,140,160 | ---- | M] () -- C:\Users\Tereza\Desktop\adwcleaner_4.101.exe
[2014/11/17 17:50:44 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\Bandizip.lnk
[2014/11/17 09:40:20 | 000,123,297 | ---- | M] () -- C:\Users\Tereza\Desktop\platba2500.pdf
[2014/11/16 16:32:41 | 000,430,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/11/14 18:40:03 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2014/11/10 09:30:32 | 000,040,482 | ---- | M] () -- C:\Users\Tereza\Desktop\mokka.jpg
[2014/11/09 12:08:14 | 000,000,104 | -H-- | M] () -- C:\Users\Tereza\Desktop\.~lock.Untitled 1.ods#
[2014/11/09 12:08:06 | 000,010,757 | ---- | M] () -- C:\Users\Tereza\Desktop\Untitled2.ods
[2014/11/06 12:48:52 | 001,008,826 | ---- | M] () -- C:\Users\Tereza\Desktop\20141106_124852.jpg
[2014/11/06 12:48:46 | 000,944,492 | ---- | M] () -- C:\Users\Tereza\Desktop\20141106_124846.jpg
[2014/11/05 07:40:03 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/11/05 07:38:08 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/11/05 04:16:41 | 000,556,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/11/02 19:17:59 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\NHL 2001.lnk
[2014/11/02 17:57:44 | 000,011,664 | ---- | M] () -- C:\Users\Tereza\Desktop\Untitled 1.ods
========== Files Created - No Company Name ==========
[2014/11/26 20:59:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/11/23 22:47:11 | 000,232,749 | ---- | C] () -- C:\Users\Tereza\Desktop\xcpidmsprtgypn.jpg
[2014/11/23 22:46:05 | 000,000,510 | ---- | C] () -- C:\Users\Tereza\Desktop\pošták.htm
[2014/11/23 17:47:06 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/11/17 19:35:05 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/11/17 19:19:56 | 002,140,160 | ---- | C] () -- C:\Users\Tereza\Desktop\adwcleaner_4.101.exe
[2014/11/17 17:50:44 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\Bandizip.lnk
[2014/11/17 09:40:20 | 000,123,297 | ---- | C] () -- C:\Users\Tereza\Desktop\platba2500.pdf
[2014/11/13 07:46:55 | 000,389,176 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/11/12 05:31:32 | 001,008,826 | ---- | C] () -- C:\Users\Tereza\Desktop\20141106_124852.jpg
[2014/11/12 05:31:32 | 000,944,492 | ---- | C] () -- C:\Users\Tereza\Desktop\20141106_124846.jpg
[2014/11/10 09:30:32 | 000,040,482 | ---- | C] () -- C:\Users\Tereza\Desktop\mokka.jpg
[2014/11/10 09:04:18 | 000,430,088 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/11/09 12:08:14 | 000,000,104 | -H-- | C] () -- C:\Users\Tereza\Desktop\.~lock.Untitled 1.ods#
[2014/11/09 12:08:04 | 000,010,757 | ---- | C] () -- C:\Users\Tereza\Desktop\Untitled2.ods
[2014/11/08 17:35:18 | 1179,827,260 | ---- | C] () -- C:\Users\Tereza\Desktop\Fakju-pane-uciteli-CZ-dab..avi
[2014/11/02 19:17:59 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\NHL 2001.lnk
[2014/11/02 17:57:43 | 000,011,664 | ---- | C] () -- C:\Users\Tereza\Desktop\Untitled 1.ods
[2014/10/29 12:15:14 | 000,010,777 | ---- | C] () -- C:\Windows\SysNative\AutoconfigV2.cab
[2013/12/30 18:11:24 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/12/27 16:58:34 | 000,000,062 | ---- | C] () -- C:\Users\Tereza\AppData\Roaming\sp_data.sys
[2013/04/24 04:36:10 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2013/04/24 04:36:09 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/04/24 04:36:08 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/11/23 14:06:48 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2012/11/23 14:06:48 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2012/11/23 14:06:48 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 09:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 07:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/12/28 13:42:29 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ASUS WebStorage
[2013/12/28 13:42:29 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ASUS WebStorage
[2014/03/17 20:41:14 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\Angry Birds Breakfast 1
[2014/06/26 18:01:45 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\ASUS
[2013/12/27 16:57:19 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\ASUS WebStorage
[2014/08/25 22:03:06 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\AVAST Software
[2014/01/07 22:46:06 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\AVG
[2014/03/17 20:41:19 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\com.rovio.AngryBirdsBreakfast1
[2014/08/25 22:16:03 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\Dropbox
[2014/08/25 22:16:00 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\DropboxMaster
[2014/03/18 18:19:56 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\flightgear.org
[2014/03/18 18:19:51 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\fltk.org
[2014/06/11 20:03:47 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\playmink
[2014/11/23 17:30:51 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\Samsung
========== Purity Check ==========
========== Custom Scans ==========
< >
[2012/07/26 08:22:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013/12/28 13:52:17 | 000,000,968 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/12/28 13:52:20 | 000,000,972 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: AGP440.SYS >
[2012/07/26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\SysNative\drivers\AGP440.sys
[2012/07/26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_81a4c6c9cc9d86a0\AGP440.sys
[2012/07/26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_12dc94a048750f71\AGP440.sys
< MD5 for: ATAPI.SYS >
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\drivers\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_69660e2be041f47b\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_b733d17ea1e7f604\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_3601cf7eab4e0493\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16548_none_36311422ab29f479\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.20652_none_36a9df45c455182a\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2013/05/15 03:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\SysWOW64\autochk.exe
[2013/05/15 03:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_dee8adbc92f0e8e0\autochk.exe
[2014/03/19 20:02:04 | 000,040,790 | ---- | M] () MD5=7566BFDE6B2DA9D6E8C2C3C18F5D61FD -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_3abd94ae4b8558e6\autochk.exe
[2014/04/22 15:25:34 | 000,034,714 | ---- | M] () MD5=7EB2D6ABB80BFE2211588BF4815463A4 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_de9ef92a9327e7b0\autochk.exe
[2014/03/19 20:02:05 | 000,000,596 | ---- | M] () MD5=92284D43189EB75FE1899424A5EB146E -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_3b95e77d64677893\autochk.exe
[2014/04/22 15:25:36 | 000,000,619 | ---- | M] () MD5=DE44519028A3A74B42D942351F09DD96 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_df774bf9ac0a075d\autochk.exe
[2013/05/15 03:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\SysNative\autochk.exe
[2013/05/15 03:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_3b0749404b4e5a16\autochk.exe
< MD5 for: CDROM.SYS >
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\SysNative\drivers\cdrom.sys
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_cf04adb457be1724\cdrom.sys
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.2.9200.16384_none_b87303472d8ba041\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2014/03/19 20:05:22 | 000,010,706 | ---- | M] () MD5=06C1C1B0B6A940437CAACE295F5A1A16 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16384_none_cec940c9249383e0\cryptsvc.dll
[2014/03/19 20:05:22 | 000,001,071 | ---- | M] () MD5=13AA71348A4893E83EF9A1C0632F5CBD -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16595_none_cebf74f3249ab376\cryptsvc.dll
[2014/03/19 20:05:22 | 000,010,481 | ---- | M] () MD5=2857EE0F08EB8469B197E93266EDF2C8 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20699_none_cf4d12e63db4b89c\cryptsvc.dll
[2013/07/13 07:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/13 07:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16666_none_cee0e6e724817621\cryptsvc.dll
[2014/03/19 20:05:23 | 000,010,405 | ---- | M] () MD5=EC3AC765EF2E1A163BD97A3345C7303C -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20774_none_cf5db3323da8ff2e\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2013/06/01 12:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\explorer.exe
[2013/06/01 12:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1\explorer.exe
[2014/04/21 20:54:12 | 000,190,101 | ---- | M] () MD5=4AFEDBDF2C3BB11DF5CE2AA7FB7B444C -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4\explorer.exe
[2014/04/21 20:54:02 | 000,191,911 | ---- | M] () MD5=4F390409412F1C2152841D49F8F569FA -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2014/03/19 20:12:28 | 000,221,955 | ---- | M] () MD5=5E85FA1F0668C6A06C88A0FF3124A92E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2014/03/19 20:12:38 | 000,217,360 | ---- | M] () MD5=7C9CAA3FC712820F4BAC70A315B45543 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9\explorer.exe
[2014/04/21 20:53:56 | 000,193,351 | ---- | M] () MD5=94AE5AC3AAF90FC7D4CAC3CCB04EEC7F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2014/03/19 20:12:35 | 000,220,321 | ---- | M] () MD5=AF8735672761B66A249E48C3899F7BFF -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2014/04/21 20:54:07 | 000,191,929 | ---- | M] () MD5=D559CC21655A88C39159643E4A783ECE -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2013/06/01 11:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\SysWOW64\explorer.exe
[2013/06/01 11:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdc\explorer.exe
[2014/03/19 20:12:31 | 000,220,310 | ---- | M] () MD5=EE17735AC30EFF43A6C73FDB1E3ABA5F -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe
tak tady je ten děsně dlouhej sken
nevejde se na ráz, tak musím tedy víckrátOTL logfile created on: 26. 11. 2014 20:57:04 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tereza\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17148)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d. M. yyyy
3,89 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 66,61% Memory free
4,95 Gb Paging File | 3,53 Gb Available in Paging File | 71,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,01 Gb Total Space | 132,55 Gb Free Space | 47,50% Space Free | Partition Type: NTFS
Drive D: | 397,87 Gb Total Space | 397,23 Gb Free Space | 99,84% Space Free | Partition Type: NTFS
Computer Name: MOLLY | User Name: Tereza | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/11/26 20:55:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tereza\Desktop\OTL.exe
PRC - [2014/11/23 17:47:02 | 005,226,600 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/11/23 17:46:34 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/11/14 22:15:26 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/09/03 06:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/08 18:38:36 | 000,122,608 | ---- | M] (Gemfor s.r.o.) -- C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
========== Modules (No Company Name) ==========
MOD - [2014/11/23 17:46:38 | 038,562,088 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/11/14 22:15:23 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\pdf.dll
MOD - [2014/11/14 22:15:19 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libglesv2.dll
MOD - [2014/11/14 22:15:17 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libegl.dll
MOD - [2014/11/14 22:15:16 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\ffmpegsumo.dll
========== Services (SafeList) ==========
SRV:64bit: - [2014/11/23 17:46:34 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/11/23 17:46:14 | 004,012,248 | ---- | M] (Avast Software) [On_Demand | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
SRV:64bit: - [2014/10/30 01:24:10 | 002,443,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/10/02 23:29:16 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/09/22 07:04:33 | 000,016,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/07/07 06:52:33 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/05/30 00:02:28 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013/08/16 06:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013/07/27 07:05:15 | 002,676,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/06/01 10:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/05/04 07:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/05/04 07:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013/03/02 03:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/03/02 03:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013/01/10 00:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013/01/07 13:04:48 | 001,280,768 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2012/11/23 22:54:09 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012/07/26 04:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012/07/26 04:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012/07/26 04:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012/07/26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012/07/26 04:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012/07/26 04:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/07/26 04:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012/07/26 04:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012/07/26 04:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012/07/26 04:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012/07/26 01:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012/04/20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2013/09/03 06:53:50 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/07/27 07:05:15 | 002,676,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/03/27 11:39:42 | 000,227,968 | ---- | M] (Qualcomm Atheros Commnucations) [On_Demand | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2013/03/27 10:57:52 | 000,323,584 | R--- | M] (Atheros) [On_Demand | Stopped] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt and Wlan Coex Agent)
SRV - [2013/02/14 10:14:08 | 001,260,320 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/02/04 17:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012/12/13 23:14:24 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/09/13 04:59:08 | 002,466,448 | ---- | M] (Realsil Microelectronics Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/07/26 04:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012/07/17 14:57:22 | 000,365,376 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/17 14:57:20 | 000,277,824 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/06/27 12:47:02 | 000,129,856 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe -- (Intel(R)
SRV - [2012/06/25 10:57:14 | 000,166,720 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/04/24 14:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2011/03/08 18:38:36 | 000,122,608 | ---- | M] (Gemfor s.r.o.) [Auto | Running] -- C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe -- (ameisvc)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2014/11/23 17:47:04 | 001,050,432 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/11/23 17:46:46 | 000,436,624 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/11/23 17:46:46 | 000,267,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/11/23 17:46:46 | 000,116,728 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/11/23 17:46:46 | 000,083,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/11/23 17:46:46 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/11/23 17:46:46 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/11/23 17:46:45 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/11/23 17:46:14 | 000,271,752 | ---- | M] (Avast Software) [Kernel | Auto | Running] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
DRV:64bit: - [2014/09/22 06:53:10 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/08/26 23:08:01 | 000,270,024 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/07/24 14:50:54 | 000,447,296 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/10/28 01:12:10 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/10/10 12:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013/10/05 07:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013/08/16 06:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/10 07:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/07/09 09:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013/07/02 02:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013/07/02 02:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013/06/29 07:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013/06/01 04:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/04/16 17:25:46 | 000,065,784 | ---- | M] (ASUS Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\AsusTP.sys -- (ATP)
DRV:64bit: - [2013/03/27 11:18:54 | 000,584,272 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2013/03/27 11:18:52 | 000,136,784 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/03/27 11:18:50 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/03/27 11:18:50 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/03/27 11:18:50 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/03/27 11:18:48 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/03/27 11:18:48 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/03/27 11:18:48 | 000,034,384 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2013/03/02 11:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/03/02 11:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/02/14 10:14:08 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013/01/10 02:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/01/09 03:26:24 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/12/13 23:14:20 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/11/27 04:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012/11/23 22:53:42 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012/11/23 22:53:42 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012/11/20 05:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012/11/18 23:57:58 | 003,728,384 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012/11/06 04:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012/10/24 19:18:32 | 000,723,088 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012/10/12 09:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/10/11 08:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012/10/11 06:19:44 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDScan.sys -- (WSDScan)
DRV:64bit: - [2012/10/08 10:47:42 | 000,298,640 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsBaStor.sys -- (RSBASTOR)
DRV:64bit: - [2012/09/14 06:15:10 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/08/02 04:22:48 | 000,014,992 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2012/07/26 06:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/07/26 06:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012/07/26 06:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012/07/26 06:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012/07/26 06:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012/07/26 06:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012/07/26 06:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012/07/26 06:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012/07/26 06:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012/07/26 06:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012/07/26 06:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012/07/26 06:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012/07/26 06:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012/07/26 06:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012/07/26 06:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012/07/26 06:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/07/26 06:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/07/26 05:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012/07/26 05:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012/07/26 04:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012/07/26 03:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2012/07/26 03:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012/07/26 03:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012/07/26 03:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012/07/26 03:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012/07/26 03:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012/07/26 03:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012/07/26 03:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012/07/26 03:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012/07/26 03:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012/07/26 03:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012/07/26 03:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012/07/26 03:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012/07/26 03:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012/07/26 03:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/07/26 03:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012/07/26 03:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012/07/26 03:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/07/26 03:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012/07/26 03:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012/07/26 03:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012/07/26 03:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012/07/26 03:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012/07/02 15:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/02 15:34:37 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2012/06/02 15:31:50 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2012/06/02 15:31:38 | 000,333,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2012/05/31 04:47:44 | 000,021,152 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AsHIDSwitch64.sys -- (HIDSwitch)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1915464551-1954478582-3578973987-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/11/23 17:46:48 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.0.2502.149_0\
CHR - Extension: No name found = C:\Users\Tereza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
O1 HOSTS File: ([2014/11/23 20:32:45 | 000,000,035 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-1915464551-1954478582-3578973987-1002..\Run: [T-Mobile Communication Centre] C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe (Gemfor s.r.o.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.111.1.2 109.205.75.156
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{802EE88A-55F8-41FE-9732-86DB330C1064}: DhcpNameServer = 10.111.1.2 109.205.75.156
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A98B3BC5-4BE5-4818-B50A-0FBCFAE15811}: DhcpNameServer = 84.16.106.1 84.16.96.2
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7f91514e-6f16-11e3-be78-6c71d997701a}\Shell - "" = AutoRun
O33 - MountPoints2\{7f91514e-6f16-11e3-be78-6c71d997701a}\Shell\AutoRun\command - "" = "F:\Autorun.exe"
O33 - MountPoints2\{93c6f07d-9e4c-11e3-be83-74d02bbfcfab}\Shell - "" = AutoRun
O33 - MountPoints2\{93c6f07d-9e4c-11e3-be83-74d02bbfcfab}\Shell\AutoRun\command - "" = "F:\Startme.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2014/11/26 20:55:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Tereza\Desktop\OTL.exe
[2014/11/25 20:51:41 | 000,582,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AutoUpdate.exe
[2014/11/25 20:51:41 | 000,462,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationUI.exe
[2014/11/25 20:41:12 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2014/11/25 20:41:11 | 000,000,000 | ---D | C] -- C:\rsit
[2014/11/24 10:15:14 | 000,000,000 | ---D | C] -- C:\Users\Tereza\Desktop\dort mamka
[2014/11/23 20:36:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vbox
[2014/11/23 20:36:44 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vbox
[2014/11/23 20:27:42 | 002,118,144 | ---- | C] (Farbar) -- C:\Users\Tereza\Desktop\FRST64.exe
[2014/11/23 17:46:49 | 000,364,512 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/11/23 17:46:44 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/11/17 19:38:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/11/17 19:20:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/11/17 17:50:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip
[2014/11/17 17:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\Bandizip
[2014/11/17 17:34:05 | 000,000,000 | ---D | C] -- C:\FRST
[2014/11/16 16:33:31 | 000,713,672 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/11/16 16:33:31 | 000,106,440 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/13 07:47:49 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncryptsslp.dll
[2014/11/13 07:47:48 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncryptsslp.dll
[2014/11/13 07:47:36 | 003,248,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/11/13 07:47:34 | 001,281,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/11/13 07:47:31 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2014/11/13 07:47:31 | 000,713,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2014/11/13 07:47:31 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SHCore.dll
[2014/11/13 07:47:30 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SHCore.dll
[2014/11/13 07:47:29 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2014/11/13 07:47:29 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2014/11/13 07:47:21 | 000,778,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2014/11/13 07:47:20 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2014/11/13 07:47:20 | 000,068,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2014/11/13 07:47:14 | 000,522,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2014/11/13 07:47:13 | 000,267,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2014/11/13 07:47:13 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEndpointBuilder.dll
[2014/11/13 07:47:07 | 000,623,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dnsapi.dll
[2014/11/13 07:46:58 | 000,328,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\Classpnp.sys
[2014/11/13 07:46:57 | 000,309,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WsmWmiPl.dll
[2014/11/13 07:46:57 | 000,227,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WsmWmiPl.dll
[2014/11/13 07:46:57 | 000,188,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpchttp.dll
[2014/11/13 07:46:57 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rpchttp.dll
[2014/11/13 07:46:56 | 000,616,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSAPI.dll
[2014/11/13 07:46:56 | 000,609,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSCOMEX.dll
[2014/11/13 07:46:56 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FXSCOMEX.dll
[2014/11/13 07:46:56 | 000,254,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXST30.dll
[2014/11/13 07:46:56 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FXSAPI.dll
[2014/11/13 07:46:55 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FXSTIFF.dll
[2014/11/13 07:46:44 | 002,885,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2014/11/13 07:46:40 | 010,115,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2014/11/13 07:46:40 | 008,858,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2014/11/13 07:46:39 | 002,307,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2014/11/13 07:46:38 | 002,037,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2014/11/13 07:46:38 | 000,393,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msihnd.dll
[2014/11/13 07:46:37 | 000,295,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msihnd.dll
[2014/11/13 07:46:18 | 000,270,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2014/11/13 07:46:17 | 000,035,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2014/11/13 07:46:13 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/11/13 07:46:12 | 000,304,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/11/13 07:46:11 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/11/13 07:45:30 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/11/13 07:45:30 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/11/13 07:45:29 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2014/11/13 07:45:29 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/11/13 07:45:28 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/11/13 07:45:26 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/11/13 07:45:26 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/11/13 07:45:25 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/11/13 07:45:25 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/11/13 07:45:24 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/11/13 07:45:24 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/11/13 07:45:24 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/11/13 07:45:24 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/11/13 07:45:24 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/11/13 07:45:24 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/11/13 07:45:23 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2014/11/13 07:45:23 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2014/11/13 07:45:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/11/13 07:45:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/11/13 07:45:22 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/11/13 07:45:22 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/11/13 07:45:22 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/11/08 21:52:13 | 000,000,000 | ---D | C] -- C:\Users\Tereza\Desktop\100ANDRO
[2014/11/04 20:36:27 | 000,000,000 | ---D | C] -- C:\Users\Tereza\Desktop\mytýsek
[2014/11/02 19:16:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA SPORTS
[2014/11/02 19:13:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA SPORTS
[2014/11/02 12:52:49 | 000,000,000 | ---D | C] -- C:\Users\Tereza\Desktop\peugeot307
[2014/11/01 17:17:16 | 000,000,000 | ---D | C] -- C:\Users\Tereza\Desktop\OpenOfficePortable
[2014/10/29 20:02:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\AutoUpdateLicense
[2014/10/29 12:15:14 | 000,695,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WSShared.dll
[2014/10/29 12:15:14 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WSShared.dll
[2014/10/29 12:15:13 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.dll
[2014/10/29 12:15:13 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/10/29 12:15:13 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WinSetupUI.dll
[2014/10/29 12:15:13 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
========== Files - Modified Within 30 Days ==========
[2014/11/26 20:59:27 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2014/11/26 20:55:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Tereza\Desktop\OTL.exe
[2014/11/26 20:35:37 | 000,000,972 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/11/26 20:35:36 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/11/26 19:56:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/26 19:54:45 | 000,000,968 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/11/26 19:54:25 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/11/26 19:54:24 | 3340,075,008 | -HS- | M] () -- C:\hiberfil.sys
[2014/11/23 22:57:46 | 000,232,749 | ---- | M] () -- C:\Users\Tereza\Desktop\xcpidmsprtgypn.jpg
[2014/11/23 22:46:06 | 000,000,510 | ---- | M] () -- C:\Users\Tereza\Desktop\pošták.htm
[2014/11/23 21:02:36 | 001,714,430 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/11/23 21:02:36 | 000,727,488 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2014/11/23 21:02:36 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/11/23 21:02:36 | 000,148,006 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2014/11/23 21:02:36 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/11/23 20:32:45 | 000,000,035 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/11/23 17:47:06 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/11/23 17:47:04 | 001,050,432 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys
[2014/11/23 17:46:46 | 000,436,624 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys
[2014/11/23 17:46:46 | 000,364,512 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/11/23 17:46:46 | 000,267,632 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/11/23 17:46:46 | 000,116,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/11/23 17:46:46 | 000,083,280 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/11/23 17:46:46 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/11/23 17:46:46 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/11/23 17:46:45 | 000,093,568 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/11/23 17:46:44 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/11/23 17:32:01 | 002,118,144 | ---- | M] (Farbar) -- C:\Users\Tereza\Desktop\FRST64.exe
[2014/11/20 21:56:55 | 000,713,672 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/11/20 21:56:55 | 000,106,440 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/19 08:29:32 | 000,582,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\AutoUpdate.exe
[2014/11/19 08:29:31 | 000,462,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\NotificationUI.exe
[2014/11/17 19:35:09 | 000,000,085 | ---- | M] () -- C:\Windows\wininit.ini
[2014/11/17 19:19:59 | 002,140,160 | ---- | M] () -- C:\Users\Tereza\Desktop\adwcleaner_4.101.exe
[2014/11/17 17:50:44 | 000,000,930 | ---- | M] () -- C:\Users\Public\Desktop\Bandizip.lnk
[2014/11/17 09:40:20 | 000,123,297 | ---- | M] () -- C:\Users\Tereza\Desktop\platba2500.pdf
[2014/11/16 16:32:41 | 000,430,088 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/11/14 18:40:03 | 000,002,028 | ---- | M] () -- C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
[2014/11/10 09:30:32 | 000,040,482 | ---- | M] () -- C:\Users\Tereza\Desktop\mokka.jpg
[2014/11/09 12:08:14 | 000,000,104 | -H-- | M] () -- C:\Users\Tereza\Desktop\.~lock.Untitled 1.ods#
[2014/11/09 12:08:06 | 000,010,757 | ---- | M] () -- C:\Users\Tereza\Desktop\Untitled2.ods
[2014/11/06 12:48:52 | 001,008,826 | ---- | M] () -- C:\Users\Tereza\Desktop\20141106_124852.jpg
[2014/11/06 12:48:46 | 000,944,492 | ---- | M] () -- C:\Users\Tereza\Desktop\20141106_124846.jpg
[2014/11/05 07:40:03 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\generaltel.dll
[2014/11/05 07:38:08 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/11/05 04:16:41 | 000,556,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/11/02 19:17:59 | 000,001,992 | ---- | M] () -- C:\Users\Public\Desktop\NHL 2001.lnk
[2014/11/02 17:57:44 | 000,011,664 | ---- | M] () -- C:\Users\Tereza\Desktop\Untitled 1.ods
========== Files Created - No Company Name ==========
[2014/11/26 20:59:27 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2014/11/23 22:47:11 | 000,232,749 | ---- | C] () -- C:\Users\Tereza\Desktop\xcpidmsprtgypn.jpg
[2014/11/23 22:46:05 | 000,000,510 | ---- | C] () -- C:\Users\Tereza\Desktop\pošták.htm
[2014/11/23 17:47:06 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\Avast Free Antivirus.lnk
[2014/11/17 19:35:05 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
[2014/11/17 19:19:56 | 002,140,160 | ---- | C] () -- C:\Users\Tereza\Desktop\adwcleaner_4.101.exe
[2014/11/17 17:50:44 | 000,000,930 | ---- | C] () -- C:\Users\Public\Desktop\Bandizip.lnk
[2014/11/17 09:40:20 | 000,123,297 | ---- | C] () -- C:\Users\Tereza\Desktop\platba2500.pdf
[2014/11/13 07:46:55 | 000,389,176 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2014/11/12 05:31:32 | 001,008,826 | ---- | C] () -- C:\Users\Tereza\Desktop\20141106_124852.jpg
[2014/11/12 05:31:32 | 000,944,492 | ---- | C] () -- C:\Users\Tereza\Desktop\20141106_124846.jpg
[2014/11/10 09:30:32 | 000,040,482 | ---- | C] () -- C:\Users\Tereza\Desktop\mokka.jpg
[2014/11/10 09:04:18 | 000,430,088 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/11/09 12:08:14 | 000,000,104 | -H-- | C] () -- C:\Users\Tereza\Desktop\.~lock.Untitled 1.ods#
[2014/11/09 12:08:04 | 000,010,757 | ---- | C] () -- C:\Users\Tereza\Desktop\Untitled2.ods
[2014/11/08 17:35:18 | 1179,827,260 | ---- | C] () -- C:\Users\Tereza\Desktop\Fakju-pane-uciteli-CZ-dab..avi
[2014/11/02 19:17:59 | 000,001,992 | ---- | C] () -- C:\Users\Public\Desktop\NHL 2001.lnk
[2014/11/02 17:57:43 | 000,011,664 | ---- | C] () -- C:\Users\Tereza\Desktop\Untitled 1.ods
[2014/10/29 12:15:14 | 000,010,777 | ---- | C] () -- C:\Windows\SysNative\AutoconfigV2.cab
[2013/12/30 18:11:24 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/12/27 16:58:34 | 000,000,062 | ---- | C] () -- C:\Users\Tereza\AppData\Roaming\sp_data.sys
[2013/04/24 04:36:10 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2013/04/24 04:36:09 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/04/24 04:36:08 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/11/23 14:06:48 | 000,024,576 | ---- | C] () -- C:\ProgramData\SetStretch.exe
[2012/11/23 14:06:48 | 000,000,256 | ---- | C] () -- C:\ProgramData\SetStretch.cmd
[2012/11/23 14:06:48 | 000,000,103 | ---- | C] () -- C:\ProgramData\SetStretch.VBS
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/28 09:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/28 07:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/07/26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/07/26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/07/26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013/12/28 13:42:29 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ASUS WebStorage
[2013/12/28 13:42:29 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ASUS WebStorage
[2014/03/17 20:41:14 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\Angry Birds Breakfast 1
[2014/06/26 18:01:45 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\ASUS
[2013/12/27 16:57:19 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\ASUS WebStorage
[2014/08/25 22:03:06 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\AVAST Software
[2014/01/07 22:46:06 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\AVG
[2014/03/17 20:41:19 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\com.rovio.AngryBirdsBreakfast1
[2014/08/25 22:16:03 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\Dropbox
[2014/08/25 22:16:00 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\DropboxMaster
[2014/03/18 18:19:56 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\flightgear.org
[2014/03/18 18:19:51 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\fltk.org
[2014/06/11 20:03:47 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\playmink
[2014/11/23 17:30:51 | 000,000,000 | ---D | M] -- C:\Users\Tereza\AppData\Roaming\Samsung
========== Purity Check ==========
========== Custom Scans ==========
< >
[2012/07/26 08:22:10 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2013/12/28 13:52:17 | 000,000,968 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2013/12/28 13:52:20 | 000,000,972 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
< >
< MD5 for: AGP440.SYS >
[2012/07/26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\SysNative\drivers\AGP440.sys
[2012/07/26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_81a4c6c9cc9d86a0\AGP440.sys
[2012/07/26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_12dc94a048750f71\AGP440.sys
< MD5 for: ATAPI.SYS >
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\drivers\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_69660e2be041f47b\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_b733d17ea1e7f604\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_3601cf7eab4e0493\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16548_none_36311422ab29f479\atapi.sys
[2012/07/26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.20652_none_36a9df45c455182a\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2013/05/15 03:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\SysWOW64\autochk.exe
[2013/05/15 03:24:10 | 000,793,088 | ---- | M] (Microsoft Corporation) MD5=61ADD65C9D1E2EAF8BB080A4D6AAB055 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_dee8adbc92f0e8e0\autochk.exe
[2014/03/19 20:02:04 | 000,040,790 | ---- | M] () MD5=7566BFDE6B2DA9D6E8C2C3C18F5D61FD -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_3abd94ae4b8558e6\autochk.exe
[2014/04/22 15:25:34 | 000,034,714 | ---- | M] () MD5=7EB2D6ABB80BFE2211588BF4815463A4 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16384_none_de9ef92a9327e7b0\autochk.exe
[2014/03/19 20:02:05 | 000,000,596 | ---- | M] () MD5=92284D43189EB75FE1899424A5EB146E -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_3b95e77d64677893\autochk.exe
[2014/04/22 15:25:36 | 000,000,619 | ---- | M] () MD5=DE44519028A3A74B42D942351F09DD96 -- C:\Windows\WinSxS\x86_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.20717_none_df774bf9ac0a075d\autochk.exe
[2013/05/15 03:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\SysNative\autochk.exe
[2013/05/15 03:25:59 | 000,888,320 | ---- | M] (Microsoft Corporation) MD5=E47235E8DF26CA48DA189ACFD756329C -- C:\Windows\WinSxS\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.2.9200.16612_none_3b0749404b4e5a16\autochk.exe
< MD5 for: CDROM.SYS >
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\SysNative\drivers\cdrom.sys
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\SysNative\DriverStore\FileRepository\cdrom.inf_amd64_cf04adb457be1724\cdrom.sys
[2012/07/26 03:26:36 | 000,174,080 | ---- | M] (Microsoft Corporation) MD5=339BFF85D788268752DA8C9644B188EE -- C:\Windows\WinSxS\amd64_cdrom.inf_31bf3856ad364e35_6.2.9200.16384_none_b87303472d8ba041\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2014/03/19 20:05:22 | 000,010,706 | ---- | M] () MD5=06C1C1B0B6A940437CAACE295F5A1A16 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16384_none_cec940c9249383e0\cryptsvc.dll
[2014/03/19 20:05:22 | 000,001,071 | ---- | M] () MD5=13AA71348A4893E83EF9A1C0632F5CBD -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16595_none_cebf74f3249ab376\cryptsvc.dll
[2014/03/19 20:05:22 | 000,010,481 | ---- | M] () MD5=2857EE0F08EB8469B197E93266EDF2C8 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20699_none_cf4d12e63db4b89c\cryptsvc.dll
[2013/07/13 07:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\Windows\SysNative\cryptsvc.dll
[2013/07/13 07:16:06 | 000,068,096 | ---- | M] (Microsoft Corporation) MD5=5CE2742F063731EC10C1B2EE386A2C08 -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.16666_none_cee0e6e724817621\cryptsvc.dll
[2014/03/19 20:05:23 | 000,010,405 | ---- | M] () MD5=EC3AC765EF2E1A163BD97A3345C7303C -- C:\Windows\WinSxS\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.2.9200.20774_none_cf5db3323da8ff2e\cryptsvc.dll
< MD5 for: EXPLORER.EXE >
[2013/06/01 12:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\explorer.exe
[2013/06/01 12:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1\explorer.exe
[2014/04/21 20:54:12 | 000,190,101 | ---- | M] () MD5=4AFEDBDF2C3BB11DF5CE2AA7FB7B444C -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4\explorer.exe
[2014/04/21 20:54:02 | 000,191,911 | ---- | M] () MD5=4F390409412F1C2152841D49F8F569FA -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2014/03/19 20:12:28 | 000,221,955 | ---- | M] () MD5=5E85FA1F0668C6A06C88A0FF3124A92E -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2014/03/19 20:12:38 | 000,217,360 | ---- | M] () MD5=7C9CAA3FC712820F4BAC70A315B45543 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9\explorer.exe
[2014/04/21 20:53:56 | 000,193,351 | ---- | M] () MD5=94AE5AC3AAF90FC7D4CAC3CCB04EEC7F -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2014/03/19 20:12:35 | 000,220,321 | ---- | M] () MD5=AF8735672761B66A249E48C3899F7BFF -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2014/04/21 20:54:07 | 000,191,929 | ---- | M] () MD5=D559CC21655A88C39159643E4A783ECE -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2013/06/01 11:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\SysWOW64\explorer.exe
[2013/06/01 11:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdc\explorer.exe
[2014/03/19 20:12:31 | 000,220,310 | ---- | M] () MD5=EE17735AC30EFF43A6C73FDB1E3ABA5F -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe
Přispějete na provoz fóra?