VIRY.CZ

Dobrý den, na počítači mi začal avast co pár minut hlásit infekci URL:MAL. Počítač není můj, nevím jak se tam dostal. Prosím o pomoc s odstraněním, posílám log z RSIT. Děkuji za pomoc.
log z RSIT:

info.txt logfile of random's system information tool 1.10 2015-02-05 18:31:43

======MBR======

0x00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001E569E81000000000200EEFFFFFF010000002F60383A00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->MsiExec /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
Adobe Flash Player 16 NPAPI-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe -maintain plugin
Adobe Reader XI (11.0.10) - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-AB0000000001}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-001802114130}
Adobe Shockwave Player 11.6-->"C:\windows\SysWOW64\Adobe\Shockwave 11\uninstaller.exe"
Avast Free Antivirus-->C:\Program Files\avast\Setup\Instup.exe /control_panel /instop:uninstall
Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
CyberLink YouCam-->"C:\Program Files (x86)\InstallShield Installation Information\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\setup.exe" /z-uninstall
D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}
Energy Star-->MsiExec.exe /I{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}
Euro Truck Simulator 2-->"C:\Program Files (x86)\Euro Truck Simulator 2\unins001.exe"
Fotogaléria-->MsiExec.exe /X{9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}
Fotogalerie-->MsiExec.exe /X{A1FBD2B3-6768-472D-BA46-C00EACBCE16C}
Hewlett-Packard ACLM.NET v1.2.1.1-->MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F}
HP 3D DriveGuard-->MsiExec.exe /X{04927A60-31CD-4614-A25C-055B1AD3A8CE}
HP Connected Music (Meridian - installer)-->"C:\Program Files (x86)\HPConnectedMusic\Uninstall.exe"
HP CoolSense-->MsiExec.exe /I{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}
HP Customer Experience Enhancements-->MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544}
HP Documentation-->MsiExec.exe /X{F2481209-98FE-4943-8903-90D19E1B7062}
HP Postscript Converter-->MsiExec.exe /I{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}
HP Quick Start-->MsiExec.exe /X{C001689B-4EAD-4CB4-B5F7-4A85A32785DC}
HP Recovery Manager-->MsiExec.exe /I{1AE37508-089E-41AC-95BD-99FF06887C2F}
HP Registration Service-->MsiExec.exe /X{D1E8F2D7-7794-4245-B286-87ED86C1893C}
HP Support Assistant-->"C:\Program Files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP System Event Utility-->MsiExec.exe /I{C27D60E4-3132-45A3-A71A-E3BD1DA3F794}
HP Utility Center-->MsiExec.exe /I{73237EBB-B26F-4628-8754-4EFE563D72E9}
HP Wireless Button Driver-->MsiExec.exe /X{941DE69D-6CEE-4171-8F1F-3D7E352AA498}
Intel(R) Management Engine Components-->C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
Intel(R) Processor Graphics-->C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
Intel(R) Rapid Storage Technology-->C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe -uninstall
Intel(R) Rapid Storage Technology-->MsiExec.exe /I{9D859F0D-B405-4B1F-9084-13BBF5D3DB32}
Intel(R) SDK for OpenCL - CPU Only Runtime Package-->C:\Program Files (x86)\Intel\OpenCL SDK\3.0\Uninstall\setup.exe -uninstall
Intel® Trusted Connect Service Client-->MsiExec.exe /I{FA00A3CC-7440-4938-A271-F186F50DD40D}
istartsurf uninstall-->C:\Users\Jaroslava\AppData\Roaming\istartsurf\UninstallManager.exe -ptid=vtt
Java 8 Update 31-->MsiExec.exe /I{26A24AE4-039D-4CA4-87B4-2F83218031F0}
MC BP-Modpack 1.7.10-->C:\Users\Jaroslava\AppData\Roaming\.minecraft\uninst.exe
McAfee Security Scan Plus-->"C:\Program Files\McAfee Security Scan\uninstall.exe"
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64)-->MsiExec.exe /I{E9F0BCD8-6BD5-1ED7-EDA3-9FCF2A478AA1}
Microsoft Primary Interoperability Assemblies 2005-->MsiExec.exe /X{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{071c9b48-7c32-4621-a0ac-3f809523288f}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022-->MsiExec.exe /X{350AA351-21FA-3270-8B7A-835434E766AD}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022-->MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Mindspark MarineAquarium-->"C:\Program Files (x86)\Mindspark\MarineAquarium\Uninstall.exe" "/U:C:\Program Files (x86)\Mindspark\MarineAquarium\Uninstall\uninstall.xml"
Movie Maker-->MsiExec.exe /X{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}
Movie Maker-->MsiExec.exe /X{9EDF46F0-2D4E-4C00-B2B6-0660666E9F60}
Movie Maker-->MsiExec.exe /X{A035950F-15BA-41C0-9D8F-165FC0536012}
Movie Maker-->MsiExec.exe /X{ED6C77F9-4D7E-447C-9EC0-9A212D075535}
Mozilla Firefox 35.0.1 (x86 cs)-->"C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
MSVCRT110_amd64-->MsiExec.exe /I{E9FA781F-3E80-4399-825A-AD3E11C28C77}
MSVCRT110-->MsiExec.exe /I{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}
NVIDIA PhysX-->MsiExec.exe /X{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}
Opera Stable 27.0.1689.66-->"C:\Program Files (x86)\Opera\Launcher.exe" /uninstall
Photo Common-->MsiExec.exe /X{49110532-D289-4BFF-807C-45B782E66A7C}
Photo Common-->MsiExec.exe /X{C67BC332-A59A-4D40-977F-664F60AB21D8}
Photo Common-->MsiExec.exe /X{EB91007A-0110-42A6-B869-2709955A9B2A}
Photo Gallery-->MsiExec.exe /X{30F99474-EBE3-4134-A02B-F6CD38CFE243}
Photo Gallery-->MsiExec.exe /X{63824BC0-B747-43F3-9863-1066D64AD919}
Picasa 3-->"C:\Program Files (x86)\Google\Picasa3\Uninstall.exe"
Připojení ke vzdálené ploše-->MsiExec.exe /X{D81A311F-D26B-4BDA-8A44-0B608DF49BEF}
Ralink Bluetooth Stack64-->MsiExec.exe /X{8512497A-DF9B-3169-B290-2C18E9F976F1}
Ralink RT3290 802.11bgn Wi-Fi Adapter-->C:\Program Files (x86)\InstallShield Installation Information\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly
Realtek PCIE Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}\setup.exe" -runfromtemp -removeonly
Search App by Ask-->MsiExec.exe /X{4F524A2D-5350-4500-76A7-A758B70C1801}
SecretSauce-->C:\Program Files (x86)\SecretSauce\SecretSauceuninstall.exe
SereneScreen Marine Aquarium 3-->"C:\Program Files (x86)\SereneScreen\Marine Aquarium 3\unins000.exe"
Settings Manager-->C:\Program Files (x86)\Settings Manager\smdmf\Uninstall.exe /browser=all
Skype Click to Call-->MsiExec.exe /X{6D1221A9-17BF-4EC0-81F2-27D30EC30701}
Skype™ 6.20-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}
Synaptics Pointing Device Driver-->rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
unIsales-->"C:\Program Files (x86)\unIsales\unIsales.exe" /s /n /i:"ExecuteCommands;UninstallCommands" ""
Windows Live Communications Platform-->MsiExec.exe /I{0454BB9A-2A7A-4214-BDFF-937F7A711A44}
Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}
Windows Live Essentials-->MsiExec.exe /I{797DC296-ADC5-4A08-8CBC-AEB0D6F4B249}
Windows Live Essentials-->MsiExec.exe /I{C4D82144-B2D5-4A0E-A470-16F13EBC5BCB}
Windows Live Installer-->MsiExec.exe /I{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}
Windows Live Photo Common-->MsiExec.exe /X{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}
Windows Live PIMT Platform-->MsiExec.exe /I{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}
Windows Live SOXE Definitions-->MsiExec.exe /I{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}
Windows Live SOXE-->MsiExec.exe /I{FE7C0B3D-50B9-4951-BE78-A321CBF86552}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{56232E3D-7EA9-45E0-A371-26CD80510AF7}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{E18F981B-401C-4D90-BC57-D8903564D558}
Windows Live UX Platform Language Pack-->MsiExec.exe /I{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}
Windows Live UX Platform-->MsiExec.exe /I{4CCBD1F4-CEEC-452A-9CB8-46564B501315}
WinRAR 5.01 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe

======System event log======

Computer Name: WIN-SQRSSINIRE7
Event Code: 7040
Message: Režim spuštění služby Windows Search byl změněn z automatické spouštění na Zakázáno.
Record Number: 1024
Source Name: Service Control Manager
Time Written: 20130829115628.109874-000
Event Type: Informace
User: Pavilon\Administrator

Computer Name: WIN-SQRSSINIRE7
Event Code: 1014
Message: Překlad názvu ctldl.windowsupdate.com nebyl v požadované době dokončen. Žádný z nakonfigurovaných serverů DNS neodpověděl.
Record Number: 1023
Source Name: Microsoft-Windows-DNS-Client
Time Written: 20130829115614.952930-000
Event Type: Upozornění
User: NT AUTHORITY\NETWORK SERVICE

Computer Name: WIN-SQRSSINIRE7
Event Code: 104
Message: Byl vymazán soubor protokolu Setup.
Record Number: 1022
Source Name: Microsoft-Windows-Eventlog
Time Written: 20130829115614.406031-000
Event Type: Informace
User: Pavilon\Administrator

Computer Name: WIN-SQRSSINIRE7
Event Code: 104
Message: Byl vymazán soubor protokolu Application.
Record Number: 1021
Source Name: Microsoft-Windows-Eventlog
Time Written: 20130829115614.234155-000
Event Type: Informace
User: Pavilon\Administrator

Computer Name: WIN-SQRSSINIRE7
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 1020
Source Name: Microsoft-Windows-Eventlog
Time Written: 20130829115614.140389-000
Event Type: Informace
User: Pavilon\Administrator

=====Application event log=====

Computer Name: WIN-SQRSSINIRE7
Event Code: 1066
Message: Inicializační stav pro objekty služby
C:\Windows\system32\sppwinob.dll, msft:spp/windowsfunctionality/agent/7.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/phone/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:rm/algorithm/pkey/detect, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/ActionScheduler/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/TaskScheduler/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/statecollector/pkey, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/1.0, 0x00000000, 0x00000000
C:\Windows\system32\sppobjs.dll, msft:spp/volume/services/kms/activationinfo/1.0, 0x00000000, 0x00000000

Record Number: 947
Source Name: Microsoft-Windows-Security-SPP
Time Written: 20130829115628.000000-000
Event Type: Informace
User:

Computer Name: WIN-SQRSSINIRE7
Event Code: 1003
Message: Služba Windows Search byla spuštěna.

Record Number: 946
Source Name: Microsoft-Windows-Search
Time Written: 20130829115619.000000-000
Event Type: Informace
User:

Computer Name: WIN-SQRSSINIRE7
Event Code: 326
Message: SearchIndexer (2128) Windows: Databázový stroj připojil databázi (1, C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb). (Čas=0 s)

Sekvence interního načasování: [1] 0.000, [2] 0.031, [3] 0.000, [4] 0.000, [5] 0.032, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000, [11] 0.000, [12] 0.000.
Uložená mezipaměť: 1
Record Number: 945
Source Name: ESENT
Time Written: 20130829115618.000000-000
Event Type: Informace
User:

Computer Name: WIN-SQRSSINIRE7
Event Code: 105
Message: SearchIndexer (2128) Windows: Databázový stroj spustil novou instanci (0). (Čas=0 s)

Sekvence interního načasování: [1] 0.000, [2] 0.000, [3] 0.156, [4] 0.031, [5] 0.000, [6] 0.000, [7] 0.000, [8] 0.000, [9] 0.000, [10] 0.000.
Record Number: 944
Source Name: ESENT
Time Written: 20130829115618.000000-000
Event Type: Informace
User:

Computer Name: WIN-SQRSSINIRE7
Event Code: 102
Message: SearchIndexer (2128) Windows: Databázový stroj (6.02.9200.0000) spouští novou instanci (0).
Record Number: 943
Source Name: ESENT
Time Written: 20130829115618.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Pavilon
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-21-3827288190-3897321577-2940346249-1001
Název účtu: Jaroslava
Doména účtu: Pavilon
ID přihlášení: 0x362DA1A

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\$Windows.~BT\Sources\SafeOS\Mount\Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_2c5177c069a919dd\API-MS-Win-Core-Kernel32-Private-L1-1-0.dll
ID popisovače: 0xa44

Informace o procesu:
ID procesu: 0x1ee8
Název procesu: C:\$Windows.~BT\Sources\SetupHost.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 28245
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140609152945.036210-000
Event Type: Úspěšný audit
User:

Computer Name: Pavilon
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-21-3827288190-3897321577-2940346249-1001
Název účtu: Jaroslava
Doména účtu: Pavilon
ID přihlášení: 0x362DA1A

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\$Windows.~BT\Sources\SafeOS\Mount\Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_2c5177c069a919dd\api-ms-win-core-kernel32-legacy-l1-1-0.dll
ID popisovače: 0xa18

Informace o procesu:
ID procesu: 0x1ee8
Název procesu: C:\$Windows.~BT\Sources\SetupHost.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 28244
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140609152944.973705-000
Event Type: Úspěšný audit
User:

Computer Name: Pavilon
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-21-3827288190-3897321577-2940346249-1001
Název účtu: Jaroslava
Doména účtu: Pavilon
ID přihlášení: 0x362DA1A

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\$Windows.~BT\Sources\SafeOS\Mount\Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_2c5177c069a919dd\api-ms-win-core-kernel32-legacy-l1-1-1.dll
ID popisovače: 0xa14

Informace o procesu:
ID procesu: 0x1ee8
Název procesu: C:\$Windows.~BT\Sources\SetupHost.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 28243
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140609152944.958078-000
Event Type: Úspěšný audit
User:

Computer Name: Pavilon
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-21-3827288190-3897321577-2940346249-1001
Název účtu: Jaroslava
Doména účtu: Pavilon
ID přihlášení: 0x362DA1A

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\$Windows.~BT\Sources\SafeOS\Mount\Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-io-l1-1-1.dll
ID popisovače: 0xa2c

Informace o procesu:
ID procesu: 0x1ee8
Název procesu: C:\$Windows.~BT\Sources\SetupHost.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 28242
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140609152944.942456-000
Event Type: Úspěšný audit
User:

Computer Name: Pavilon
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-21-3827288190-3897321577-2940346249-1001
Název účtu: Jaroslava
Doména účtu: Pavilon
ID přihlášení: 0x362DA1A

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\$Windows.~BT\Sources\SafeOS\Mount\Windows\WinSxS\amd64_microsoft-windows-m..namespace-downlevel_31bf3856ad364e35_6.3.9600.16384_none_b8233abb5511544f\api-ms-win-core-interlocked-l1-1-0.dll
ID popisovače: 0xa28

Informace o procesu:
ID procesu: 0x1ee8
Název procesu: C:\$Windows.~BT\Sources\SetupHost.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 28241
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20140609152944.926829-000
Event Type: Úspěšný audit
User:

======Environment variables======

"FP_NO_HOST_CHECK"=NO
"USERNAME"=SYSTEM
"Path"=C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
"ComSpec"=%SystemRoot%\system32\cmd.exe
"TMP"=%SystemRoot%\TEMP
"OS"=Windows_NT
"windir"=%SystemRoot%
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
"PROCESSOR_REVISION"=3a09
"OnlineServices"=Online Services
"Platform"=MCD
"PCBRAND"=Pavilion

-----------------EOF-----------------

Zdravím!
Potřebuji vidět obsah souboru log.txt. Tohle je mi k ničemu.

Zdravím, omlouvám se za spoždění k počítači se dostanu pouze jednou za pár dní.

log.txt

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jaroslava at 2015-02-05 18:31:29
Microsoft Windows 8
System drive C: has 235 GB (51%) free of 456 GB
Total RAM: 3988 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:31:37, on 5. 2. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17183)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\ProgramData\{53685fe1-d26e-aaba-5368-85fe1d267f87}\Atardecer Wallpaper.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files\avast\avastui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\avast\avastui.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Program Files\trend micro\Jaroslava.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... 8144181441
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.yhs4.search.yahoo.com/?hspart ... e=avastbcl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.yhs4.search.yahoo.com/yhs/sea ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... 8144181441
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com/?type=hp&ts=1 ... 8144181441
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istartsurf.com/?type=hp&ts=1 ... 8144181441
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: SecretSauce - {0ffd0ef2-dbe9-483a-80c4-d2c331da1ce4} - C:\Program Files (x86)\SecretSauce\SecretSaucebho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [BtTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKCU\..\Run: [SpyEmergency] C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Jaroslava\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jaroslava\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
O4 - Startup: Atardecer Wallpaper.lnk = C:\ProgramData\{53685fe1-d26e-aaba-5368-85fe1d267f87}\Atardecer Wallpaper.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs:
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\avast\AvastSvc.exe
O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @oem22.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SmdmF Service (SmdmFService) - Aztec Media Inc - C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13116 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\Hpservice.exe
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\avast\AvastSvc.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"

taskhostex.exe
C:\Windows\system32\svchost.exe -k apphost
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
dashost.exe {ec66ef28-085e-4a5d-9cd881c605f999ac}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe" -monitor 536
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\Settings Manager\smdmf\smdmfu.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\ProgramData\{53685fe1-d26e-aaba-5368-85fe1d267f87}\Atardecer Wallpaper.exe" --startup=1
"C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe" -byrunkey
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\avast\avastui.exe" /nogui
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.istartsurf.com/?type=sc&ts=1 ... 8144181441
"C:\Program Files\avast\avastui.exe" --type=renderer --no-sandbox --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 Avastium (10.0.2208)" --lang=en-US --lang=en-US --log-file="C:\Users\Jaroslava\AppData\Roaming\AVAST Software\Avast\log\avastium.log" --log-severity=error --disable-webgl --disable-pepper-3d --disable-gl-multisampling --disable-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-video-decode --channel="4888.5.1031844807\126808394" /prefetch:673131151
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=3896.31d14c0.1248378133 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 3896 "\\.\pipe\gecko-crash-server-pipe.3896" plugin
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --proxy-stub-channel=Flash5408.5CED6220.32465 --host-broker-channel=Flash5408.5CED6220.31882 --host-pid=5408 --host-npapi-version=27 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_16_0_0_305.dll"
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --channel=1896.00AEF1CC.490448083 --proxy-stub-channel=Flash5408.5CED6220.32465 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_16_0_0_305.dll" --host-npapi-version=27 --type=renderer
"C:\Users\Jaroslava\Downloads\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 560 564 572 65536 568

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\u5v9i24r.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.tb.ask.com/search/GGmain. ... searchfor="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\u5v9i24r.default\extensions\
57ffxtbr@MarineAquarium3Free_57.com
KTJWe@d.edu

C:\Users\Jaroslava\AppData\Roaming\Mozilla\Firefox\Profiles\u5v9i24r.default\searchplugins\
ask-search.xml
ask-web-search.xml
bingp.xml
default-search.xml
yahoo-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ffd0ef2-dbe9-483a-80c4-d2c331da1ce4}]
SecretSauce - C:\Program Files (x86)\SecretSauce\SecretSaucebho.dll [2013-12-07 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-26 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-26 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2013-03-12 165872]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2013-03-12 407536]
"Persistence"=C:\Windows\system32\igfxpers.exe [2013-03-12 441840]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-03-08 7156296]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-02-06 3015920]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpyEmergency"=C:\Program Files\NETGATE\Spy Emergency\SpyEmergency.exe []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27 22041192]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Jaroslava\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"=C:\Windows\system32\cmd.exe [2012-07-26 404992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\playnowradio]
C:\Users\Jaroslava\AppData\Local\playnowradio\playnowradio\1.3.2.11\playnowradio.exe [2013-12-09 347648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uninstall C:]
[]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2013-01-10 379904]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-02-25 1045304]
"HP CoolSense"=C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05 1343904]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\avast\AvastUI.exe [2015-01-27 5227112]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17 508800]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2015-01-31 1934744]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

C:\Users\Jaroslava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Atardecer Wallpaper.lnk - C:\ProgramData\{53685fe1-d26e-aaba-5368-85fe1d267f87}\Atardecer Wallpaper.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2013-03-07 434176]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2015-02-05 18:31:29 ----D---- C:\rsit
2015-02-05 18:31:29 ----D---- C:\Program Files\trend micro
2015-02-01 21:37:43 ----D---- C:\ProgramData\16045866333302844883
2015-02-01 21:37:43 ----D---- C:\Program Files (x86)\unIsales
2015-02-01 21:37:42 ----D---- C:\ProgramData\dplhiopgogkndoaaoplffefmnhfhbmch
2015-02-01 21:36:06 ----D---- C:\ProgramData\{53685fe1-d26e-aaba-5368-85fe1d267f87}
2015-02-01 21:35:58 ----D---- C:\ProgramData\{b0fcac22-c399-b353-b0fc-cac22c39b08b}
2015-02-01 08:45:05 ----SHD---- C:\Config.Msi
2015-01-30 17:33:22 ----D---- C:\Games
2015-01-27 15:37:32 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-01-26 16:14:38 ----D---- C:\Program Files (x86)\Emergency 5
2015-01-26 15:30:05 ----D---- C:\ProgramData\AskPartnerNetwork
2015-01-26 15:30:05 ----D---- C:\Program Files (x86)\AskPartnerNetwork
2015-01-26 15:27:52 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-01-21 16:08:41 ----A---- C:\Windows\system32\aswBoot.exe
2015-01-14 16:22:44 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-01-14 16:22:44 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-01-14 16:22:44 ----A---- C:\Windows\system32\wucltux.dll
2015-01-14 16:22:44 ----A---- C:\Windows\system32\wuaueng.dll
2015-01-14 16:22:44 ----A---- C:\Windows\system32\wuauclt.exe
2015-01-14 16:22:44 ----A---- C:\Windows\system32\wuapi.dll
2015-01-14 16:22:43 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-01-14 16:22:43 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-01-14 16:22:43 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-01-14 16:22:43 ----A---- C:\Windows\system32\wuwebv.dll
2015-01-14 16:22:43 ----A---- C:\Windows\system32\wudriver.dll
2015-01-14 16:22:43 ----A---- C:\Windows\system32\wuapp.exe
2015-01-14 16:22:43 ----A---- C:\Windows\system32\storewuauth.dll
2015-01-14 16:22:40 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-01-14 16:22:40 ----A---- C:\Windows\system32\vbscript.dll
2015-01-14 16:22:30 ----A---- C:\Windows\system32\localspl.dll
2015-01-14 16:22:29 ----A---- C:\Windows\system32\win32spl.dll
2015-01-14 16:22:29 ----A---- C:\Windows\system32\services.exe
2015-01-14 16:22:28 ----A---- C:\Windows\system32\drivers\vhdmp.sys
2015-01-14 16:22:05 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-01-14 16:22:04 ----A---- C:\Windows\system32\profsvc.dll
2015-01-14 16:22:03 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2015-01-14 16:22:03 ----A---- C:\Windows\system32\nlasvc.dll
2015-01-14 16:22:03 ----A---- C:\Windows\system32\nlaapi.dll
2015-01-14 16:22:03 ----A---- C:\Windows\system32\ncsi.dll
2015-01-14 16:22:02 ----A---- C:\Windows\system32\wer.dll
2015-01-14 16:22:01 ----A---- C:\Windows\SYSWOW64\wer.dll
2015-01-14 16:22:01 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2015-01-14 16:22:01 ----A---- C:\Windows\system32\Faultrep.dll
2015-01-14 16:22:00 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2015-01-14 16:22:00 ----A---- C:\Windows\system32\WerFaultSecure.exe
2015-01-14 16:22:00 ----A---- C:\Windows\system32\EncDump.dll
2015-01-14 16:22:00 ----A---- C:\Windows\system32\audiosrv.dll
2015-01-14 16:21:54 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-01-14 16:21:52 ----A---- C:\Windows\system32\drivers\mrxdav.sys
2015-01-01 13:55:18 ----A---- C:\Windows\avastSS.scr
2014-12-27 13:11:35 ----D---- C:\Windows\95FC26FB19FD4A96BBB1B1062E8648F5.TMP
2014-12-26 13:22:40 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-12-25 14:43:56 ----A---- C:\Windows\SYSWOW64\vsstrace.dll
2014-12-25 14:43:56 ----A---- C:\Windows\SYSWOW64\vssapi.dll
2014-12-25 14:43:56 ----A---- C:\Windows\system32\VSSVC.exe
2014-12-25 14:43:56 ----A---- C:\Windows\system32\vsstrace.dll
2014-12-25 14:43:56 ----A---- C:\Windows\system32\vssapi.dll
2014-12-25 14:16:41 ----A---- C:\Windows\system32\win32k.sys
2014-12-25 14:16:39 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-12-25 14:16:39 ----A---- C:\Windows\system32\oleaut32.dll
2014-12-25 14:16:32 ----A---- C:\Windows\system32\shell32.dll
2014-12-25 14:16:31 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-12-25 14:16:30 ----A---- C:\Windows\SYSWOW64\mfmpeg2srcsnk.dll
2014-12-25 14:16:30 ----A---- C:\Windows\system32\mfmpeg2srcsnk.dll
2014-12-25 14:16:30 ----A---- C:\Windows\system32\dnsapi.dll
2014-12-25 14:16:29 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2014-12-25 14:16:29 ----A---- C:\Windows\system32\dnsrslvr.dll
2014-12-25 14:15:12 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-12-25 14:15:12 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2014-12-25 14:15:05 ----A---- C:\Windows\system32\WsmSvc.dll
2014-12-25 14:15:04 ----A---- C:\Windows\SYSWOW64\WsmSvc.dll
2014-12-25 14:15:04 ----A---- C:\Windows\system32\drivers\tcpip.sys
2014-12-25 14:15:03 ----A---- C:\Windows\system32\WsmWmiPl.dll
2014-12-25 14:15:03 ----A---- C:\Windows\system32\drivers\Classpnp.sys
2014-12-25 14:15:02 ----A---- C:\Windows\SYSWOW64\WsmWmiPl.dll
2014-12-25 14:15:02 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2014-12-25 14:15:02 ----A---- C:\Windows\SYSWOW64\FXSCOMEX.dll
2014-12-25 14:15:02 ----A---- C:\Windows\SYSWOW64\FXSAPI.dll
2014-12-25 14:15:02 ----A---- C:\Windows\system32\rpchttp.dll
2014-12-25 14:15:02 ----A---- C:\Windows\system32\FXSCOMEX.dll
2014-12-25 14:15:01 ----A---- C:\Windows\system32\FXSTIFF.dll
2014-12-25 14:15:01 ----A---- C:\Windows\system32\FXST30.dll
2014-12-25 14:15:01 ----A---- C:\Windows\system32\FXSAPI.dll
2014-12-25 14:14:24 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-12-25 14:14:24 ----A---- C:\Windows\system32\msi.dll
2014-12-25 14:14:22 ----A---- C:\Windows\SYSWOW64\twinui.dll
2014-12-25 14:14:21 ----A---- C:\Windows\system32\twinui.dll
2014-12-25 14:14:20 ----A---- C:\Windows\SYSWOW64\authui.dll
2014-12-25 14:14:20 ----A---- C:\Windows\system32\msihnd.dll
2014-12-25 14:14:20 ----A---- C:\Windows\system32\authui.dll
2014-12-25 14:14:19 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2014-12-25 14:13:44 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2014-12-25 14:13:43 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2014-12-25 14:13:06 ----A---- C:\Windows\system32\mshtml.dll
2014-12-25 14:13:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-12-25 14:12:58 ----A---- C:\Windows\system32\ieframe.dll
2014-12-25 14:12:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-12-25 14:12:57 ----A---- C:\Windows\system32\iertutil.dll
2014-12-25 14:12:56 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-12-25 14:12:56 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-12-25 14:12:56 ----A---- C:\Windows\system32\wininet.dll
2014-12-25 14:12:56 ----A---- C:\Windows\system32\urlmon.dll
2014-12-25 14:12:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-12-25 14:12:54 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-12-25 14:12:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-12-25 14:12:54 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-12-25 14:12:54 ----A---- C:\Windows\system32\uxtheme.dll
2014-12-25 14:12:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-12-25 14:12:54 ----A---- C:\Windows\system32\jscript.dll
2014-12-25 14:12:54 ----A---- C:\Windows\system32\iesysprep.dll
2014-12-25 14:12:53 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-12-25 14:12:53 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-12-25 14:12:53 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-12-25 14:12:53 ----A---- C:\Windows\system32\mshtmled.dll
2014-12-25 14:12:53 ----A---- C:\Windows\system32\jscript9.dll
2014-12-25 14:12:53 ----A---- C:\Windows\system32\iedkcs32.dll
2014-12-25 14:12:53 ----A---- C:\Windows\system32\ie4uinit.exe
2014-12-25 14:12:52 ----A---- C:\Windows\SYSWOW64\UXInit.dll
2014-12-25 14:12:52 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-12-25 14:12:52 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-12-25 14:12:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-12-25 14:12:52 ----A---- C:\Windows\system32\UXInit.dll
2014-12-25 14:12:52 ----A---- C:\Windows\system32\msrating.dll
2014-12-25 14:12:52 ----A---- C:\Windows\system32\iernonce.dll
2014-12-25 14:12:52 ----A---- C:\Windows\system32\dxtrans.dll
2014-12-25 14:12:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-12-25 14:12:51 ----A---- C:\Windows\system32\dxtmsft.dll
2014-12-25 14:12:50 ----A---- C:\Windows\SYSWOW64\uxtheme.dll
2014-12-25 14:12:50 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-12-25 14:12:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-12-25 14:12:50 ----A---- C:\Windows\system32\jsproxy.dll
2014-12-25 14:12:50 ----A---- C:\Windows\system32\iesetup.dll
2014-12-25 14:12:47 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-12-25 14:12:46 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-12-25 14:12:20 ----A---- C:\Windows\system32\rdpcorets.dll
2014-12-25 14:12:19 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-12-25 14:12:19 ----A---- C:\Windows\system32\adtschema.dll
2014-12-25 14:12:18 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-12-25 14:12:18 ----A---- C:\Windows\system32\msaudite.dll
2014-12-25 14:07:52 ----A---- C:\Windows\system32\NotificationUI.exe
2014-12-25 14:07:52 ----A---- C:\Windows\system32\AutoUpdate.exe
2014-12-25 14:07:18 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-12-25 14:07:18 ----A---- C:\Windows\system32\schannel.dll
2014-12-25 14:07:16 ----A---- C:\Windows\SYSWOW64\ncryptsslp.dll
2014-12-25 14:07:16 ----A---- C:\Windows\system32\ncryptsslp.dll
2014-12-25 14:01:06 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-12-25 14:01:06 ----A---- C:\Windows\system32\msxml3.dll
2014-12-25 14:01:05 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-12-25 14:01:05 ----A---- C:\Windows\system32\packager.dll
2014-12-25 14:00:45 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2014-12-25 14:00:45 ----A---- C:\Windows\system32\SHCore.dll
2014-12-25 14:00:44 ----A---- C:\Windows\system32\lsasrv.dll
2014-12-25 14:00:43 ----A---- C:\Windows\system32\kerberos.dll
2014-12-25 14:00:43 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-12-25 14:00:42 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-12-25 14:00:41 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-12-25 14:00:41 ----A---- C:\Windows\system32\pku2u.dll
2014-12-25 13:57:54 ----A---- C:\Windows\system32\crypt32.dll
2014-12-25 13:57:53 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-11-09 17:23:30 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2014-11-09 17:11:52 ----D---- C:\Program Files (x86)\2K Games
2014-11-09 12:28:53 ----D---- C:\Windows\system32\AutoUpdateLicense
2014-11-08 16:35:31 ----D---- C:\Program Files (x86)\Mindspark
2014-11-08 14:45:13 ----D---- C:\Program Files (x86)\RailSimulator.com
2014-11-07 19:08:24 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2014-11-07 19:08:24 ----A---- C:\Windows\system32\WSShared.dll
2014-11-07 19:08:23 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-07 19:08:23 ----A---- C:\Windows\system32\WinSetupUI.dll
2014-11-07 19:08:23 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.dll
2014-11-07 19:08:22 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-07 18:13:22 ----A---- C:\Windows\system32\tssdisai.dll
2014-11-07 18:13:22 ----A---- C:\Windows\system32\poqexec.exe
2014-11-07 17:45:59 ----D---- C:\Users\Jaroslava\AppData\Roaming\Farm Mania 2

======List of files/folders modified in the last 3 months======

2015-02-05 18:31:29 ----RD---- C:\Program Files
2015-02-05 18:31:27 ----D---- C:\Windows\Prefetch
2015-02-05 18:23:34 ----D---- C:\Windows\Temp
2015-02-05 18:19:40 ----D---- C:\ProgramData\smdmf
2015-02-05 18:17:43 ----A---- C:\Windows\SYSWOW64\bscs.ini
2015-02-05 18:16:55 ----A---- C:\Windows\SYSWOW64\log.txt
2015-02-05 18:16:09 ----D---- C:\Users\Jaroslava\AppData\Roaming\Skype
2015-02-05 18:15:41 ----A---- C:\Windows\SYSWOW64\LOCALSERVICE.INI
2015-02-05 18:14:40 ----A---- C:\Windows\SYSWOW64\LOCALDEVICE.INI
2015-02-05 17:00:00 ----D---- C:\Windows\system32\sru
2015-02-05 15:46:55 ----D---- C:\Windows\system32\catroot2
2015-02-04 21:13:27 ----D---- C:\Windows\SysWOW64
2015-02-03 13:48:56 ----D---- C:\Windows\Microsoft.NET
2015-02-03 11:22:42 ----D---- C:\Windows\system32\Tasks
2015-02-03 11:22:42 ----D---- C:\Program Files (x86)\Opera
2015-02-01 21:37:43 ----RD---- C:\Program Files (x86)
2015-02-01 21:37:43 ----HD---- C:\ProgramData
2015-02-01 09:39:10 ----SHD---- C:\System Volume Information
2015-02-01 08:45:25 ----SHD---- C:\Windows\Installer
2015-01-30 17:28:37 ----D---- C:\Users\Jaroslava\AppData\Roaming\.minecraft
2015-01-30 17:20:45 ----D---- C:\Program Files (x86)\sixteen tons entertainment
2015-01-30 17:02:58 ----D---- C:\Program Files (x86)\Demolition Company Demo
2015-01-28 10:48:39 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 18:11:46 ----D---- C:\Users\Jaroslava\AppData\Roaming\uTorrent
2015-01-27 17:54:59 ----D---- C:\Windows\Inf
2015-01-27 17:54:45 ----D---- C:\Program Files\avast
2015-01-26 19:37:19 ----D---- C:\Windows\SKB
2015-01-26 19:24:06 ----D---- C:\inetpub
2015-01-26 15:28:05 ----D---- C:\ProgramData\Oracle
2015-01-26 15:27:53 ----D---- C:\Program Files (x86)\Common Files
2015-01-26 15:27:24 ----D---- C:\Program Files (x86)\Java
2015-01-24 12:24:53 ----D---- C:\Program Files (x86)\Euro Truck Simulator 2
2015-01-24 12:16:14 ----RD---- C:\Windows\System32
2015-01-24 12:16:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-01-21 16:09:20 ----D---- C:\Windows\system32\DriverStore
2015-01-21 16:09:13 ----D---- C:\Windows\system32\Drivers
2015-01-21 16:08:37 ----D---- C:\Windows
2015-01-18 09:12:27 ----D---- C:\Windows\system32\config
2015-01-18 08:58:27 ----D---- C:\Windows\system32\MRT
2015-01-18 08:44:10 ----A---- C:\Windows\system32\MRT.exe
2015-01-16 19:51:20 ----D---- C:\Windows\rescache
2015-01-16 19:24:20 ----D---- C:\Windows\WinSxS
2015-01-16 18:19:02 ----D---- C:\Windows\system32\cs-CZ
2015-01-16 09:09:53 ----D---- C:\Windows\CbsTemp
2015-01-15 13:37:25 ----D---- C:\Windows\system32\NDF
2014-12-29 23:58:35 ----RSD---- C:\Windows\assembly
2014-12-28 18:11:57 ----D---- C:\Windows\AUInstallAgent
2014-12-27 18:12:53 ----HD---- C:\$Windows.~BT
2014-12-27 17:32:22 ----D---- C:\Windows\Registration
2014-12-27 17:17:36 ----HD---- C:\Program Files\WindowsApps
2014-12-27 17:11:18 ----D---- C:\Windows\system32\catroot
2014-12-27 13:18:23 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-12-25 18:02:26 ----RD---- C:\Windows\ToastData
2014-12-25 18:02:21 ----D---- C:\Program Files\Windows Defender
2014-12-25 18:02:19 ----D---- C:\Program Files (x86)\Windows Defender
2014-12-25 18:02:13 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-25 18:02:10 ----D---- C:\Program Files\Internet Explorer
2014-12-25 18:02:09 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-12-06 12:40:13 ----D---- C:\Program Files (x86)\Bau-Simulator 2012 Demo
2014-11-09 17:10:28 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-11-09 17:10:13 ----D---- C:\Users\Jaroslava\AppData\Roaming\DAEMON Tools Lite
2014-11-09 12:28:53 ----D---- C:\Windows\WinStore
2014-11-08 16:36:10 ----D---- C:\Program Files (x86)\SereneScreen
2014-11-08 15:35:12 ----SD---- C:\Users\Jaroslava\AppData\Roaming\Microsoft
2014-11-08 13:16:11 ----D---- C:\Windows\Help
2014-11-06 06:35:35 ----A---- C:\Windows\SYSWOW64\PrintConfig.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-01-01 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-01-01 267632]
R0 hpdskflt;@oem22.inf,%service_desc%;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-04-10 653808]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-01-01 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-01-01 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-01-01 436624]
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc2.cfg [2014-07-22 41872]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-01-01 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-01-01 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-01-01 116728]
R3 Accelerometer;@oem22.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 BtAudioBusSrv;@oem18.inf,%SvcDesc%;Ralink Bluetooth Audio Bus Service; C:\Windows\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2013-06-20 51712]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\Windows\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2013-06-20 74752]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [2013-02-26 49200]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2013-03-07 4533760]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-03-08 3340616]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2013-03-07 442368]
R3 MEIx64;@oem8.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-13 62784]
R3 netr28x;@oem27.inf,%Generic.Service.DispName%;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2013-12-04 2505904]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2013-03-01 156672]
R3 rtbth;@oem28.inf,%General.Service.DispName%;RTBTH Bluetooth Device Driver; C:\Windows\System32\drivers\rtbth.sys [2013-12-02 1204424]
R3 RTL8168;@oem12.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-10-25 723088]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-02-06 31984]
R3 SynTP;@oem7.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-02-06 469232]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2013-07-05 210560]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2013-03-01 1175040]
S3 dg_ssudbus;@oem29.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 PcaSp60;@oem24.inf,%PCASP60_Desc%;Rawether NDIS 6.X SPR Protocol Driver; C:\Windows\system32\DRIVERS\PcaSp60.sys [2010-09-07 38912]
S3 RSP2STOR;@oem9.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2013-01-24 288328]
S3 RTSPER;Realtek PCIe CardReader Driver; C:\Windows\system32\DRIVERS\RtsPer.sys [2013-02-02 448072]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-02-06 28400]
S3 ssudserd;@oem30.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-01 43008]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2015-01-31 177560]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2013-06-20 29696]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\avast\AvastSvc.exe [2015-01-01 50344]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2013-01-31 1626872]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
R2 hpsrv;@oem22.inf,%hpservice_desc%;HP Service; C:\Windows\system32\Hpservice.exe [2012-09-24 31040]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-02-01 1039160]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-04-10 15344]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-14 131032]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-14 165336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-14 279000]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2013-02-20 239176]
R2 SmdmFService;SmdmF Service; C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe [2014-07-22 3572240]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-01-14 366040]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2013-01-10 138752]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-11-05 1001376]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04 267440]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-12 51648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2013-03-12 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-27 43616]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-02-08 136120]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-01-27 114800]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2013-06-20 29696]
S4 BthAvrcpTg;@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID; C:\Windows\System32\drivers\BthAvrcpTg.sys [2013-06-01 37632]
S4 BthHFEnum;@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator; C:\Windows\System32\drivers\bthhfenum.sys [2012-07-26 51200]
S4 bthhfhid;@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID; C:\Windows\System32\drivers\BthHFHid.sys [2013-06-20 29952]

-----------------EOF-----------------

Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

VIRY.CZ

Infekce URL:MAL

Infekce URL:MAL

Re: Infekce URL:MAL

Re: Infekce URL:MAL

Re: Infekce URL:MAL