VIRY.CZ

Prosím o kontrolu logu, děkuji Vám :
Logfile of random's system information tool 1.10 (written by random/random)
Run by spravce at 2015-03-17 22:49:31
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 337 GB (71%) free of 477 GB
Total RAM: 1943 MB (45% free)

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe" srec
"C:\Users\spravce\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --channel="3324.0.1702447635\1397183918" --no-sandbox --lang=en-US --log-file="C:\Users\spravce\AppData\Roaming\AVAST Software\Avast\log\avastium.log" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 Avastium (10.2.2214)" --proxy-auto-detect --disable-gpu --disable-software-rasterizer --no-sandbox --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2696 --lang=en-US --log-file="C:\Users\spravce\AppData\Roaming\AVAST Software\Avast\log\avastium.log" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 Avastium (10.2.2214)" --proxy-auto-detect --disable-gpu --disable-software-rasterizer --no-sandbox /prefetch:822062411
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" https://www.facebook.com/
"C:\Users\spravce\Desktop\RSITx64.exe"
"C:\Program Files\trend micro\spravce.exe" /silentautolog

"C:\Users\spravce\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\spravce\AppData\Roaming\Mozilla\Firefox\Profiles\g0ofmobo.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

C:\Users\spravce\AppData\Roaming\Mozilla\Firefox\Profiles\g0ofmobo.default\searchplugins\
trovi-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-17 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-17 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-04-06 2885904]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-04-03 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-04-03 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-04-03 439064]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-04 6548112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe [2012-07-10 137728]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BtTray"=C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [2012-09-19 371976]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2012-09-12 56128]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-17 5511352]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"20150107"=C:\Program Files\AVAST Software\Avast\setup\emupdate\763ad310-80db-4681-91d5-92222d171a65.exe [2015-03-17 183232]

[HKEY_CURRENT_USER\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"TiVme Agent"=C:\Program Files (x86)\GIGABYTE\vivoTVScheduleAgent.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-03-19 434688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-03-17 19:58:00 ----D---- C:\Program Files\trend micro
2015-03-17 19:57:58 ----D---- C:\rsit
2015-03-17 13:18:05 ----D---- C:\Program Files (x86)\Google
2015-03-17 10:02:26 ----A---- C:\Windows\system32\aswBoot.exe
2015-03-17 10:02:17 ----A---- C:\Windows\avastSS.scr
2015-03-12 18:00:29 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-03-12 18:00:29 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-03-12 18:00:29 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-03-12 18:00:29 ----A---- C:\Windows\system32\lpk.dll
2015-03-12 18:00:29 ----A---- C:\Windows\system32\dciman32.dll
2015-03-12 18:00:29 ----A---- C:\Windows\system32\atmlib.dll
2015-03-12 18:00:29 ----A---- C:\Windows\system32\atmfd.dll
2015-03-12 18:00:28 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-03-12 18:00:28 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-03-12 18:00:28 ----A---- C:\Windows\system32\fontsub.dll
2015-03-12 18:00:16 ----A---- C:\Windows\system32\blackbox.dll
2015-03-12 18:00:15 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2015-03-12 18:00:14 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-12 18:00:13 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2015-03-12 18:00:11 ----A---- C:\Windows\system32\wmp.dll
2015-03-12 18:00:10 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2015-03-12 18:00:10 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-12 18:00:09 ----A---- C:\Windows\SYSWOW64\mf.dll
2015-03-12 18:00:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-03-12 18:00:08 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-03-12 18:00:05 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-12 18:00:04 ----A---- C:\Windows\system32\crypt32.dll
2015-03-12 18:00:02 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2015-03-12 18:00:02 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-12 18:00:01 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-03-12 18:00:00 ----A---- C:\Windows\system32\quartz.dll
2015-03-12 18:00:00 ----A---- C:\Windows\system32\evr.dll
2015-03-12 17:59:59 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-03-12 17:59:58 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-03-12 17:59:58 ----A---- C:\Windows\system32\cryptui.dll
2015-03-12 17:59:57 ----A---- C:\Windows\SYSWOW64\evr.dll
2015-03-12 17:59:56 ----A---- C:\Windows\SYSWOW64\quartz.dll
2015-03-12 17:59:56 ----A---- C:\Windows\system32\winresume.exe
2015-03-12 17:59:56 ----A---- C:\Windows\system32\mfplat.dll
2015-03-12 17:59:54 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2015-03-12 17:59:54 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2015-03-12 17:59:54 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-12 17:59:53 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-12 17:59:53 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-12 17:59:52 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2015-03-12 17:59:52 ----A---- C:\Windows\system32\mf.dll
2015-03-12 17:59:51 ----A---- C:\Windows\system32\msscp.dll
2015-03-12 17:59:50 ----A---- C:\Windows\system32\winload.exe
2015-03-12 17:59:49 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2015-03-12 17:59:49 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-12 17:59:49 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-12 17:59:48 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-03-12 17:59:48 ----A---- C:\Windows\SYSWOW64\msscp.dll
2015-03-12 17:59:48 ----A---- C:\Windows\system32\wintrust.dll
2015-03-12 17:59:48 ----A---- C:\Windows\system32\srcore.dll
2015-03-12 17:59:48 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-12 17:59:48 ----A---- C:\Windows\system32\ci.dll
2015-03-12 17:59:48 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-12 17:59:47 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-03-12 17:59:47 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-03-12 17:59:47 ----A---- C:\Windows\system32\rstrui.exe
2015-03-12 17:59:47 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-12 17:59:47 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-12 17:59:47 ----A---- C:\Windows\system32\audiodg.exe
2015-03-12 17:59:46 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2015-03-12 17:59:46 ----A---- C:\Windows\system32\qdvd.dll
2015-03-12 17:59:46 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-12 17:59:45 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-12 17:59:44 ----A---- C:\Windows\system32\pcadm.dll
2015-03-12 17:59:44 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-12 17:59:43 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2015-03-12 17:59:43 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-12 17:59:42 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2015-03-12 17:59:42 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2015-03-12 17:59:42 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-12 17:59:41 ----A---- C:\Windows\system32\smss.exe
2015-03-12 17:59:41 ----A---- C:\Windows\system32\mfps.dll
2015-03-12 17:59:40 ----A---- C:\Windows\SYSWOW64\mfps.dll
2015-03-12 17:59:40 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2015-03-12 17:59:40 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-03-12 17:59:40 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-12 17:59:40 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-12 17:59:40 ----A---- C:\Windows\system32\appidapi.dll
2015-03-12 17:59:39 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2015-03-12 17:59:39 ----A---- C:\Windows\system32\srclient.dll
2015-03-12 17:59:39 ----A---- C:\Windows\system32\pcalua.exe
2015-03-12 17:59:39 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-12 17:59:38 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-03-12 17:59:38 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-12 17:59:38 ----A---- C:\Windows\system32\EncDump.dll
2015-03-12 17:59:38 ----A---- C:\Windows\system32\csrsrv.dll
2015-03-12 17:59:38 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-12 17:59:36 ----A---- C:\Windows\system32\spwmp.dll
2015-03-12 17:59:35 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-03-12 17:59:35 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-03-12 17:59:35 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-12 17:59:34 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-03-12 17:59:34 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-12 17:59:34 ----A---- C:\Windows\system32\apisetschema.dll
2015-03-12 17:59:33 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-03-12 17:59:32 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-12 17:59:30 ----A---- C:\Windows\SYSWOW64\mferror.dll
2015-03-12 17:59:30 ----A---- C:\Windows\system32\mferror.dll
2015-03-12 17:57:54 ----A---- C:\Windows\SYSWOW64\ubpm.dll
2015-03-12 17:57:54 ----A---- C:\Windows\system32\ubpm.dll
2015-03-12 17:57:48 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-03-12 17:57:48 ----A---- C:\Windows\system32\shell32.dll
2015-03-12 17:57:42 ----A---- C:\Windows\system32\schannel.dll
2015-03-12 17:57:42 ----A---- C:\Windows\system32\lsasrv.dll
2015-03-12 17:57:42 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-03-12 17:57:42 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-12 17:57:41 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-03-12 17:57:40 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-03-12 17:57:40 ----A---- C:\Windows\system32\kerberos.dll
2015-03-12 17:57:40 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-03-12 17:57:39 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-03-12 17:57:39 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-03-12 17:57:39 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-03-12 17:57:39 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-03-12 17:57:39 ----A---- C:\Windows\system32\wdigest.dll
2015-03-12 17:57:39 ----A---- C:\Windows\system32\TSpkg.dll
2015-03-12 17:57:39 ----A---- C:\Windows\system32\sspicli.dll
2015-03-12 17:57:39 ----A---- C:\Windows\system32\ncrypt.dll
2015-03-12 17:57:39 ----A---- C:\Windows\system32\msv1_0.dll
2015-03-12 17:57:39 ----A---- C:\Windows\system32\lsass.exe
2015-03-12 17:57:38 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-03-12 17:57:38 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-03-12 17:57:38 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-03-12 17:57:38 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-03-12 17:57:38 ----A---- C:\Windows\system32\sspisrv.dll
2015-03-12 17:57:38 ----A---- C:\Windows\system32\secur32.dll
2015-03-12 17:57:38 ----A---- C:\Windows\system32\credssp.dll
2015-03-12 17:57:38 ----A---- C:\Windows\system32\auditpol.exe
2015-03-12 17:57:37 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-03-12 17:57:37 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-03-12 17:57:37 ----A---- C:\Windows\system32\msaudite.dll
2015-03-12 17:57:37 ----A---- C:\Windows\system32\adtschema.dll
2015-03-12 17:57:36 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-03-12 17:57:36 ----A---- C:\Windows\system32\msobjs.dll
2015-03-12 17:57:05 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-03-12 17:57:05 ----A---- C:\Windows\system32\msctf.dll
2015-03-12 17:57:02 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-12 17:57:02 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-12 17:57:02 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2015-03-12 17:57:00 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-12 17:56:59 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2015-03-12 17:56:54 ----A---- C:\Windows\system32\win32k.sys
2015-03-12 17:56:51 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-03-12 17:56:50 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-03-12 17:56:50 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-03-12 17:56:50 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-03-12 17:56:49 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-03-12 17:56:48 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-03-12 17:56:47 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-03-12 17:56:47 ----A---- C:\Windows\system32\iernonce.dll
2015-03-12 17:56:47 ----A---- C:\Windows\system32\ie4uinit.exe
2015-03-12 17:56:46 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-03-12 17:56:46 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-03-12 17:56:46 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-03-12 17:56:45 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-03-12 17:56:45 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-03-12 17:56:45 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-03-12 17:56:43 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-03-12 17:56:42 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-03-12 17:56:42 ----A---- C:\Windows\system32\iedkcs32.dll
2015-03-12 17:56:41 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-03-12 17:56:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-03-12 17:56:41 ----A---- C:\Windows\system32\urlmon.dll
2015-03-12 17:56:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-03-12 17:56:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-03-12 17:56:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-03-12 17:56:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-03-12 17:56:39 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-03-12 17:56:39 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-03-12 17:56:39 ----A---- C:\Windows\system32\msfeeds.dll
2015-03-12 17:56:39 ----A---- C:\Windows\system32\dxtrans.dll
2015-03-12 17:56:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-03-12 17:56:37 ----A---- C:\Windows\system32\iesetup.dll
2015-03-12 17:56:37 ----A---- C:\Windows\system32\ieapfltr.dll
2015-03-12 17:56:35 ----A---- C:\Windows\system32\iertutil.dll
2015-03-12 17:56:34 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-03-12 17:56:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-03-12 17:56:33 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-03-12 17:56:32 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-03-12 17:56:32 ----A---- C:\Windows\system32\jsproxy.dll
2015-03-12 17:56:32 ----A---- C:\Windows\system32\ieUnatt.exe
2015-03-12 17:56:31 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-03-12 17:56:27 ----A---- C:\Windows\system32\dxtmsft.dll
2015-03-12 17:56:26 ----A---- C:\Windows\system32\ieui.dll
2015-03-12 17:56:25 ----A---- C:\Windows\system32\ieframe.dll
2015-03-12 17:56:24 ----A---- C:\Windows\system32\mshtmled.dll
2015-03-12 17:56:23 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-03-12 17:56:23 ----A---- C:\Windows\system32\jscript9diag.dll
2015-03-12 17:56:23 ----A---- C:\Windows\system32\jscript9.dll
2015-03-12 17:56:22 ----A---- C:\Windows\system32\wininet.dll
2015-03-12 17:56:22 ----A---- C:\Windows\system32\vbscript.dll
2015-03-12 17:56:21 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-03-12 17:56:20 ----A---- C:\Windows\system32\msrating.dll
2015-03-12 17:56:17 ----A---- C:\Windows\system32\mshtml.dll
2015-03-12 17:55:36 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-12 17:55:34 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2015-03-06 11:11:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-03-03 20:49:52 ----A---- C:\Windows\system32\powertracker.dll
2015-03-03 20:49:52 ----A---- C:\Windows\system32\perftrack.dll
2015-03-03 20:49:51 ----A---- C:\Windows\SYSWOW64\wdi.dll
2015-03-03 20:49:51 ----A---- C:\Windows\system32\wdi.dll

======List of files/folders modified in the last 1 month======

2015-03-17 22:49:38 ----D---- C:\Windows\Prefetch
2015-03-17 22:49:31 ----D---- C:\Windows\Temp
2015-03-17 22:48:53 ----D---- C:\Users\spravce\AppData\Roaming\vlc
2015-03-17 22:48:33 ----D---- C:\Users\spravce\AppData\Roaming\BitTorrent
2015-03-17 20:10:43 ----D---- C:\Windows\system32\config
2015-03-17 19:58:00 ----RD---- C:\Program Files
2015-03-17 19:54:41 ----SHD---- C:\System Volume Information
2015-03-17 19:38:14 ----D---- C:\Windows\System32
2015-03-17 19:38:14 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-03-17 19:38:10 ----D---- C:\Windows\inf
2015-03-17 19:36:54 ----A---- C:\Windows\SYSWOW64\bscs.ini
2015-03-17 19:36:18 ----A---- C:\Windows\SYSWOW64\log.txt
2015-03-17 19:34:43 ----A---- C:\Windows\SYSWOW64\LOCALSERVICE.INI
2015-03-17 19:33:41 ----A---- C:\Windows\SYSWOW64\LOCALDEVICE.INI
2015-03-17 13:35:05 ----SHD---- C:\Windows\Installer
2015-03-17 13:31:20 ----RD---- C:\Program Files (x86)
2015-03-17 13:30:16 ----D---- C:\Windows\Tasks
2015-03-17 13:18:20 ----D---- C:\Windows\system32\Tasks
2015-03-17 13:16:04 ----D---- C:\Windows\system32\drivers
2015-03-17 13:16:04 ----D---- C:\Windows
2015-03-15 23:06:40 ----D---- C:\Users\spravce\AppData\Roaming\Skype
2015-03-15 19:30:05 ----D---- C:\Users\spravce\AppData\Roaming\uTorrent
2015-03-15 19:30:05 ----D---- C:\Users\spravce\AppData\Roaming\DAEMON Tools Lite
2015-03-15 19:29:58 ----D---- C:\Windows\Logs
2015-03-15 19:29:58 ----D---- C:\Windows\debug
2015-03-13 15:44:11 ----D---- C:\Windows\rescache
2015-03-13 15:07:22 ----D---- C:\Windows\winsxs
2015-03-13 15:04:57 ----D---- C:\Windows\SysWOW64
2015-03-13 15:04:47 ----D---- C:\Windows\SYSWOW64\Dism
2015-03-13 15:04:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-03-13 15:04:47 ----D---- C:\Program Files\Windows Media Player
2015-03-13 15:04:47 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-13 15:04:43 ----D---- C:\Windows\system32\Dism
2015-03-13 15:04:42 ----D---- C:\Windows\system32\cs-CZ
2015-03-13 15:04:41 ----D---- C:\Windows\system32\en-US
2015-03-13 15:04:34 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-13 15:04:34 ----D---- C:\Windows\system32\Boot
2015-03-13 15:04:18 ----D---- C:\Program Files\Internet Explorer
2015-03-13 15:04:16 ----D---- C:\Windows\SYSWOW64\en-US
2015-03-13 15:04:10 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-13 09:26:33 ----D---- C:\ProgramData\Microsoft Help
2015-03-13 09:26:17 ----A---- C:\Windows\win.ini
2015-03-13 09:15:13 ----D---- C:\Windows\system32\MRT
2015-03-13 09:10:54 ----A---- C:\Windows\system32\MRT.exe
2015-03-12 17:54:36 ----D---- C:\Windows\system32\catroot2
2015-03-10 11:58:25 ----SD---- C:\Users\spravce\AppData\Roaming\Microsoft
2015-03-08 13:52:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-05 10:56:11 ----D---- C:\Windows\tracing
2015-02-24 03:17:24 ----N---- C:\Windows\system32\MpSigStub.exe
2015-02-22 19:49:17 ----D---- C:\ProgramData\Skype
2015-02-22 19:49:12 ----RD---- C:\Program Files (x86)\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-03-17 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-03-17 268640]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2012-09-01 647736]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2012-09-01 28216]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 {abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64;{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64; C:\Windows\system32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys [2014-12-26 48784]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-03-17 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-03-17 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-03-17 441728]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-12-27 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-03-17 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-03-17 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-03-17 136752]
R3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service; C:\Windows\System32\Drivers\BtAudioBus.sys [2012-06-15 23136]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service; C:\Windows\System32\Drivers\BtL2caScoIf.sys [2012-07-19 56904]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [2012-10-02 48608]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-03-19 14745600]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-05 4064784]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-04-06 60184]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys [2012-03-05 1857600]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rtbth;RTBTH Bluetooth Device Driver; C:\Windows\system32\DRIVERS\rtbth.sys [2012-10-02 692832]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-04-06 685160]
R3 SmbDrv;SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [2012-04-06 21264]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2012-04-06 425232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-01-31 20992]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2011-10-28 259688]
S3 RTL2832UBDA;REALTEK 2832U BDA Driver; C:\Windows\system32\drivers\RTL2832UBDA.sys [2009-10-26 117152]
S3 RTL2832UUSB;REALTEK 2832U USB Driver; C:\Windows\System32\Drivers\RTL2832UUSB.sys [2009-10-26 38944]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-17 343336]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [2012-09-26 1612552]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 IAStorDataMgrSvc;Úložná technologie Intel® Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-09-01 14904]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-04-06 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-04-06 277784]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-04-06 363800]
R3 BsHelpCS;BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [2012-09-19 146184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-04-03 276248]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-03-06 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-30 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Je tento OS legalni? Opravdu neni bezne, ze by si bezny domaci uzivatel kupoval nejvyssi licenci, ktera zacina na 5.000 Kc s funkcemi, ktere nevyuzije, misto obycejne licence Home Premium, ktera stoji polovic

Zdravím, je to NB jednoho známého, opravdu má legální OS. Poradíte mi?

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Cleaning
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

# AdwCleaner v4.112 - Logfile created 18/03/2015 at 19:37:08
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : spravce - HP650
# Running from : C:\Users\spravce\Downloads\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : {abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
File Deleted : C:\Windows\System32\drivers\{abbda6e4-1fdf-45e9-8feb-7ffcdf19a253}Gw64.sys
File Deleted : C:\Users\spravce\AppData\Roaming\Mozilla\Firefox\Profiles\g0ofmobo.default\searchplugins\trovi-search.xml
File Deleted : C:\Users\spravce\AppData\Roaming\Mozilla\Firefox\Profiles\g0ofmobo.default\user.js

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

Děkuji

Ulozte na plochu OTL http://oldtimer.geekstogo.com/OTL.exe

kliknete pravym na ikonu OTL a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
zatrhnete moznosti Pro vsechny uzivatele, Kontrola na havet "LOP", Kontrola na havěť "Purity"
do okna dole (Custom Scans/Fixes) zkopirujte script, ktery je nize
zbytek ponechte, jak je a kliknete na Prohledat
vysledne logy (OTL.txt a Extras.txt) budou dlouhe, takze je rozdelte do vice prispevku (odpovedi)

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Posílám Extras.txt první část

OTL Extras logfile created on: 19.3.2015 18:05:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\spravce\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17691)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,90 Gb Total Physical Memory | 0,47 Gb Available Physical Memory | 24,92% Memory free
3,80 Gb Paging File | 1,61 Gb Available in Paging File | 42,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 324,34 Gb Free Space | 69,65% Space Free | Partition Type: NTFS
Drive D: | 4,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 502,10 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: HP650 | User Name: spravce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_USERS\S-1-5-21-2627480295-1213406577-1382408431-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F96B62A-1330-4B30-A78E-CBF63C808DEA}" = rport=139 | protocol=6 | dir=out | app=system |
"{157AB04D-DA63-4061-AD8C-0726F8488F7E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1B68AC9E-D984-4095-862C-7B6D5780A2EE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{21902CDE-6379-472D-8B9A-E4EF06B3D821}" = lport=445 | protocol=6 | dir=in | app=system |
"{2D89556C-F371-47B3-A517-8F632D2688A2}" = lport=138 | protocol=17 | dir=in | app=system |
"{31264045-3F60-47C6-A888-C249370B3A4F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3725C4B0-3864-44B0-B808-4E5412A925A3}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{5D6A6688-B484-4B4A-94FB-AD958A391176}" = lport=10243 | protocol=6 | dir=in | app=system |
"{70A85C02-A1FC-49CC-A99D-5E0E7C8FCB16}" = rport=137 | protocol=17 | dir=out | app=system |
"{7DE458AE-FBBD-47BF-B48F-371ABD2CFFFE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{83FA00CD-9AFC-45B9-802C-C5B684E0015D}" = lport=139 | protocol=6 | dir=in | app=system |
"{8A01592A-9AF6-45E9-8084-92893E2A91BC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8E380CF2-7987-4613-BE97-4D7D2AC26468}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ABC07D38-F17E-41FC-9643-1153AC988C78}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{AE712C8B-831F-4FBC-B8FD-844320AADB57}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C0C31C82-8735-42B3-8E00-147100F101F1}" = rport=138 | protocol=17 | dir=out | app=system |
"{C1046BB2-1473-417B-B074-ACF3893D1C8C}" = rport=445 | protocol=6 | dir=out | app=system |
"{E9A51D53-C6C8-45AE-8233-B9587D42C874}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{EA127664-E1E2-4712-A840-0C9545249537}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EAC3D3E5-881A-453C-83DB-D011351F3E2F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EF265504-B859-4860-96F6-38CF7C05576E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F1AAF574-D7CC-4612-AA93-8A6EC9480CA6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FCE2D068-9EBA-4224-A26A-880A152A3408}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{20A5767B-7289-4E7F-BBB4-60A41E704A03}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2339D655-C3D4-4EE7-9972-05B1EB36286C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{303973EE-F915-4F5D-937E-D751EE5C3D77}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{447DBB7D-B432-4370-B7D2-CB2256FD0A8C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{4AB6F5D4-5FFA-49D6-A1EB-63D88EB3AFE3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{55E9E25D-57DD-4FDA-A05D-D0450740F27A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{588A5EA0-F8AD-49AD-88EC-43085E63A96E}" = protocol=17 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{58DCD324-DBB4-4FFF-A867-0922D98A27A5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{5A1257B4-848C-4089-B575-675D677450E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5AD5195D-AA39-47D1-84F6-CB4D6C348E99}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5C245E0B-5F3C-4593-82D6-0F4727D024DF}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{74A11F31-FF44-401E-95A0-19854D962442}" = protocol=17 | dir=in | app=c:\users\spravce\appdata\roaming\bittorrent\bittorrent.exe |
"{7E27C2D8-DEA7-4010-9C5A-0E5538AE1BD5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{7EB22C89-8369-4AFA-ABF3-9E55F9179949}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7FE48888-C051-47BC-AD8A-5AAFCCAE5D51}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{90AD728A-B484-4060-B1D4-A2F16279CCCE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{961E87F3-AD43-49D3-B248-D69663738009}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{97165FA8-C9FE-48FF-B9C2-6998E2D3F0BF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{9DEBA1C5-1A81-4D22-B481-020F91303B69}" = protocol=6 | dir=in | app=c:\program files (x86)\ralink corporation\ralink bluetooth stack\bluesoleilcs.exe |
"{9FB1426F-6B9C-4C29-A248-5761D888B51D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A144E774-2673-4E13-925A-90F67D5D4672}" = protocol=6 | dir=out | app=system |
"{A8CED97B-ADAC-41BA-A8FA-8D0CCA2F1353}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{BBAF9A5B-1F47-4826-A7D7-561DBC72C109}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C14EB50A-A093-4830-8608-392EED278909}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C618C31A-1454-4C7E-9BF8-4EB094607B8D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C70B52A2-59C4-4168-93A6-06F3D79491DE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CD92D683-4556-4809-985A-1DF01104909A}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{D1ACBFD0-121A-4102-BFBD-02E7C663805B}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{DA646792-B664-429C-9F44-771DBA416DA4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{FA7CFF88-0055-490A-90D2-43C99EAFDC95}" = protocol=6 | dir=in | app=c:\users\spravce\appdata\roaming\bittorrent\bittorrent.exe |
"TCP Query User{0CD396FA-5A4A-4D0D-9AA7-25A23601E554}C:\users\spravce\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\spravce\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{427D1B0F-76B9-4E20-A4A3-C6C8467B1292}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{486181F4-DCBC-4973-BD36-506885A2ACDE}C:\users\spravce\desktop\bittorrent.exe" = protocol=6 | dir=in | app=c:\users\spravce\desktop\bittorrent.exe |
"TCP Query User{84FF7D65-07CC-4504-A8C4-9447E33138E4}C:\users\spravce\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\spravce\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{1DCAC8B5-0BAB-441D-B5D4-7919FCEB2C62}C:\users\spravce\desktop\bittorrent.exe" = protocol=17 | dir=in | app=c:\users\spravce\desktop\bittorrent.exe |
"UDP Query User{35DE6AA2-09BC-4D16-ABD0-FFC9A05EF21A}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{387FF9CE-054F-4FBF-95B5-0A28395BDC5A}C:\users\spravce\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\spravce\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{C98A7BEE-B581-46F8-B12C-213DE34C212F}C:\users\spravce\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\spravce\appdata\roaming\utorrent\utorrent.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95DF815D-BE2D-9118-F549-39794C5869CF}" = Ralink Bluetooth Stack64
"CCleaner" = CCleaner
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"SynTPDeinstKey" = Synaptics Pointing Device Driver

Druhá část Extras.txt

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}" = Skype™ 7.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F50AF3B-8997-4916-0095-99D63DDB785A}" = Harry Potter TM
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{7BF68B83-5057-4D4B-0093-28285EEB9EE3}" = Harry Potter II
"{7E799992-5DA0-4A1A-9443-B1836B063FEC}" = HP Power Manager
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A62C8DA-2DB7-4D94-B5BA-1D38FC36E830}" = Manhunt
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT3290 802.11bgn 1x1 Wi-Fi Adapter
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-0044-0405-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-00A1-0405-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00BA-0405-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}" = Harry Potter and the Prisoner of Azkaban(TM)
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1029-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Czech
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player NPAPI" = Adobe Flash Player 16 NPAPI
"Avast" = Avast Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"Google Chrome" = Google Chrome
"Mozilla Firefox 36.0.1 (x86 cs)" = Mozilla Firefox 36.0.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"OpenAL" = OpenAL
"Platypus II_is1" = Platypus II
"Platypus_is1" = Platypus
"SAW - The Video Game_R.G. Mechanics_is1" = SAW - The Video Game
"vivoTV_is1" = vivoTV
"VLC media player" = VLC media player
"WinRAR archiver" = WinRAR 5.11 (32-bit)

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2627480295-1213406577-1382408431-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent" = BitTorrent
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16.3.2015 15:10:07 | Computer Name = hp650 | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Ralink Corporation\Ralink
Bluetooth Stack\BsSMSEditor.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 17.3.2015 4:59:44 | Computer Name = hp650 | Source = WinMgmt | ID = 10
Description =

Error - 17.3.2015 8:16:53 | Computer Name = hp650 | Source = WinMgmt | ID = 10
Description =

Error - 17.3.2015 14:34:02 | Computer Name = hp650 | Source = WinMgmt | ID = 10
Description =

Error - 18.3.2015 4:38:56 | Computer Name = hp650 | Source = WinMgmt | ID = 10
Description =

Error - 18.3.2015 7:35:11 | Computer Name = hp650 | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Ralink Corporation\Ralink
Bluetooth Stack\BsSMSEditor.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 18.3.2015 10:53:56 | Computer Name = hp650 | Source = Application Error | ID = 1000
Description = Název chybující aplikace: AUDIODG.EXE, verze: 6.1.7601.18741, časové
razítko: 0x54d036f1 Název chybujícího modulu: audioeng.dll, verze: 6.1.7601.18741,
časové razítko: 0x54d04059 Kód výjimky: 0xc0000006 Posun chyby: 0x0000000000024678
ID
chybujícího procesu: 0x954 Čas spuštění chybující aplikace: 0x01d0618a56d539a4 Cesta
k chybující aplikaci: C:\Windows\system32\AUDIODG.EXE Cesta k chybujícímu modulu:
C:\Windows\System32\audioeng.dll ID zprávy: 99bf235c-cd7e-11e4-8a1f-f4b7e25bf162

Error - 18.3.2015 10:53:56 | Computer Name = hp650 | Source = Application Error | ID = 1005
Description = Systém Windows nemůže získat přístup k souboru C:\Windows\System32\AudioEng.dll
z jednoho z těchto důvodů: došlo k problému s připojením k síti, s diskem, na kterém
je soubor uložen, nebo s ovladači ukládání nainstalovanými v tomto počítači; nebo
disk chybí. Systém Windows kvůli této chybě ukončil program Windows Audio Device
Graph Isolation. Program: Windows Audio Device Graph Isolation Soubor: C:\Windows\System32\AudioEng.dll

Hodnota
chyby je uvedena v části Další údaje. Akce uživatele 1. Otevřete soubor znovu. Může
se jednat o dočasný problém, který se při novém spuštění programu nebude opakovat.
2.
Pokud
k souboru stále nelze získat přístup a: - Nachází se v síti, měl by správce sítě
ověřit, zda nedošlo k problému se sítí a zda lze server kontaktovat. - Je na vyměnitelném
disku (například disketě nebo disku CD-ROM), ověřte, zda je disk správně vložen
do počítače. 3. Zkontrolujte a opravte systém souborů pomocí nástroje CHKDSK. Ten
lze spustit tak, že kliknete na tlačítko Start a příkaz Spustit, zadáte příkaz
CMD a kliknete na tlačítko OK. Do příkazového řádku zadejte příkaz CHKDSK /F a stiskněte
klávesu ENTER. 4. Pokud potíže potrvají, obnovte soubor ze záložní kopie. 5. Zjistěte,
zda lze otevřít jiné soubory na stejném disku. Pokud ne, může být disk poškozen.
Jedná-li se o pevný disk, obraťte se na správce nebo na dodavatele počítačového
hardwaru se žádostí o pomoc. Další údaje Hodnota chyby: C000009C Typ disku: 3

Error - 18.3.2015 14:39:29 | Computer Name = hp650 | Source = WinMgmt | ID = 10
Description =

Error - 19.3.2015 6:48:40 | Computer Name = hp650 | Source = WinMgmt | ID = 10
Description =

Error - 19.3.2015 9:45:20 | Computer Name = hp650 | Source = SideBySide | ID = 16842832
Description = Generování kontextu aktivace pro C:\Program Files (x86)\Ralink Corporation\Ralink
Bluetooth Stack\BsSMSEditor.exe se nezdařilo. Chyba v souboru manifestu nebo zásad
na řádku . Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti,
která je již aktivní. Konfliktní součásti: Součást 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Součást
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

[ System Events ]
Error - 13.3.2015 10:06:55 | Computer Name = hp650 | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (13:04:47, ?13.?3.?2015) bylo neočekávané.

Error - 14.3.2015 4:49:25 | Computer Name = hp650 | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (16:33:40, ?13.?3.?2015) bylo neočekávané.

Error - 16.3.2015 9:16:44 | Computer Name = hp650 | Source = Schannel | ID = 36888
Description = Byla vygenerována následující výstraha o závažné chybě: 70. Stav interní
chyby: 105

Error - 17.3.2015 8:22:12 | Computer Name = hp650 | Source = Service Control Manager | ID = 7022
Description = Služba Windows Update přestala během spouštění reagovat.

Error - 17.3.2015 9:25:52 | Computer Name = hp650 | Source = DCOM | ID = 10010
Description =

Error - 17.3.2015 9:26:22 | Computer Name = hp650 | Source = DCOM | ID = 10010
Description =

Error - 17.3.2015 14:36:41 | Computer Name = hp650 | Source = DCOM | ID = 10010
Description =

Error - 17.3.2015 15:00:14 | Computer Name = hp650 | Source = DCOM | ID = 10010
Description =

Error - 18.3.2015 10:52:38 | Computer Name = hp650 | Source = Disk | ID = 262151
Description = Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error - 18.3.2015 14:41:33 | Computer Name = hp650 | Source = NetBT | ID = 4321
Description = Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou
192.168.15.102. Počítač s IP adresou 192.168.15.100 nepovolil získání názvu tímto
počítačem.

< End of report >

Posílám OTL.txt první část

OTL logfile created on: 19.3.2015 18:05:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\spravce\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17691)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1,90 Gb Total Physical Memory | 0,47 Gb Available Physical Memory | 24,92% Memory free
3,80 Gb Paging File | 1,61 Gb Available in Paging File | 42,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 324,34 Gb Free Space | 69,65% Space Free | Partition Type: NTFS
Drive D: | 4,37 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 502,10 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: HP650 | User Name: spravce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2015.03.19 18:03:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\spravce\Desktop\OTL.exe
PRC - [2015.03.18 19:43:24 | 005,511,352 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2015.03.17 10:02:16 | 000,343,336 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2015.03.06 11:11:59 | 000,376,944 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2015.02.05 14:35:15 | 001,880,752 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
PRC - [2014.12.19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.09.26 15:46:36 | 001,612,552 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
PRC - [2012.09.19 18:36:42 | 000,371,976 | ---- | M] (IVT Corporation) -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
PRC - [2012.09.01 18:07:22 | 000,285,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2012.09.01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.07.10 09:57:10 | 000,137,728 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe
PRC - [2012.04.06 09:17:46 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.04.06 09:17:46 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.04.06 09:17:42 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe

========== Modules (No Company Name) ==========

MOD - [2015.03.17 10:02:19 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2015.03.17 10:02:18 | 001,359,872 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libGLESv2.dll
MOD - [2015.03.17 10:02:18 | 000,212,992 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libEGL.dll
MOD - [2015.03.17 10:02:17 | 000,104,400 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
MOD - [2015.03.17 10:02:16 | 000,081,728 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2015.02.05 14:35:14 | 016,852,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
MOD - [2014.11.30 11:24:18 | 001,091,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\8c9f9e94e93956d68b43e34324790c6d\System.ServiceModel.Web.ni.dll
MOD - [2014.11.30 11:23:16 | 002,997,248 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\92a3b88ac6300af062edd6503bc5903c\System.IdentityModel.ni.dll
MOD - [2014.11.30 11:23:13 | 019,696,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\316b149dbb031d0e35c9d57bb2fc4b6e\System.ServiceModel.ni.dll
MOD - [2014.11.30 11:22:59 | 000,029,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorDataMcfeeca6f#\c960dc1814659f3dff88569fd96fa5e1\IAStorDataMgrSvcInterfaces.ni.dll
MOD - [2014.11.30 11:22:58 | 000,026,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorCommon\ea7a8fb74933181836838ff94b5d04d3\IAStorCommon.ni.dll
MOD - [2014.11.30 11:22:34 | 000,371,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\IAStorUtil\5b8c953a687c6c0b486e8c6491a67bf0\IAStorUtil.ni.dll
MOD - [2014.11.30 11:22:32 | 000,794,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\35d3a1b878542de59cb4fc0593992404\System.ServiceModel.Internals.ni.dll
MOD - [2014.11.30 11:22:32 | 000,122,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\046058f81b039ab6fd839e03e67595f8\SMDiagnostics.ni.dll
MOD - [2014.11.30 11:22:31 | 002,822,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\f9f13cd8fe1cefaad78579a7c3a41464\System.Runtime.Serialization.ni.dll
MOD - [2014.11.30 11:22:18 | 000,240,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\b20319dfb7dd671d2de2f383cd2551ce\WindowsFormsIntegration.ni.dll
MOD - [2014.11.30 11:06:07 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\8b133e0d94535a7534719f70873ca7fe\System.Xaml.ni.dll
MOD - [2014.11.30 11:06:03 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\db563d596d76daed04e9b5d25b2f4cb9\System.Windows.Forms.ni.dll
MOD - [2014.11.30 11:05:55 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\0648dbecb7e3fb9523565107e04a5caf\System.Configuration.ni.dll
MOD - [2014.11.30 11:05:53 | 007,668,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\7147fa233a070283dba824da40089bf1\System.Xml.ni.dll
MOD - [2014.11.30 11:05:53 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\691c1ad89d16f49d80e84fa06a79089a\System.Core.ni.dll
MOD - [2014.11.30 11:05:48 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b4c08872c259018b17b2801da33ac80f\System.Drawing.ni.dll
MOD - [2014.11.30 11:05:46 | 010,100,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\17a393b77ae757f0768501fb95ff5af6\System.ni.dll
MOD - [2014.11.30 11:01:39 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014.11.30 02:47:11 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7b22741531a2850c807656d0298a96bd\PresentationFramework.Aero.ni.dll
MOD - [2014.11.30 02:46:35 | 014,340,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1f539baa94516139240877cb6afd72c2\PresentationFramework.ni.dll
MOD - [2014.11.30 02:46:18 | 012,435,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1453d9e9a4989833ef3db4b22549ba1a\System.Windows.Forms.ni.dll
MOD - [2014.11.30 02:46:11 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\836e10dfd0811b303553216f5cb092ef\System.Drawing.ni.dll
MOD - [2014.11.30 02:45:59 | 012,236,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\3d4f835b8078dacc8d5da623e2c3f0ee\PresentationCore.ni.dll
MOD - [2014.11.30 02:45:45 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d97a5aa0eb7697aca7c6e90ae471af2b\WindowsBase.ni.dll
MOD - [2014.11.30 02:45:28 | 007,991,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\908ba9e296e92b4e14bdc2437edac603\System.ni.dll
MOD - [2014.11.30 02:44:55 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll
MOD - [2013.09.05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012.09.19 18:36:54 | 000,018,696 | ---- | M] () -- C:\Windows\SysWOW64\SCChangeMonitor.dll
MOD - [2012.09.19 18:36:48 | 000,026,888 | ---- | M] () -- C:\Windows\SysWOW64\BsTrace.dll
MOD - [2012.09.19 18:36:46 | 000,352,008 | ---- | M] () -- C:\Windows\SysWOW64\BsExtendFunc.dll
MOD - [2012.09.19 18:36:46 | 000,070,408 | ---- | M] () -- C:\Windows\SysWOW64\BsProfileFunc.dll
MOD - [2012.08.21 10:10:54 | 000,028,160 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\vivoTV\DeviceInfo.dll
MOD - [2012.07.10 09:57:10 | 000,137,728 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe
MOD - [2011.04.18 11:38:44 | 000,027,648 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduledRecording.dll
MOD - [2011.04.12 09:34:17 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_cs_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011.02.25 09:11:02 | 000,012,288 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\vivoTV\INIFile.dll
MOD - [2009.09.15 13:56:08 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\vivoTV\SRPOTimer.dll
MOD - [2009.08.05 14:15:34 | 000,282,624 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\vivoTV\DirectShowLib-2005.dll

========== Services (SafeList) ==========

SRV:64bit: - [2015.03.17 10:02:16 | 000,343,336 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2015.02.20 03:35:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.05.27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012.02.02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV:64bit: - [2009.11.17 18:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2015.03.06 11:11:58 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015.02.05 14:35:15 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.01.02 19:45:12 | 000,315,488 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014.12.19 08:48:18 | 000,081,088 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014.03.20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.09.11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012.09.26 15:46:36 | 001,612,552 | ---- | M] (IVT Corporation) [Auto | Running] -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe -- (BlueSoleilCS)
SRV - [2012.09.19 18:37:04 | 000,146,184 | ---- | M] (IVT Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe -- (BsHelpCS)
SRV - [2012.09.01 18:07:22 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.04.06 09:17:46 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.04.06 09:17:46 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.04.06 09:17:42 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.04.03 08:55:20 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2015.03.17 10:02:23 | 000,441,728 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2015.03.17 10:02:23 | 000,268,640 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2015.03.17 10:02:23 | 000,136,752 | ---- | M] (Avast Software s.r.o.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2015.03.17 10:02:23 | 000,088,408 | ---- | M] (Avast Software s.r.o.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2015.03.17 10:02:23 | 000,065,736 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2015.03.17 10:02:23 | 000,029,168 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2015.03.17 10:02:22 | 000,093,528 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2015.03.17 10:02:09 | 001,047,320 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2015.01.31 04:04:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014.12.27 13:50:38 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.10.02 16:44:02 | 000,692,832 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtbth.sys -- (rtbth)
DRV:64bit: - [2012.10.02 10:58:14 | 000,048,608 | ---- | M] (Ralink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IvtUrbBtFlt.sys -- (btUrbFilterDrv)
DRV:64bit: - [2012.09.01 18:01:56 | 000,647,736 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.09.01 18:01:56 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012.07.19 17:47:40 | 000,056,904 | ---- | M] (Ralink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BtL2caScoIf.sys -- (BthL2caScoIfSrv)
DRV:64bit: - [2012.06.15 11:22:02 | 000,023,136 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BtAudioBus.sys -- (BtAudioBusSrv)
DRV:64bit: - [2012.04.06 15:16:20 | 000,685,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.04.06 09:17:42 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.04.06 09:17:32 | 000,021,264 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver.sys -- (SmbDrv)
DRV:64bit: - [2012.04.06 09:17:26 | 000,425,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.03.19 16:32:02 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.03.05 20:39:44 | 001,857,600 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.06 04:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.10.28 02:27:52 | 000,259,688 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 04:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 04:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 04:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009.10.26 02:43:18 | 000,038,944 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UUSB.sys -- (RTL2832UUSB)
DRV:64bit: - [2009.10.26 02:43:16 | 000,117,152 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL2832UBDA.sys -- (RTL2832UBDA)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-2627480295-1213406577-1382408431-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2627480295-1213406577-1382408431-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
IE - HKU\S-1-5-21-2627480295-1213406577-1382408431-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "CZ"
FF - prefs.js..browser.search.highlightCount: 0
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "CZ"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:36.0.1
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.03.17 10:02:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 36.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014.11.29 21:45:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\spravce\AppData\Roaming\Mozilla\Extensions
[2015.03.15 19:20:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\spravce\AppData\Roaming\Mozilla\Firefox\Profiles\g0ofmobo.default\extensions
[2015.03.12 17:43:55 | 000,970,602 | ---- | M] () (No name found) -- C:\Users\spravce\AppData\Roaming\Mozilla\Firefox\Profiles\g0ofmobo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2015.03.06 11:11:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015.03.06 11:12:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
CHR - Extension: No name found = C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.0.0_0\
CHR - Extension: No name found = C:\Users\spravce\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8_0\

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKLM..\Run: [BtTray] C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (IVT Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2627480295-1213406577-1382408431-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-2627480295-1213406577-1382408431-1000..\Run: [TiVme Agent] C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.15.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C54AD818-9651-4937-809E-C4C731E617A8}: DhcpNameServer = 192.168.10.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC6C4E94-12F4-4E8E-8959-9FE4045022B5}: DhcpNameServer = 192.168.15.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.05.07 12:54:49 | 000,000,000 | ---D | M] - H:\AutoRun -- [ CDFS ]
O32 - AutoRun File - [2004.05.07 12:41:08 | 000,655,360 | R--- | M] (Electronic Arts Inc.) - H:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2004.04.30 05:57:06 | 000,569,344 | R--- | M] (Electronic Arts Inc.) - H:\AutoRunGUI.dll -- [ CDFS ]
O32 - AutoRun File - [2004.04.12 14:34:04 | 000,000,113 | R--- | M] () - H:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{c8c3b20e-8da2-11e4-afd2-f4b7e25bf162}\Shell - "" = AutoRun
O33 - MountPoints2\{c8c3b20e-8da2-11e4-afd2-f4b7e25bf162}\Shell\AutoRun\command - "" = H:\setup.exe -- [2004.04.29 03:04:00 | 000,110,592 | R--- | M] (Electronic Arts Inc.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2015.03.19 18:03:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\spravce\Desktop\OTL.exe
[2015.03.18 19:32:26 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015.03.18 11:37:30 | 000,000,000 | ---D | C] -- C:\Users\spravce\Desktop\Textura - diplomka
[2015.03.17 19:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2015.03.17 19:57:58 | 000,000,000 | ---D | C] -- C:\rsit
[2015.03.17 13:19:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015.03.17 13:18:05 | 000,000,000 | ---D | C] -- C:\Users\spravce\AppData\Local\Google
[2015.03.17 13:18:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2015.03.17 10:02:26 | 000,364,472 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015.03.17 10:02:17 | 000,043,112 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015.03.12 18:00:29 | 000,372,224 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015.03.12 18:00:29 | 000,299,008 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015.03.12 18:00:29 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015.03.12 18:00:29 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015.03.12 18:00:29 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015.03.12 18:00:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015.03.12 18:00:28 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015.03.12 18:00:28 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015.03.12 18:00:16 | 000,842,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\blackbox.dll
[2015.03.12 18:00:15 | 000,744,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\blackbox.dll
[2015.03.12 18:00:14 | 001,202,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmv2clt.dll
[2015.03.12 18:00:13 | 000,988,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmv2clt.dll
[2015.03.12 18:00:11 | 014,632,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2015.03.12 18:00:10 | 000,782,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmdrmsdk.dll
[2015.03.12 18:00:10 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmdrmsdk.dll
[2015.03.12 18:00:09 | 005,554,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2015.03.12 18:00:09 | 003,209,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mf.dll
[2015.03.12 18:00:08 | 011,411,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2015.03.12 18:00:05 | 000,497,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drmmgrtn.dll
[2015.03.12 18:00:04 | 001,480,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2015.03.12 18:00:02 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drmmgrtn.dll
[2015.03.12 18:00:00 | 001,574,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2015.03.12 18:00:00 | 000,631,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\evr.dll
[2015.03.12 17:59:59 | 003,973,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2015.03.12 17:59:58 | 003,917,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2015.03.12 17:59:58 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptui.dll
[2015.03.12 17:59:57 | 000,489,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\evr.dll
[2015.03.12 17:59:56 | 001,329,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2015.03.12 17:59:56 | 000,616,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2015.03.12 17:59:56 | 000,532,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2015.03.12 17:59:56 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfplat.dll
[2015.03.12 17:59:54 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptui.dll
[2015.03.12 17:59:54 | 000,354,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfplat.dll
[2015.03.12 17:59:53 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsp.dll
[2015.03.12 17:59:52 | 004,121,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mf.dll
[2015.03.12 17:59:51 | 000,641,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscp.dll
[2015.03.12 17:59:50 | 000,619,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2015.03.12 17:59:49 | 000,693,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2015.03.12 17:59:49 | 000,519,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2015.03.12 17:59:49 | 000,325,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msnetobj.dll
[2015.03.12 17:59:48 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscp.dll
[2015.03.12 17:59:48 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2015.03.12 17:59:48 | 000,457,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ci.dll
[2015.03.12 17:59:48 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2015.03.12 17:59:48 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2015.03.12 17:59:47 | 000,500,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AUDIOKSE.dll
[2015.03.12 17:59:47 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rstrui.exe
[2015.03.12 17:59:47 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\audiodg.exe
[2015.03.12 17:59:46 | 000,371,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2015.03.12 17:59:46 | 000,296,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioSes.dll
[2015.03.12 17:59:46 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msnetobj.dll
[2015.03.12 17:59:44 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\AudioEng.dll
[2015.03.12 17:59:44 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcadm.dll
[2015.03.12 17:59:43 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rrinstaller.exe
[2015.03.12 17:59:42 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\AUDIOKSE.dll
[2015.03.12 17:59:42 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidpolicyconverter.exe
[2015.03.12 17:59:42 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rrinstaller.exe
[2015.03.12 17:59:41 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfps.dll
[2015.03.12 17:59:41 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2015.03.12 17:59:40 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfps.dll
[2015.03.12 17:59:40 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidapi.dll
[2015.03.12 17:59:40 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\appidapi.dll
[2015.03.12 17:59:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcawrk.exe
[2015.03.12 17:59:40 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msmmsp.dll
[2015.03.12 17:59:39 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srclient.dll
[2015.03.12 17:59:39 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfpmp.exe
[2015.03.12 17:59:39 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfpmp.exe
[2015.03.12 17:59:39 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcalua.exe
[2015.03.12 17:59:38 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDump.dll
[2015.03.12 17:59:38 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\setbcdlocale.dll
[2015.03.12 17:59:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2015.03.12 17:59:38 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\appidcertstorecheck.exe
[2015.03.12 17:59:36 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\spwmp.dll
[2015.03.12 17:59:35 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\spwmp.dll
[2015.03.12 17:59:35 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdxm.ocx
[2015.03.12 17:59:35 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxmasf.dll
[2015.03.12 17:59:35 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msdxm.ocx
[2015.03.12 17:59:35 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxmasf.dll
[2015.03.12 17:59:34 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pcaevts.dll
[2015.03.12 17:59:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2015.03.12 17:59:34 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2015.03.12 17:59:33 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2015.03.12 17:59:32 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2015.03.12 17:59:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mferror.dll
[2015.03.12 17:59:30 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mferror.dll
[2015.03.12 17:57:54 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ubpm.dll
[2015.03.12 17:57:54 | 000,171,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ubpm.dll
[2015.03.12 17:57:42 | 001,461,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.03.12 17:57:39 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.03.12 17:57:39 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.03.12 17:57:38 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.03.12 17:57:38 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.03.12 17:57:38 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.03.12 17:57:38 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.03.12 17:57:37 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.03.12 17:57:37 | 000,686,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.03.12 17:57:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.03.12 17:57:37 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.03.12 17:57:36 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.03.12 17:57:36 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.03.12 17:57:05 | 001,067,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msctf.dll
[2015.03.12 17:57:02 | 001,113,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2015.03.12 17:57:02 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2015.03.12 17:57:02 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2015.03.12 17:57:00 | 001,424,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2015.03.12 17:56:51 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.03.12 17:56:50 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.03.12 17:56:50 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.03.12 17:56:50 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.03.12 17:56:49 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.03.12 17:56:48 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.03.12 17:56:47 | 000,718,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.03.12 17:56:47 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.03.12 17:56:46 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.03.12 17:56:46 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.03.12 17:56:43 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.03.12 17:56:42 | 002,052,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.03.12 17:56:42 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2015.03.12 17:56:41 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.03.12 17:56:41 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.03.12 17:56:40 | 000,968,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.03.12 17:56:40 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.03.12 17:56:39 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.03.12 17:56:39 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.03.12 17:56:39 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.03.12 17:56:37 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.03.12 17:56:37 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.03.12 17:56:36 | 002,125,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.03.12 17:56:34 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.03.12 17:56:32 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.03.12 17:56:31 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.03.12 17:56:27 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.03.12 17:56:26 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.03.12 17:56:24 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.03.12 17:56:23 | 006,035,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.03.12 17:56:23 | 001,359,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.03.12 17:56:23 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.03.12 17:56:22 | 000,584,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.03.12 17:56:21 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.03.12 17:56:20 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.03.12 17:55:36 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2015.03.12 17:55:34 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMPhoto.dll
[2015.03.06 11:11:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015.03.03 20:49:52 | 000,950,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\perftrack.dll
[2015.03.03 20:49:52 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\powertracker.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015.03.19 18:07:58 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2015.03.19 18:03:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\spravce\Desktop\OTL.exe
[2015.03.19 17:35:39 | 000,000,952 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.03.19 17:35:03 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.03.19 13:56:21 | 000,056,214 | ---- | M] () -- C:\Users\spravce\Desktop\problematika-syreni-syru-a-syridel.pdf
[2015.03.19 13:56:04 | 008,520,230 | ---- | M] () -- C:\Users\spravce\Desktop\skripta.pdf
[2015.03.19 13:53:36 | 000,664,989 | ---- | M] () -- C:\Users\spravce\Desktop\Životopis Mešková.pdf
[2015.03.19 13:35:01 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.03.19 11:55:44 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.03.19 11:55:44 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.03.19 11:51:48 | 000,000,950 | ---- | M] () -- C:\Windows\SysWow64\bscs.ini
[2015.03.19 11:48:35 | 000,003,620 | ---- | M] () -- C:\Windows\SysWow64\LOCALSERVICE.INI
[2015.03.19 11:48:32 | 000,000,043 | ---- | M] () -- C:\Windows\SysWow64\LOCALDEVICE.INI
[2015.03.19 11:48:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.03.19 11:48:09 | 1528,320,000 | -HS- | M] () -- C:\hiberfil.sys
[2015.03.17 19:57:04 | 001,222,144 | ---- | M] () -- C:\Users\spravce\Desktop\RSITx64.exe
[2015.03.17 19:38:14 | 001,585,684 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.03.17 19:38:14 | 000,669,414 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2015.03.17 19:38:14 | 000,654,762 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.03.17 19:38:14 | 000,141,540 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2015.03.17 19:38:14 | 000,122,132 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.03.17 13:19:47 | 000,002,259 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.03.17 10:02:23 | 000,441,728 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015.03.17 10:02:23 | 000,268,640 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015.03.17 10:02:23 | 000,136,752 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015.03.17 10:02:23 | 000,088,408 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015.03.17 10:02:23 | 000,065,736 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015.03.17 10:02:23 | 000,029,168 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015.03.17 10:02:22 | 000,364,472 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015.03.17 10:02:22 | 000,093,528 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015.03.17 10:02:17 | 000,043,112 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015.03.17 10:02:09 | 001,047,320 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015.03.13 15:06:52 | 000,411,496 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.03.06 10:54:02 | 072,707,658 | ---- | M] () -- C:\Users\spravce\Desktop\Management-I.---Pošvář-Z..pdf
[2015.03.06 10:50:45 | 000,538,078 | ---- | M] () -- C:\Users\spravce\Desktop\zaklady_managementu.pdf
[2015.03.06 06:42:35 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2015.03.06 06:42:35 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2015.03.06 06:42:33 | 000,028,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2015.03.06 06:42:29 | 000,309,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2015.03.06 06:42:27 | 001,461,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2015.03.06 06:41:31 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\auditpol.exe
[2015.03.06 06:39:16 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msobjs.dll
[2015.03.06 06:38:57 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msaudite.dll
[2015.03.06 06:36:56 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\adtschema.dll
[2015.03.06 06:09:31 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\auditpol.exe
[2015.03.06 06:07:50 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msobjs.dll
[2015.03.06 06:07:43 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msaudite.dll
[2015.03.06 06:06:20 | 000,686,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\adtschema.dll
[2015.02.23 10:50:51 | 004,866,485 | ---- | M] () -- C:\Users\spravce\Desktop\zaverecna_prace-1.pdf
[2015.02.21 00:58:53 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2015.02.21 00:32:48 | 000,076,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2015.02.20 05:41:01 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lpk.dll
[2015.02.20 05:40:59 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2015.02.20 05:40:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dciman32.dll
[2015.02.20 05:40:55 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2015.02.20 05:13:49 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2015.02.20 05:13:43 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2015.02.20 04:29:16 | 000,372,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2015.02.20 04:09:16 | 000,299,008 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2015.02.20 04:05:49 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2015.02.20 03:50:14 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2015.02.20 03:49:29 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2015.02.20 03:49:19 | 000,584,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2015.02.20 03:47:56 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2015.02.20 03:40:12 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2015.02.20 03:36:40 | 000,633,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2015.02.20 03:35:17 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2015.02.20 03:35:05 | 000,114,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2015.02.20 03:34:24 | 000,814,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2015.02.20 03:32:34 | 006,035,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2015.02.20 03:26:12 | 000,968,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2015.02.20 03:22:02 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2015.02.20 03:13:57 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2015.02.20 03:08:59 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2015.02.20 03:08:58 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2015.02.20 03:08:13 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2015.02.20 03:06:44 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2015.02.20 03:05:05 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2015.02.20 03:00:34 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2015.02.20 02:58:14 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2015.02.20 02:56:54 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2015.02.20 02:56:07 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2015.02.20 02:49:33 | 000,718,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2015.02.20 02:49:28 | 000,801,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2015.02.20 02:47:06 | 001,359,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2015.02.20 02:46:45 | 002,125,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2015.02.20 02:41:52 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2015.02.20 02:37:46 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2015.02.20 02:24:21 | 002,052,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2015.02.20 02:23:19 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2015.02.20 02:03:34 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2015.02.20 01:55:38 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015.03.19 18:07:58 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2015.03.19 13:56:21 | 000,056,214 | ---- | C] () -- C:\Users\spravce\Desktop\problematika-syreni-syru-a-syridel.pdf
[2015.03.19 13:56:00 | 008,520,230 | ---- | C] () -- C:\Users\spravce\Desktop\skripta.pdf
[2015.03.19 13:53:35 | 000,664,989 | ---- | C] () -- C:\Users\spravce\Desktop\Životopis Mešková.pdf
[2015.03.17 19:56:54 | 001,222,144 | ---- | C] () -- C:\Users\spravce\Desktop\RSITx64.exe
[2015.03.17 13:19:47 | 000,002,259 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015.03.17 13:18:20 | 000,000,952 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.03.17 13:18:17 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.03.06 10:50:33 | 000,538,078 | ---- | C] () -- C:\Users\spravce\Desktop\zaklady_managementu.pdf
[2015.03.06 10:47:41 | 072,707,658 | ---- | C] () -- C:\Users\spravce\Desktop\Management-I.---Pošvář-Z..pdf
[2015.02.23 10:50:50 | 004,866,485 | ---- | C] () -- C:\Users\spravce\Desktop\zaverecna_prace-1.pdf
[2015.01.16 13:15:10 | 000,000,525 | ---- | C] () -- C:\Windows\eReg.dat
[2014.12.27 15:06:13 | 000,000,476 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014.11.29 21:46:39 | 001,561,518 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.11.29 21:39:42 | 000,003,620 | ---- | C] () -- C:\Windows\SysWow64\LOCALSERVICE.INI
[2014.11.29 21:39:42 | 000,000,043 | ---- | C] () -- C:\Windows\SysWow64\LOCALDEVICE.INI

========== ZeroAccess Check ==========

Jeste poprosim o zbytek OTL.txt

VIRY.CZ

Zpomalený prohlížeč, startuje pomalu

Zpomalený prohlížeč, startuje pomalu

Re: Zpomalený prohlížeč, startuje pomalu

Re: Zpomalený prohlížeč, startuje pomalu

Re: Zpomalený prohlížeč, startuje pomalu

Re: Zpomalený prohlížeč, startuje pomalu

Re: Zpomalený prohlížeč, startuje pomalu

Re: Zpomalený prohlížeč, startuje pomalu

Re: Zpomalený prohlížeč, startuje pomalu

Re: Zpomalený prohlížeč, startuje pomalu

Re: Zpomalený prohlížeč, startuje pomalu

Re: Zpomalený prohlížeč, startuje pomalu