Ahoj experti.
Prosim o pomoc s kamaradovym PC. Chova se to dost divne - u nej doma se velmi často při prohlizeni netu presmeruje stranka na adultyum.info (nekdy i cesky psane nejake vydelavani na netu). Dela to vic Explorer ale i Chrome to párkrát udelalo. Deje se to nepravidelne. Divne je, ze u nej po zapnuti to v podstate skoro porad dělalo, u me doma to za hodinu na netu udelal jen jednou.
Sam si předtím projel PC z live CD Eset rescue, ADW cleanerem a Ccleanerem. Něco to naslo a odstranilo ale konkretne nevim co.
Uplne stejne se chova i jeho druhé PC, ale zatím sem davam jen toto.
Log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Schovalovi at 2015-03-22 20:14:48
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 537 GB (90%) free of 595 GB
Total RAM: 4003 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:14:54, on 22.3.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Schovalovi.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=c:\windows\syswow64\userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
O4 - HKLM\..\Run: [RoxWatchTray] "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} (SysInfo Class) - http://content.systemrequirementslab.co ... 5.15.0.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Data Vault (DellDataVault) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVault.exe
O23 - Service: Dell Data Vault Wizard (DellDataVaultWiz) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NMSAccess - Unknown owner - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10772 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\windows\system32\WLANExt.exe 39592448
\??\C:\windows\system32\conhost.exe "-1586682093-1334545047-172411149-9796174341675718508-249550483-14808859851864285783
C:\windows\System32\spoolsv.exe
"taskhost.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Dell\QuickSet\quickset.exe"
"C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe" -Quiet
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE" C:\Users\Schovalovi
"C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
StageRemoteService.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe" -Embedding
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k bthsvcs
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"Apntex.exe"
\??\C:\windows\system32\conhost.exe "-154423636612689210452027068079254418619-2089846757-21163216171695111986270146223
"C:\Program Files\DellTPad\HidFind.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --channel="3192.0.604335022\2121876958" --no-sandbox --lang=en-US --log-file="C:\Users\Schovalovi\AppData\Roaming\AVAST Software\Avast\log\avastium.log" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 Avastium (10.2.2214)" --proxy-auto-detect --disable-gpu --disable-software-rasterizer --no-sandbox --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.4101 --lang=en-US --log-file="C:\Users\Schovalovi\AppData\Roaming\AVAST Software\Avast\log\avastium.log" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 Avastium (10.2.2214)" --proxy-auto-detect --disable-gpu --disable-software-rasterizer --no-sandbox /prefetch:822062411
"C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Dell\DellDataVault\DellDataVault.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-4079129769-1885185996-2590329431-10009_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-4079129769-1885185996-2590329431-10009 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe10_ Global\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Schovalovi\Desktop\RSITx64.exe"
C:\windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-21 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-31 49440]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-21 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-01-25 525312]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2011-04-13 609144]
"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2011-03-24 3668336]
"Stage Remote"=C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2011-06-28 2022976]
"DellStage"=C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2011-05-30 2055816]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2015-01-30 174480]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2015-01-30 402320]
"Persistence"=C:\windows\system32\igfxpers.exe [2015-01-30 445328]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23 31087200]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AccuWeatherWidget]
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [2011-05-30 885760]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central]
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2011-04-13 503942]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-11-06 283160]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-05-12 336384]
"NUSB3MON"=C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"Dell Registration"=C:\Program Files (x86)\System Registration\prodreg.exe [2011-08-04 4165440]
""= []
"RoxWatchTray"=c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [2010-11-25 240112]
"Desktop Disc Tool"=c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [2010-11-17 514544]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-03-21 5511352]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12 959176]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2015-01-30 442880]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-03-22 16:24:53 ----A---- C:\windows\ntbtlog.txt
2015-03-21 06:51:58 ----A---- C:\windows\system32\aswBoot.exe
2015-03-21 06:51:54 ----A---- C:\windows\avastSS.scr
2015-03-20 22:09:47 ----A---- C:\windows\system32\FNTCACHE.DAT
2015-03-20 21:54:31 ----A---- C:\windows\SYSWOW64\mstscax.dll
2015-03-20 21:54:30 ----A---- C:\windows\system32\mstscax.dll
2015-03-20 21:54:29 ----A---- C:\windows\system32\TSWbPrxy.exe
2015-03-20 21:43:32 ----A---- C:\windows\system32\TsUsbGDCoInstaller.dll
2015-03-20 21:43:25 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-03-20 21:43:25 ----A---- C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-03-20 21:43:25 ----A---- C:\windows\system32\drivers\TsUsbFlt.sys
2015-03-20 21:43:24 ----A---- C:\windows\SYSWOW64\wksprtPS.dll
2015-03-20 21:43:24 ----A---- C:\windows\SYSWOW64\tsgqec.dll
2015-03-20 21:43:24 ----A---- C:\windows\SYSWOW64\mstsc.exe
2015-03-20 21:43:24 ----A---- C:\windows\SYSWOW64\MsRdpWebAccess.dll
2015-03-20 21:43:24 ----A---- C:\windows\system32\wksprtPS.dll
2015-03-20 21:43:24 ----A---- C:\windows\system32\wksprt.exe
2015-03-20 21:43:24 ----A---- C:\windows\system32\tsgqec.dll
2015-03-20 21:43:24 ----A---- C:\windows\system32\MsRdpWebAccess.dll
2015-03-20 21:43:23 ----A---- C:\windows\SYSWOW64\rdvidcrl.dll
2015-03-20 21:43:23 ----A---- C:\windows\system32\mstsc.exe
2015-03-20 21:43:22 ----A---- C:\windows\system32\rdvidcrl.dll
2015-03-20 21:25:45 ----D---- C:\ProgramData\HitmanPro
2015-03-20 21:13:07 ----D---- C:\ProgramData\Malwarebytes
2015-03-12 14:38:38 ----HDC---- C:\ProgramData\{6AACA38B-2810-4B47-BDEC-D7A1F38B1531}
2015-03-11 09:44:39 ----A---- C:\windows\SYSWOW64\dciman32.dll
2015-03-11 09:44:39 ----A---- C:\windows\SYSWOW64\atmlib.dll
2015-03-11 09:44:39 ----A---- C:\windows\SYSWOW64\atmfd.dll
2015-03-11 09:44:39 ----A---- C:\windows\system32\lpk.dll
2015-03-11 09:44:39 ----A---- C:\windows\system32\fontsub.dll
2015-03-11 09:44:39 ----A---- C:\windows\system32\dciman32.dll
2015-03-11 09:44:39 ----A---- C:\windows\system32\atmlib.dll
2015-03-11 09:44:39 ----A---- C:\windows\system32\atmfd.dll
2015-03-11 09:44:38 ----A---- C:\windows\SYSWOW64\lpk.dll
2015-03-11 09:44:38 ----A---- C:\windows\SYSWOW64\fontsub.dll
2015-03-11 09:44:31 ----A---- C:\windows\SYSWOW64\blackbox.dll
2015-03-11 09:44:31 ----A---- C:\windows\system32\blackbox.dll
2015-03-11 09:44:30 ----A---- C:\windows\system32\drmv2clt.dll
2015-03-11 09:44:29 ----A---- C:\windows\SYSWOW64\drmv2clt.dll
2015-03-11 09:44:28 ----A---- C:\windows\system32\wmp.dll
2015-03-11 09:44:27 ----A---- C:\windows\SYSWOW64\wmdrmsdk.dll
2015-03-11 09:44:27 ----A---- C:\windows\SYSWOW64\mf.dll
2015-03-11 09:44:27 ----A---- C:\windows\system32\wmdrmsdk.dll
2015-03-11 09:44:27 ----A---- C:\windows\system32\ntoskrnl.exe
2015-03-11 09:44:26 ----A---- C:\windows\SYSWOW64\wmp.dll
2015-03-11 09:44:25 ----A---- C:\windows\system32\drmmgrtn.dll
2015-03-11 09:44:25 ----A---- C:\windows\system32\crypt32.dll
2015-03-11 09:44:24 ----A---- C:\windows\SYSWOW64\drmmgrtn.dll
2015-03-11 09:44:23 ----A---- C:\windows\SYSWOW64\crypt32.dll
2015-03-11 09:44:23 ----A---- C:\windows\system32\quartz.dll
2015-03-11 09:44:23 ----A---- C:\windows\system32\drivers\PEAuth.sys
2015-03-11 09:44:22 ----A---- C:\windows\system32\evr.dll
2015-03-11 09:44:21 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-03-11 09:44:19 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-03-11 09:44:18 ----A---- C:\windows\system32\cryptui.dll
2015-03-11 09:44:17 ----A---- C:\windows\SYSWOW64\quartz.dll
2015-03-11 09:44:17 ----A---- C:\windows\SYSWOW64\evr.dll
2015-03-11 09:44:17 ----A---- C:\windows\system32\winresume.exe
2015-03-11 09:44:17 ----A---- C:\windows\system32\mfplat.dll
2015-03-11 09:44:16 ----A---- C:\windows\SYSWOW64\mfplat.dll
2015-03-11 09:44:16 ----A---- C:\windows\SYSWOW64\cryptui.dll
2015-03-11 09:44:16 ----A---- C:\windows\SYSWOW64\cryptsp.dll
2015-03-11 09:44:16 ----A---- C:\windows\system32\pcasvc.dll
2015-03-11 09:44:16 ----A---- C:\windows\system32\drivers\mountmgr.sys
2015-03-11 09:44:16 ----A---- C:\windows\system32\cryptsp.dll
2015-03-11 09:44:15 ----A---- C:\windows\system32\msscp.dll
2015-03-11 09:44:15 ----A---- C:\windows\system32\mf.dll
2015-03-11 09:44:14 ----A---- C:\windows\system32\winload.exe
2015-03-11 09:44:13 ----A---- C:\windows\SYSWOW64\qdvd.dll
2015-03-11 09:44:13 ----A---- C:\windows\system32\msnetobj.dll
2015-03-11 09:44:12 ----A---- C:\windows\SYSWOW64\wintrust.dll
2015-03-11 09:44:12 ----A---- C:\windows\SYSWOW64\msscp.dll
2015-03-11 09:44:12 ----A---- C:\windows\SYSWOW64\cryptnet.dll
2015-03-11 09:44:12 ----A---- C:\windows\system32\wintrust.dll
2015-03-11 09:44:12 ----A---- C:\windows\system32\srcore.dll
2015-03-11 09:44:12 ----A---- C:\windows\system32\rstrui.exe
2015-03-11 09:44:12 ----A---- C:\windows\system32\cryptnet.dll
2015-03-11 09:44:12 ----A---- C:\windows\system32\ci.dll
2015-03-11 09:44:12 ----A---- C:\windows\system32\audiosrv.dll
2015-03-11 09:44:12 ----A---- C:\windows\system32\appidsvc.dll
2015-03-11 09:44:11 ----A---- C:\windows\SYSWOW64\cryptsvc.dll
2015-03-11 09:44:11 ----A---- C:\windows\system32\drivers\appid.sys
2015-03-11 09:44:11 ----A---- C:\windows\system32\AudioSes.dll
2015-03-11 09:44:11 ----A---- C:\windows\system32\AUDIOKSE.dll
2015-03-11 09:44:11 ----A---- C:\windows\system32\audiodg.exe
2015-03-11 09:44:10 ----A---- C:\windows\SYSWOW64\msnetobj.dll
2015-03-11 09:44:10 ----A---- C:\windows\system32\qdvd.dll
2015-03-11 09:44:10 ----A---- C:\windows\system32\cryptsvc.dll
2015-03-11 09:44:09 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2015-03-11 09:44:09 ----A---- C:\windows\system32\pcadm.dll
2015-03-11 09:44:09 ----A---- C:\windows\system32\AudioEng.dll
2015-03-11 09:44:08 ----A---- C:\windows\SYSWOW64\rrinstaller.exe
2015-03-11 09:44:08 ----A---- C:\windows\system32\rrinstaller.exe
2015-03-11 09:44:08 ----A---- C:\windows\system32\appidpolicyconverter.exe
2015-03-11 09:44:07 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2015-03-11 09:44:06 ----A---- C:\windows\system32\smss.exe
2015-03-11 09:44:05 ----A---- C:\windows\SYSWOW64\mfps.dll
2015-03-11 09:44:05 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2015-03-11 09:44:05 ----A---- C:\windows\SYSWOW64\appidapi.dll
2015-03-11 09:44:05 ----A---- C:\windows\system32\pcawrk.exe
2015-03-11 09:44:05 ----A---- C:\windows\system32\msmmsp.dll
2015-03-11 09:44:05 ----A---- C:\windows\system32\mfps.dll
2015-03-11 09:44:05 ----A---- C:\windows\system32\appidapi.dll
2015-03-11 09:44:04 ----A---- C:\windows\SYSWOW64\mfpmp.exe
2015-03-11 09:44:04 ----A---- C:\windows\system32\srclient.dll
2015-03-11 09:44:04 ----A---- C:\windows\system32\pcalua.exe
2015-03-11 09:44:04 ----A---- C:\windows\system32\mfpmp.exe
2015-03-11 09:44:03 ----A---- C:\windows\system32\setbcdlocale.dll
2015-03-11 09:44:03 ----A---- C:\windows\system32\EncDump.dll
2015-03-11 09:44:03 ----A---- C:\windows\system32\csrsrv.dll
2015-03-11 09:44:02 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-03-11 09:44:00 ----A---- C:\windows\system32\appidcertstorecheck.exe
2015-03-11 09:43:54 ----A---- C:\windows\SYSWOW64\spwmp.dll
2015-03-11 09:43:54 ----A---- C:\windows\system32\spwmp.dll
2015-03-11 09:43:53 ----A---- C:\windows\SYSWOW64\dxmasf.dll
2015-03-11 09:43:53 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-03-11 09:43:53 ----A---- C:\windows\system32\pcaevts.dll
2015-03-11 09:43:53 ----A---- C:\windows\system32\dxmasf.dll
2015-03-11 09:43:53 ----A---- C:\windows\system32\apisetschema.dll
2015-03-11 09:43:51 ----A---- C:\windows\SYSWOW64\wmploc.DLL
2015-03-11 09:43:50 ----A---- C:\windows\system32\wmploc.DLL
2015-03-11 09:43:45 ----A---- C:\windows\SYSWOW64\mferror.dll
2015-03-11 09:43:45 ----A---- C:\windows\system32\mferror.dll
2015-03-11 09:43:37 ----A---- C:\windows\system32\rdpcorets.dll
2015-03-11 09:43:36 ----A---- C:\windows\system32\rdpudd.dll
2015-03-11 09:43:35 ----A---- C:\windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 09:43:05 ----A---- C:\windows\system32\ubpm.dll
2015-03-11 09:43:04 ----A---- C:\windows\SYSWOW64\ubpm.dll
2015-03-11 09:43:03 ----A---- C:\windows\system32\shell32.dll
2015-03-11 09:43:02 ----A---- C:\windows\SYSWOW64\shell32.dll
2015-03-11 09:42:59 ----A---- C:\windows\system32\schannel.dll
2015-03-11 09:42:59 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-03-11 09:42:59 ----A---- C:\windows\system32\drivers\cng.sys
2015-03-11 09:42:58 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-03-11 09:42:58 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-03-11 09:42:58 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-03-11 09:42:58 ----A---- C:\windows\system32\lsasrv.dll
2015-03-11 09:42:58 ----A---- C:\windows\system32\kerberos.dll
2015-03-11 09:42:58 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-03-11 09:42:57 ----A---- C:\windows\system32\msv1_0.dll
2015-03-11 09:42:56 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-03-11 09:42:56 ----A---- C:\windows\system32\wdigest.dll
2015-03-11 09:42:56 ----A---- C:\windows\system32\TSpkg.dll
2015-03-11 09:42:56 ----A---- C:\windows\system32\ncrypt.dll
2015-03-11 09:42:55 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-03-11 09:42:55 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-03-11 09:42:55 ----A---- C:\windows\system32\sspicli.dll
2015-03-11 09:42:54 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-03-11 09:42:54 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-03-11 09:42:54 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-03-11 09:42:54 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-03-11 09:42:54 ----A---- C:\windows\system32\sspisrv.dll
2015-03-11 09:42:54 ----A---- C:\windows\system32\secur32.dll
2015-03-11 09:42:54 ----A---- C:\windows\system32\lsass.exe
2015-03-11 09:42:54 ----A---- C:\windows\system32\credssp.dll
2015-03-11 09:42:54 ----A---- C:\windows\system32\auditpol.exe
2015-03-11 09:42:54 ----A---- C:\windows\system32\adtschema.dll
2015-03-11 09:42:53 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-03-11 09:42:53 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-03-11 09:42:53 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-03-11 09:42:53 ----A---- C:\windows\system32\msobjs.dll
2015-03-11 09:42:53 ----A---- C:\windows\system32\msaudite.dll
2015-03-11 09:42:50 ----A---- C:\windows\SYSWOW64\msctf.dll
2015-03-11 09:42:50 ----A---- C:\windows\system32\msctf.dll
2015-03-11 09:42:48 ----A---- C:\windows\system32\WindowsCodecs.dll
2015-03-11 09:42:47 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2015-03-11 09:42:44 ----A---- C:\windows\system32\win32k.sys
2015-03-11 09:42:42 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-03-11 09:42:42 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-03-11 09:42:42 ----A---- C:\windows\system32\ieetwcollector.exe
2015-03-11 09:42:41 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-03-11 09:42:41 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-03-11 09:42:41 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-03-11 09:42:40 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-03-11 09:42:40 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-03-11 09:42:40 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-03-11 09:42:40 ----A---- C:\windows\system32\iernonce.dll
2015-03-11 09:42:40 ----A---- C:\windows\system32\ie4uinit.exe
2015-03-11 09:42:39 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-03-11 09:42:39 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-03-11 09:42:39 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-03-11 09:42:39 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 09:42:37 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-03-11 09:42:37 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-03-11 09:42:37 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-03-11 09:42:37 ----A---- C:\windows\system32\urlmon.dll
2015-03-11 09:42:37 ----A---- C:\windows\system32\iedkcs32.dll
2015-03-11 09:42:36 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-03-11 09:42:36 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-03-11 09:42:36 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-03-11 09:42:36 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-03-11 09:42:36 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-03-11 09:42:36 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-11 09:42:36 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-03-11 09:42:36 ----A---- C:\windows\system32\dxtrans.dll
2015-03-11 09:42:35 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-03-11 09:42:35 ----A---- C:\windows\system32\msfeeds.dll
2015-03-11 09:42:34 ----A---- C:\windows\system32\iesetup.dll
2015-03-11 09:42:34 ----A---- C:\windows\system32\ieapfltr.dll
2015-03-11 09:42:32 ----A---- C:\windows\system32\iertutil.dll
2015-03-11 09:42:31 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-03-11 09:42:31 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-03-11 09:42:31 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-03-11 09:42:31 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-03-11 09:42:30 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-03-11 09:42:30 ----A---- C:\windows\system32\jsproxy.dll
2015-03-11 09:42:30 ----A---- C:\windows\system32\ieUnatt.exe
2015-03-11 09:42:29 ----A---- C:\windows\system32\ieui.dll
2015-03-11 09:42:29 ----A---- C:\windows\system32\ieframe.dll
2015-03-11 09:42:29 ----A---- C:\windows\system32\dxtmsft.dll
2015-03-11 09:42:28 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-03-11 09:42:28 ----A---- C:\windows\system32\mshtmled.dll
2015-03-11 09:42:28 ----A---- C:\windows\system32\jscript9diag.dll
2015-03-11 09:42:27 ----A---- C:\windows\system32\wininet.dll
2015-03-11 09:42:27 ----A---- C:\windows\system32\vbscript.dll
2015-03-11 09:42:27 ----A---- C:\windows\system32\jscript9.dll
2015-03-11 09:42:26 ----A---- C:\windows\system32\msrating.dll
2015-03-11 09:42:26 ----A---- C:\windows\system32\MshtmlDac.dll
2015-03-11 09:42:25 ----A---- C:\windows\system32\mshtml.dll
2015-03-11 09:40:31 ----A---- C:\windows\SYSWOW64\WMPhoto.dll
2015-03-11 09:40:31 ----A---- C:\windows\system32\WMPhoto.dll
======List of files/folders modified in the last 1 month======
2015-03-22 20:14:54 ----D---- C:\windows\Prefetch
2015-03-22 20:14:54 ----D---- C:\Program Files\trend micro
2015-03-22 20:14:51 ----AD---- C:\windows\Temp
2015-03-22 19:13:51 ----SHD---- C:\windows\Installer
2015-03-22 19:13:51 ----D---- C:\windows\SYSWOW64\drivers
2015-03-22 19:13:28 ----HD---- C:\ProgramData
2015-03-22 19:13:27 ----RD---- C:\Program Files (x86)
2015-03-22 19:12:47 ----SHD---- C:\System Volume Information
2015-03-22 19:11:08 ----D---- C:\windows\system32\drivers
2015-03-22 19:09:06 ----A---- C:\windows\SYSWOW64\log.txt
2015-03-22 19:08:00 ----D---- C:\Users\Schovalovi\AppData\Roaming\Skype
2015-03-22 19:06:38 ----D---- C:\Program Files (x86)\Dell DataSafe Local Backup
2015-03-22 17:13:29 ----D---- C:\windows\system32\config
2015-03-22 16:24:53 ----AD---- C:\Windows
2015-03-21 06:52:08 ----D---- C:\windows\system32\Tasks
2015-03-21 06:51:58 ----AD---- C:\windows\System32
2015-03-21 06:45:16 ----RD---- C:\Program Files
2015-03-21 02:14:22 ----D---- C:\windows\rescache
2015-03-21 02:00:02 ----D---- C:\windows\system32\LogFiles
2015-03-20 22:28:55 ----D---- C:\windows\winsxs
2015-03-20 22:14:40 ----D---- C:\windows\system32\catroot2
2015-03-20 22:09:40 ----D---- C:\Program Files\Google
2015-03-20 22:09:40 ----D---- C:\Program Files (x86)\Google
2015-03-20 22:07:01 ----RD---- C:\Program Files (x86)\Skype
2015-03-20 22:05:24 ----D---- C:\windows\Panther
2015-03-20 22:05:24 ----D---- C:\windows\Logs
2015-03-20 22:05:24 ----D---- C:\windows\inf
2015-03-20 22:05:24 ----D---- C:\windows\debug
2015-03-20 22:01:39 ----D---- C:\windows\Minidump
2015-03-20 21:54:51 ----D---- C:\windows\SYSWOW64\cs-CZ
2015-03-20 21:54:51 ----D---- C:\windows\system32\cs-CZ
2015-03-20 21:54:39 ----D---- C:\windows\SysWOW64
2015-03-20 21:45:03 ----D---- C:\windows\SYSWOW64\wbem
2015-03-20 21:45:03 ----D---- C:\windows\system32\wbem
2015-03-20 21:45:03 ----D---- C:\windows\system32\DriverStore
2015-03-20 21:45:03 ----D---- C:\windows\system32\drivers\en-US
2015-03-20 21:44:43 ----A---- C:\windows\SYSWOW64\PerfStringBackup.INI
2015-03-20 21:44:28 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-03-20 21:40:03 ----D---- C:\ProgramData\Adobe
2015-03-20 21:40:01 ----D---- C:\Program Files (x86)\Adobe
2015-03-20 21:36:12 ----D---- C:\ProgramData\Sonic
2015-03-20 20:50:26 ----D---- C:\Users\Schovalovi\AppData\Roaming\SoftGrid Client
2015-03-12 14:38:13 ----D---- C:\windows\Tasks
2015-03-12 14:36:53 ----D---- C:\ProgramData\SupportAssistAgent
2015-03-12 07:12:52 ----D---- C:\windows\SYSWOW64\Dism
2015-03-12 07:12:52 ----D---- C:\Program Files\Windows Media Player
2015-03-12 07:12:52 ----D---- C:\Program Files (x86)\Windows Media Player
2015-03-12 07:12:49 ----D---- C:\windows\system32\Dism
2015-03-12 07:12:48 ----D---- C:\windows\system32\en-US
2015-03-12 07:12:46 ----D---- C:\windows\system32\CodeIntegrity
2015-03-12 07:12:46 ----D---- C:\windows\system32\Boot
2015-03-12 07:12:39 ----D---- C:\Program Files\Internet Explorer
2015-03-12 07:12:38 ----D---- C:\windows\SYSWOW64\en-US
2015-03-12 07:12:35 ----D---- C:\Program Files (x86)\Internet Explorer
2015-03-11 22:28:31 ----D---- C:\windows\system32\MRT
2015-03-11 22:23:08 ----A---- C:\windows\system32\MRT.exe
2015-03-06 07:16:27 ----D---- C:\ProgramData\Skype
2015-02-27 15:03:38 ----D---- C:\Dell
2015-02-24 03:17:24 ----N---- C:\windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2015-03-21 65736]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2015-03-21 268640]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-11-07 438808]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2015-03-21 93528]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2015-03-21 1047320]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2015-03-21 441728]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2015-03-21 29168]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2015-03-21 88408]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2015-03-21 136752]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\windows\system32\DRIVERS\Apfiltr.sys [2011-05-13 363856]
R3 BCM43XX;Ovladač pro bezdrátovou síťovou kartu DW WLAN; C:\windows\system32\DRIVERS\bcmwl664.sys [2010-11-24 4719168]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 BTWAMPFL;btwampfl; C:\windows\system32\DRIVERS\btwampfl.sys [2011-01-14 349736]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2011-01-14 106536]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2011-01-14 138280]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2011-01-14 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2011-01-14 21416]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
R3 DDDriver;DDDriver; C:\windows\system32\drivers\DDDriver64Dcsa.sys [2015-01-30 23760]
R3 DellProf;DellProf; C:\windows\system32\drivers\DellProf.sys [2015-01-30 23312]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2015-01-30 5375448]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2013-07-01 342528]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 Sftfs;Sftfs; C:\windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2011-01-25 520192]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2011-05-12 9319424]
S3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2011-05-12 304128]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 intelkmd;intelkmd; C:\windows\system32\DRIVERS\igdpmd64.sys [2011-08-09 12289472]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-10-30 250984]
S3 StarOpen;StarOpen; C:\windows\system32\drivers\StarOpen.sys [2009-11-12 5504]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2006-11-01 151656]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2011-05-12 203264]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-03-21 343336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-01-13 956192]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 DellDataVault;Dell Data Vault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2015-02-26 2557136]
R2 DellDataVaultWiz;Dell Data Vault Wizard; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2015-02-26 201936]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-10-06 325656]
R2 NMSAccess;NMSAccess; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [2010-03-04 71096]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 SftService;SoftThinks Agent Service; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-25 296448]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S2 RoxWatch12;Roxio Hard Drive Watcher 12; c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S2 SupportAssistAgent;Dell SupportAssist Agent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2015-03-04 19288]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-12 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2015-01-30 281488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 stllssvr;stllssvr; c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2010-11-08 74392]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-02-01 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
-----------------EOF-----------------
Moc diky!
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
nepravidelne presmerovani na pornostranky
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
nepravidelne presmerovani na pornostranky
Usmívej se, bude hůř! 
-
Rudy
- Site Admin
- Příspěvky: 119490
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nepravidelne presmerovani na pornostranky
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nepravidelne presmerovani na pornostranky
uz byl pousten včera (log bohužel nemam). Dnesni log:
# AdwCleaner v4.113 - Logfile created 22/03/2015 at 21:44:03
# Updated 22/03/2015 by Xplode
# Database : 2015-03-22.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Schovalovi - SCHOVALOVI-PC
# Running from : C:\Users\Schovalovi\Desktop\adwcleaner_4.113.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17689
-\\ Google Chrome v41.0.2272.101
*************************
AdwCleaner[R0].txt - [765 bytes] - [22/03/2015 21:42:05]
AdwCleaner[S0].txt - [693 bytes] - [22/03/2015 21:44:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [751 bytes] ##########
# AdwCleaner v4.113 - Logfile created 22/03/2015 at 21:44:03
# Updated 22/03/2015 by Xplode
# Database : 2015-03-22.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Schovalovi - SCHOVALOVI-PC
# Running from : C:\Users\Schovalovi\Desktop\adwcleaner_4.113.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
***** [ Scheduled tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17689
-\\ Google Chrome v41.0.2272.101
*************************
AdwCleaner[R0].txt - [765 bytes] - [22/03/2015 21:42:05]
AdwCleaner[S0].txt - [693 bytes] - [22/03/2015 21:44:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [751 bytes] ##########
Usmívej se, bude hůř!
-
Rudy
- Site Admin
- Příspěvky: 119490
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nepravidelne presmerovani na pornostranky
Toto je OK. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=24&t=132509 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nepravidelne presmerovani na pornostranky
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Schovalovi (administrator) on SCHOVALOVI-PC on 23-03-2015 05:59:54
Running from C:\Users\Schovalovi\Desktop
Loaded Profiles: Schovalovi (Available profiles: Schovalovi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Schovalovi\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-13] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-28] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055816 2011-05-30] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-21] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4079129769-1885185996-2590329431-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-21] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-31] (Sun Microsystems, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-21] (Avast Software s.r.o.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 5.15.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.168.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll [2014-10-12] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-31] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll [2014-10-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-03]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "https://www.google.cz/"
CHR DefaultSearchURL: Default -> http://www.google.com/search?q={searchT ... AW_csCZ406
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-20]
CHR Extension: (Google Drive) - C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-18]
CHR Extension: (YouTube) - C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-18]
CHR Extension: (Google Search) - C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-18]
CHR Extension: (Google Wallet) - C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (Gmail) - C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-21]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2011-05-12] (AMD) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-21] (Avast Software s.r.o.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 NMSAccess; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9319424 2011-05-12] (ATI Technologies Inc.) [File not signed]
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [304128 2011-05-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-21] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-21] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-21] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-21] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-21] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-21] ()
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd64.sys [12289472 2011-08-09] (Intel Corporation) [File not signed]
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () [File not signed]
S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-23 05:59 - 2015-03-23 06:00 - 00015712 _____ () C:\Users\Schovalovi\Desktop\FRST.txt
2015-03-23 05:59 - 2015-03-23 05:59 - 00000000 ____D () C:\FRST
2015-03-23 05:57 - 2015-03-23 05:57 - 02095616 _____ (Farbar) C:\Users\Schovalovi\Desktop\FRST64.exe
2015-03-23 05:57 - 2015-03-23 05:57 - 00112640 _____ (forum.viry.cz) C:\Users\Schovalovi\Desktop\FRSTLauncher.exe
2015-03-22 21:42 - 2015-03-22 21:44 - 00000000 ____D () C:\AdwCleaner
2015-03-22 21:41 - 2015-03-22 21:41 - 02168320 _____ () C:\Users\Schovalovi\Desktop\adwcleaner_4.113.exe
2015-03-22 20:14 - 2015-03-22 20:14 - 01222144 _____ () C:\Users\Schovalovi\Desktop\RSITx64.exe
2015-03-22 19:11 - 2015-03-22 19:12 - 00000848 _____ () C:\windows\system32\Drivers\kgpcpy.cfg
2015-03-22 17:13 - 2015-03-22 17:13 - 00000016 _____ () C:\windows\system32\config\software.szfi
2015-03-21 06:52 - 2015-03-21 06:52 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-21 06:52 - 2015-03-21 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-21 06:51 - 2015-03-21 06:51 - 00364472 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-03-21 06:51 - 2015-03-21 06:51 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr
2015-03-20 22:19 - 2015-03-20 22:19 - 00074856 _____ () C:\Users\Schovalovi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-20 22:10 - 2015-03-22 21:44 - 00000504 _____ () C:\windows\setupact.log
2015-03-20 22:10 - 2015-03-20 22:10 - 00000000 _____ () C:\windows\setuperr.log
2015-03-20 22:09 - 2015-03-21 06:57 - 00004138 _____ () C:\windows\PFRO.log
2015-03-20 22:09 - 2015-03-20 22:10 - 00320152 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-20 21:54 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-03-20 21:54 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-03-20 21:54 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-03-20 21:43 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2015-03-20 21:43 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-03-20 21:43 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-03-20 21:43 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2015-03-20 21:43 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2015-03-20 21:43 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-03-20 21:43 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2015-03-20 21:43 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-03-20 21:43 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2015-03-20 21:43 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2015-03-20 21:43 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-03-20 21:43 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-03-20 21:43 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2015-03-20 21:43 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-03-20 21:43 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2015-03-20 21:40 - 2015-03-20 21:41 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-20 21:40 - 2015-03-20 21:40 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-03-20 21:25 - 2015-03-20 21:33 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-03-20 21:13 - 2015-03-20 21:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-12 14:38 - 2015-03-12 14:38 - 00000000 __HDC () C:\ProgramData\{6AACA38B-2810-4B47-BDEC-D7A1F38B1531}
2015-03-11 09:44 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-11 09:44 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-11 09:44 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-11 09:44 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-11 09:44 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-03-11 09:44 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-11 09:44 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-03-11 09:44 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-03-11 09:44 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-11 09:44 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-11 09:44 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-11 09:44 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-03-11 09:44 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-11 09:44 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-03-11 09:44 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-11 09:44 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-11 09:44 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-03-11 09:44 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-03-11 09:44 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-03-11 09:44 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-03-11 09:44 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-03-11 09:44 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-11 09:44 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-11 09:44 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-11 09:44 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-03-11 09:43 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-11 09:43 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-11 09:43 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-11 09:43 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-11 09:43 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-11 09:43 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-11 09:43 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-11 09:43 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-11 09:43 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-11 09:43 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-11 09:43 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-03-11 09:43 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-03-11 09:43 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-03-11 09:43 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-03-11 09:43 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-03-11 09:43 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-03-11 09:43 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-03-11 09:43 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-03-11 09:43 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 09:43 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2015-03-11 09:42 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-11 09:42 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-11 09:42 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-11 09:42 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-11 09:42 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-11 09:42 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-11 09:42 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-11 09:42 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-03-11 09:42 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-03-11 09:42 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-03-11 09:42 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-03-11 09:42 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-03-11 09:42 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-03-11 09:42 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-11 09:42 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-11 09:42 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-11 09:42 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-11 09:42 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-11 09:42 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-11 09:42 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-11 09:42 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-11 09:42 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-11 09:42 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-11 09:42 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-11 09:42 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-11 09:42 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-11 09:42 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-11 09:42 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-11 09:42 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-11 09:42 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-11 09:42 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-11 09:42 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-11 09:42 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-11 09:42 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-11 09:42 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-11 09:42 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-11 09:42 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-11 09:42 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-11 09:42 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-11 09:42 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-11 09:42 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 09:42 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-11 09:42 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-11 09:42 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-11 09:42 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-03-11 09:42 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-03-11 09:42 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-11 09:42 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-11 09:42 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-11 09:42 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-11 09:42 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-03-11 09:42 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-03-11 09:42 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-03-11 09:42 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-11 09:42 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-11 09:42 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-11 09:42 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-11 09:42 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-11 09:42 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 09:42 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-11 09:42 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-11 09:42 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-11 09:42 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-11 09:42 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-11 09:42 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-03-11 09:42 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-11 09:42 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-11 09:42 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-11 09:42 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-11 09:42 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-03-11 09:42 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-11 09:42 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-11 09:42 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-11 09:42 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-11 09:42 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-03-11 09:40 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-11 09:40 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-02-25 21:45 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-25 21:45 - 2015-01-09 00:43 - 00419936 _____ () C:\windows\system32\locale.nls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-23 05:57 - 2011-10-31 04:31 - 00669568 _____ () C:\windows\system32\perfh005.dat
2015-03-23 05:57 - 2011-10-31 04:31 - 00141938 _____ () C:\windows\system32\perfc005.dat
2015-03-23 05:57 - 2009-07-14 06:13 - 01586170 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-23 05:55 - 2012-11-18 09:15 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-23 05:55 - 2012-02-01 19:17 - 00000000 ____D () C:\Users\Schovalovi\AppData\Roaming\Skype
2015-03-23 05:55 - 2011-10-31 01:39 - 01732602 _____ () C:\windows\WindowsUpdate.log
2015-03-22 21:53 - 2009-07-14 05:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-22 21:53 - 2009-07-14 05:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-22 21:46 - 2011-10-31 02:52 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-03-22 21:46 - 2011-10-31 02:52 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-03-22 21:46 - 2011-10-31 02:42 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-03-22 21:45 - 2012-11-18 09:15 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-22 21:44 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-22 21:38 - 2013-05-03 13:04 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-03-22 20:14 - 2012-08-22 08:50 - 00000000 ____D () C:\Program Files\trend micro
2015-03-22 08:11 - 2013-11-20 18:05 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-22 08:04 - 2015-02-11 09:24 - 00003484 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask
2015-03-21 06:58 - 2009-07-14 06:08 - 00032624 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-03-21 06:51 - 2014-05-15 16:52 - 00136752 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys
2015-03-21 06:51 - 2014-05-15 16:52 - 00029168 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-03-21 06:51 - 2013-05-03 13:05 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-03-21 06:51 - 2013-05-03 13:05 - 00441728 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys
2015-03-21 06:51 - 2013-05-03 13:05 - 00268640 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-03-21 06:51 - 2013-05-03 13:05 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys
2015-03-21 06:51 - 2013-05-03 13:05 - 00065736 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-03-21 06:51 - 2013-05-03 13:04 - 00088408 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-03-21 02:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-03-20 22:09 - 2012-11-18 09:15 - 00000000 ____D () C:\Program Files\Google
2015-03-20 22:09 - 2012-11-18 09:15 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-20 22:07 - 2012-02-01 19:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-20 22:06 - 2012-11-18 09:15 - 00000000 ____D () C:\Users\Schovalovi\AppData\Local\Google
2015-03-20 22:05 - 2014-03-12 21:09 - 00000000 ____D () C:\Users\Schovalovi\AppData\Local\CrashDumps
2015-03-20 22:05 - 2011-02-23 14:08 - 00000000 ____D () C:\windows\Panther
2015-03-20 22:01 - 2013-02-28 08:48 - 00000000 ____D () C:\windows\Minidump
2015-03-20 21:46 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-20 21:44 - 2011-10-31 01:57 - 01561820 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-03-20 21:40 - 2011-10-31 02:39 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-20 21:40 - 2011-10-31 02:05 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-20 21:36 - 2011-10-31 02:30 - 00000000 ____D () C:\ProgramData\Sonic
2015-03-20 20:50 - 2012-02-01 09:04 - 00000000 ____D () C:\Users\Schovalovi\AppData\Roaming\SoftGrid Client
2015-03-12 14:38 - 2015-02-12 14:39 - 00003612 _____ () C:\windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-03-12 14:36 - 2015-02-12 14:39 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
2015-03-12 07:20 - 2009-07-14 06:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2015-03-12 07:12 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2015-03-12 07:12 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism
2015-03-11 22:28 - 2013-07-14 21:22 - 00000000 ____D () C:\windows\system32\MRT
2015-03-11 22:23 - 2012-02-01 09:59 - 122905848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-06 07:16 - 2011-10-31 02:36 - 00000000 ____D () C:\ProgramData\Skype
2015-03-04 16:35 - 2015-02-05 10:16 - 00000000 ____D () C:\Users\Schovalovi\Desktop\kiki
2015-02-27 15:03 - 2011-10-31 05:56 - 00000000 ____D () C:\Dell
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
Some content of TEMP:
====================
C:\Users\Schovalovi\AppData\Local\Temp\Quarantine.exe
C:\Users\Schovalovi\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-15 13:45
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:523.79 GB) NTFS
Drive d: (O kocourovi Mikesovi) (CDROM) (Total:3.08 GB) (Free:0 GB) UDF
Available physical RAM: 2450.82 MB
Total physical RAM: 4003.16 MB
Percentage of memory in use: 38%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: C0F6B7B6)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=581.4 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Schovalovi\Desktop" je 20736 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AccuWeatherWidget
"C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Schovalovi (administrator) on SCHOVALOVI-PC on 23-03-2015 05:59:54
Running from C:\Users\Schovalovi\Desktop
Loaded Profiles: Schovalovi (Available profiles: Schovalovi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Schovalovi\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-13] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [Stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-28] ()
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055816 2011-05-30] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-05-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Dell Registration] => C:\Program Files (x86)\System Registration\prodreg.exe [4165440 2011-08-04] (Dell, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-21] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4079129769-1885185996-2590329431-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-21] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-10-31] (Sun Microsystems, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-21] (Avast Software s.r.o.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shoc ... tor/sw.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.co ... 5.15.0.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.168.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll [2014-10-12] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-31] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll [2014-10-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-03]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "https://www.google.cz/"
CHR DefaultSearchURL: Default -> http://www.google.com/search?q={searchT ... AW_csCZ406
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-20]
CHR Extension: (Google Drive) - C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-18]
CHR Extension: (YouTube) - C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-18]
CHR Extension: (Google Search) - C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-18]
CHR Extension: (Google Wallet) - C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (Gmail) - C:\Users\Schovalovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-21]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2011-05-12] (AMD) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-21] (Avast Software s.r.o.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 NMSAccess; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9319424 2011-05-12] (ATI Technologies Inc.) [File not signed]
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [304128 2011-05-12] (Advanced Micro Devices, Inc.) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-21] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-21] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-21] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-21] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-21] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-21] ()
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd64.sys [12289472 2011-08-09] (Intel Corporation) [File not signed]
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] () [File not signed]
S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [7168 2009-11-12] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-23 05:59 - 2015-03-23 06:00 - 00015712 _____ () C:\Users\Schovalovi\Desktop\FRST.txt
2015-03-23 05:59 - 2015-03-23 05:59 - 00000000 ____D () C:\FRST
2015-03-23 05:57 - 2015-03-23 05:57 - 02095616 _____ (Farbar) C:\Users\Schovalovi\Desktop\FRST64.exe
2015-03-23 05:57 - 2015-03-23 05:57 - 00112640 _____ (forum.viry.cz) C:\Users\Schovalovi\Desktop\FRSTLauncher.exe
2015-03-22 21:42 - 2015-03-22 21:44 - 00000000 ____D () C:\AdwCleaner
2015-03-22 21:41 - 2015-03-22 21:41 - 02168320 _____ () C:\Users\Schovalovi\Desktop\adwcleaner_4.113.exe
2015-03-22 20:14 - 2015-03-22 20:14 - 01222144 _____ () C:\Users\Schovalovi\Desktop\RSITx64.exe
2015-03-22 19:11 - 2015-03-22 19:12 - 00000848 _____ () C:\windows\system32\Drivers\kgpcpy.cfg
2015-03-22 17:13 - 2015-03-22 17:13 - 00000016 _____ () C:\windows\system32\config\software.szfi
2015-03-21 06:52 - 2015-03-21 06:52 - 00001924 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-21 06:52 - 2015-03-21 06:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-21 06:51 - 2015-03-21 06:51 - 00364472 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-03-21 06:51 - 2015-03-21 06:51 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr
2015-03-20 22:19 - 2015-03-20 22:19 - 00074856 _____ () C:\Users\Schovalovi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-20 22:10 - 2015-03-22 21:44 - 00000504 _____ () C:\windows\setupact.log
2015-03-20 22:10 - 2015-03-20 22:10 - 00000000 _____ () C:\windows\setuperr.log
2015-03-20 22:09 - 2015-03-21 06:57 - 00004138 _____ () C:\windows\PFRO.log
2015-03-20 22:09 - 2015-03-20 22:10 - 00320152 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-20 21:54 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2015-03-20 21:54 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-03-20 21:54 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-03-20 21:43 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
2015-03-20 21:43 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-03-20 21:43 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-03-20 21:43 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\MsRdpWebAccess.dll
2015-03-20 21:43 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\wksprtPS.dll
2015-03-20 21:43 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2015-03-20 21:43 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
2015-03-20 21:43 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\windows\system32\rdvidcrl.dll
2015-03-20 21:43 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\MsRdpWebAccess.dll
2015-03-20 21:43 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wksprtPS.dll
2015-03-20 21:43 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
2015-03-20 21:43 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2015-03-20 21:43 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
2015-03-20 21:43 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdvidcrl.dll
2015-03-20 21:43 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
2015-03-20 21:40 - 2015-03-20 21:41 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-20 21:40 - 2015-03-20 21:40 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-03-20 21:25 - 2015-03-20 21:33 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-03-20 21:13 - 2015-03-20 21:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-12 14:38 - 2015-03-12 14:38 - 00000000 __HDC () C:\ProgramData\{6AACA38B-2810-4B47-BDEC-D7A1F38B1531}
2015-03-11 09:44 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-11 09:44 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-11 09:44 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-11 09:44 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-11 09:44 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-03-11 09:44 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-11 09:44 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-03-11 09:44 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-03-11 09:44 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-11 09:44 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-11 09:44 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-11 09:44 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-03-11 09:44 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-11 09:44 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-03-11 09:44 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-11 09:44 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-11 09:44 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-11 09:44 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-11 09:44 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-11 09:44 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-03-11 09:44 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-03-11 09:44 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-03-11 09:44 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-03-11 09:44 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-03-11 09:44 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-03-11 09:44 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-11 09:44 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-11 09:44 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-11 09:44 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-03-11 09:43 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-11 09:43 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-11 09:43 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-11 09:43 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-11 09:43 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-11 09:43 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-11 09:43 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-11 09:43 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-11 09:43 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-11 09:43 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-11 09:43 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-03-11 09:43 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-03-11 09:43 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-03-11 09:43 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-03-11 09:43 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-03-11 09:43 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-03-11 09:43 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-03-11 09:43 - 2015-01-31 04:48 - 03179520 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2015-03-11 09:43 - 2015-01-31 04:48 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 09:43 - 2015-01-31 00:56 - 00243200 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2015-03-11 09:42 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-11 09:42 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-11 09:42 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-11 09:42 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-11 09:42 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-11 09:42 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-11 09:42 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-11 09:42 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-11 09:42 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-03-11 09:42 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-03-11 09:42 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-03-11 09:42 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-03-11 09:42 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-03-11 09:42 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-03-11 09:42 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-03-11 09:42 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-11 09:42 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-11 09:42 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-11 09:42 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-11 09:42 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-11 09:42 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-11 09:42 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-11 09:42 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-11 09:42 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-11 09:42 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-11 09:42 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-11 09:42 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-11 09:42 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-11 09:42 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-11 09:42 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-11 09:42 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-11 09:42 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-11 09:42 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-11 09:42 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-11 09:42 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-11 09:42 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-11 09:42 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-11 09:42 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-11 09:42 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-11 09:42 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-11 09:42 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-11 09:42 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-11 09:42 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 09:42 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-11 09:42 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-11 09:42 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-11 09:42 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-03-11 09:42 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-03-11 09:42 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-11 09:42 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-11 09:42 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-11 09:42 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-11 09:42 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-03-11 09:42 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-03-11 09:42 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-03-11 09:42 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-11 09:42 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-11 09:42 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-11 09:42 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-11 09:42 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-11 09:42 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 09:42 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-11 09:42 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-11 09:42 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-11 09:42 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-11 09:42 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-11 09:42 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-03-11 09:42 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-11 09:42 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-11 09:42 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-11 09:42 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-11 09:42 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-03-11 09:42 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-11 09:42 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-11 09:42 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-11 09:42 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-11 09:42 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-03-11 09:40 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-11 09:40 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-02-25 21:45 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-25 21:45 - 2015-01-09 00:43 - 00419936 _____ () C:\windows\system32\locale.nls
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-23 05:57 - 2011-10-31 04:31 - 00669568 _____ () C:\windows\system32\perfh005.dat
2015-03-23 05:57 - 2011-10-31 04:31 - 00141938 _____ () C:\windows\system32\perfc005.dat
2015-03-23 05:57 - 2009-07-14 06:13 - 01586170 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-23 05:55 - 2012-11-18 09:15 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-23 05:55 - 2012-02-01 19:17 - 00000000 ____D () C:\Users\Schovalovi\AppData\Roaming\Skype
2015-03-23 05:55 - 2011-10-31 01:39 - 01732602 _____ () C:\windows\WindowsUpdate.log
2015-03-22 21:53 - 2009-07-14 05:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-22 21:53 - 2009-07-14 05:45 - 00028576 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-22 21:46 - 2011-10-31 02:52 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-03-22 21:46 - 2011-10-31 02:52 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-03-22 21:46 - 2011-10-31 02:42 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-03-22 21:45 - 2012-11-18 09:15 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-22 21:44 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-22 21:38 - 2013-05-03 13:04 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-03-22 20:14 - 2012-08-22 08:50 - 00000000 ____D () C:\Program Files\trend micro
2015-03-22 08:11 - 2013-11-20 18:05 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-22 08:04 - 2015-02-11 09:24 - 00003484 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask
2015-03-21 06:58 - 2009-07-14 06:08 - 00032624 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2015-03-21 06:51 - 2014-05-15 16:52 - 00136752 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys
2015-03-21 06:51 - 2014-05-15 16:52 - 00029168 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-03-21 06:51 - 2013-05-03 13:05 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-03-21 06:51 - 2013-05-03 13:05 - 00441728 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys
2015-03-21 06:51 - 2013-05-03 13:05 - 00268640 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-03-21 06:51 - 2013-05-03 13:05 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys
2015-03-21 06:51 - 2013-05-03 13:05 - 00065736 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-03-21 06:51 - 2013-05-03 13:04 - 00088408 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-03-21 02:14 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-03-20 22:09 - 2012-11-18 09:15 - 00000000 ____D () C:\Program Files\Google
2015-03-20 22:09 - 2012-11-18 09:15 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-20 22:07 - 2012-02-01 19:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-03-20 22:06 - 2012-11-18 09:15 - 00000000 ____D () C:\Users\Schovalovi\AppData\Local\Google
2015-03-20 22:05 - 2014-03-12 21:09 - 00000000 ____D () C:\Users\Schovalovi\AppData\Local\CrashDumps
2015-03-20 22:05 - 2011-02-23 14:08 - 00000000 ____D () C:\windows\Panther
2015-03-20 22:01 - 2013-02-28 08:48 - 00000000 ____D () C:\windows\Minidump
2015-03-20 21:46 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-20 21:44 - 2011-10-31 01:57 - 01561820 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-03-20 21:40 - 2011-10-31 02:39 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-20 21:40 - 2011-10-31 02:05 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-20 21:36 - 2011-10-31 02:30 - 00000000 ____D () C:\ProgramData\Sonic
2015-03-20 20:50 - 2012-02-01 09:04 - 00000000 ____D () C:\Users\Schovalovi\AppData\Roaming\SoftGrid Client
2015-03-12 14:38 - 2015-02-12 14:39 - 00003612 _____ () C:\windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2015-03-12 14:36 - 2015-02-12 14:39 - 00000000 ____D () C:\ProgramData\SupportAssistAgent
2015-03-12 07:20 - 2009-07-14 06:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2015-03-12 07:12 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2015-03-12 07:12 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism
2015-03-11 22:28 - 2013-07-14 21:22 - 00000000 ____D () C:\windows\system32\MRT
2015-03-11 22:23 - 2012-02-01 09:59 - 122905848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-06 07:16 - 2011-10-31 02:36 - 00000000 ____D () C:\ProgramData\Skype
2015-03-04 16:35 - 2015-02-05 10:16 - 00000000 ____D () C:\Users\Schovalovi\Desktop\kiki
2015-02-27 15:03 - 2011-10-31 05:56 - 00000000 ____D () C:\Dell
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
Some content of TEMP:
====================
C:\Users\Schovalovi\AppData\Local\Temp\Quarantine.exe
C:\Users\Schovalovi\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-15 13:45
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:581.42 GB) (Free:523.79 GB) NTFS
Drive d: (O kocourovi Mikesovi) (CDROM) (Total:3.08 GB) (Free:0 GB) UDF
Available physical RAM: 2450.82 MB
Total physical RAM: 4003.16 MB
Percentage of memory in use: 38%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: C0F6B7B6)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=581.4 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Schovalovi\Desktop" je 20736 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AccuWeatherWidget
"C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Webcam Central
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (7.57 KiB) Staženo 181 x
Usmívej se, bude hůř!
-
Rudy
- Site Admin
- Příspěvky: 119490
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nepravidelne presmerovani na pornostranky
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4079129769-1885185996-2590329431-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Schovalovi\AppData\Local\Temp
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Classes\exefile: <===== ATTENTION!
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nepravidelne presmerovani na pornostranky
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Schovalovi at 2015-03-24 06:54:36 Run:1
Running from C:\Users\Schovalovi\Desktop
Loaded Profiles: Schovalovi (Available profiles: Schovalovi)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4079129769-1885185996-2590329431-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Schovalovi\AppData\Local\Temp
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Classes\exefile: <===== ATTENTION!
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}" => Key deleted successfully.
HKCR\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}" => Key deleted successfully.
HKCR\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
"C:\Users\Schovalovi\AppData\Local\Temp" directory move:
Could not move "C:\Users\Schovalovi\AppData\Local\Temp" directory. => Scheduled to move on reboot.
"HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Classes\.exe" => Key deleted successfully.
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Classes\exefile => Key not found.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-24 06:59:33)<=
C:\Users\Schovalovi\AppData\Local\Temp => Moved successfully.
==== End of Fixlog 06:59:33 ====
Ran by Schovalovi at 2015-03-24 06:54:36 Run:1
Running from C:\Users\Schovalovi\Desktop
Loaded Profiles: Schovalovi (Available profiles: Schovalovi)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKLM-x32 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL = http://www.bing.com/search?q={searchTer ... -SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4079129769-1885185996-2590329431-1000 -> {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} URL =
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Schovalovi\AppData\Local\Temp
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Classes\exefile: <===== ATTENTION!
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}" => Key deleted successfully.
HKCR\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} => Key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}" => Key deleted successfully.
HKCR\CLSID\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
"C:\Users\Schovalovi\AppData\Local\Temp" directory move:
Could not move "C:\Users\Schovalovi\AppData\Local\Temp" directory. => Scheduled to move on reboot.
"HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Classes\exefile" => Key deleted successfully.
"HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Classes\.exe" => Key deleted successfully.
HKU\S-1-5-21-4079129769-1885185996-2590329431-1000\Software\Classes\exefile => Key not found.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-03-24 06:59:33)<=
C:\Users\Schovalovi\AppData\Local\Temp => Moved successfully.
==== End of Fixlog 06:59:33 ====
Usmívej se, bude hůř!
-
Rudy
- Site Admin
- Příspěvky: 119490
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nepravidelne presmerovani na pornostranky
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nepravidelne presmerovani na pornostranky
dekuji.
Ja nevim, za celou dobu odvirovani se zadne nechtene okno neotevřelo. Ale tak uz se to chovalo když jsem si to prinesl domu. Ale chvili předtím u kamaráda to tam naskakovalo na kazde druhé kliknuti. Fakt netusim jakto.
Nemuze byt ještě na vine ADSL router, který by byl nejak "poladeny"?
Ja nevim, za celou dobu odvirovani se zadne nechtene okno neotevřelo. Ale tak uz se to chovalo když jsem si to prinesl domu. Ale chvili předtím u kamaráda to tam naskakovalo na kazde druhé kliknuti. Fakt netusim jakto.
Nemuze byt ještě na vine ADSL router, který by byl nejak "poladeny"?
Usmívej se, bude hůř!
-
Rudy
- Site Admin
- Příspěvky: 119490
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nepravidelne presmerovani na pornostranky
Spusťte ještě MBAM: http://www.malwarebytes.org/mbam.php . Udělejte sken, dejte log a předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nepravidelne presmerovani na pornostranky
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 24.3.2015
Čas skenování: 21:35:52
Protokol:
Správce: Ano
Verze: 2.01.4.1018
Databáze malwaru: v2015.03.24.08
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Schovalovi
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 345381
Uplynulý čas: 9 min, 19 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 24.3.2015
Čas skenování: 21:35:52
Protokol:
Správce: Ano
Verze: 2.01.4.1018
Databáze malwaru: v2015.03.24.08
Databáze rootkitů: v2015.02.25.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Schovalovi
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 345381
Uplynulý čas: 9 min, 19 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Usmívej se, bude hůř!
-
Rudy
- Site Admin
- Příspěvky: 119490
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nepravidelne presmerovani na pornostranky
Je to čisté. Jak se chová nyní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: nepravidelne presmerovani na pornostranky
chova se to korektne, jako druhy kus.
Moc diky a at se dari!!!!
Moc diky a at se dari!!!!
Usmívej se, bude hůř!
-
Rudy
- Site Admin
- Příspěvky: 119490
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: nepravidelne presmerovani na pornostranky
Tak to jsem rád!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?