VIRY.CZ

Antivir
našiel wi32:adware gen , a gen maliciousA-FAI, FBV ĎAKUJEM.


Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2015-05-02 19:06:57
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 31 GB (15%) free of 205 GB
Total RAM: 4072 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:07:03, on 2. 5. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17728)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Program Files (x86)\VuuPC\RemoteEngineHelper.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... 99&src=hmp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: ?????????? ???????? - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - C:\Program Files (x86)\Yandex\FastDial\fastdialhost.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O3 - Toolbar: ???????? ??????? - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files (x86)\Yandex\Elements\bartabhost.dll
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [YandexElements] "C:\Users\PC\AppData\Local\Yandex\Elements\elements.exe\8.4.0.9140\elements64.exe" /auto
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VuuPC RemoteEngine Service (RemoteEngineService) - ClickMeIn Limited - C:\Program Files (x86)\VuuPC\remoteengine.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VuuPC Connectivity (VuuPCConnectivity) - ClickMeIn Limited - C:\Program Files (x86)\VuuPC\Connectivity.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8696 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
C:\Windows\system32\svchost.exe -k imgsvc
taskeng.exe {47DDE570-DA65-455C-9D65-97A76A2FC5C7}
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\VuuPC\Connectivity.exe"
"C:\Users\PC\AppData\Local\Yandex\Elements\elements.exe\8.4.0.9140\elements64.exe" /auto
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" -startup
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\VuuPC\remoteengine.exe"
ATKOSD.exe
"C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
WDC.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\sppsvc.exe
"taskhost.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1144.1353ede0.2033552266 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 1144 "\\.\pipe\gecko-crash-server-pipe.1144" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --proxy-stub-channel=Flash4132.67AEAF38.21699 --host-broker-channel=Flash4132.67AEAF38.8104 --host-pid=4132 --host-npapi-version=28 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe" --channel=2312.0024F630.1252416211 --proxy-stub-channel=Flash4132.67AEAF38.21699 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll" --host-npapi-version=28 --type=renderer
C:\Windows\system32\AUDIODG.EXE 0x838
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\PC\Downloads\RSITx64(1).exe"
"C:\Program Files (x86)\VuuPC\RemoteEngineHelper.exe" /Helper
"C:\Program Files (x86)\VuuPC\RemoteEngineHelper.exe" /HelperHelper /Mux 256 /Map 244 /Req 248 /Resp 252 /MasterMux 260
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\2vfj67kb.default-1413289569602

prefs.js - "browser.startup.homepage" - "http://www.default-search.net?sid=498&a ... 99&src=hmp"
prefs.js - "keyword.URL" - "http://www.default-search.net/search?si ... &src=ds&p="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.31.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 16.0.0.305 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\2vfj67kb.default-1413289569602\searchplugins\
default-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-06 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll [2014-04-09 96128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-04 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-06 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]
Визуальные закладки - C:\Program Files (x86)\Yandex\FastDial\fastdialhost.dll [2014-08-27 306976]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-04 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Элементы Яндекса - C:\Program Files (x86)\Yandex\Elements\bartabhost.dll [2014-08-27 306976]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"YandexElements"=C:\Users\PC\AppData\Local\Yandex\Elements\elements.exe\8.4.0.9140\elements64.exe [2014-08-27 1594656]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-11-21 7063832]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17 5732992]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [2010-10-07 170624]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2014-02-03 337432]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-06 5512912]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-04-15 18:42:06 ----SHD---- C:\Config.Msi
2015-04-15 18:36:56 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-04-15 18:36:56 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-04-15 18:36:56 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-04-15 18:36:56 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-04-15 18:36:56 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-04-15 18:36:56 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-04-15 18:36:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-04-15 18:36:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-04-15 18:36:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-04-15 18:36:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-04-15 18:36:55 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-04-15 18:36:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 18:36:55 ----A---- C:\Windows\system32\iernonce.dll
2015-04-15 18:36:55 ----A---- C:\Windows\system32\ie4uinit.exe
2015-04-15 18:36:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-04-15 18:36:52 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-04-15 18:36:52 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-04-15 18:36:52 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-04-15 18:36:52 ----A---- C:\Windows\system32\urlmon.dll
2015-04-15 18:36:52 ----A---- C:\Windows\system32\iedkcs32.dll
2015-04-15 18:36:51 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-04-15 18:36:51 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-04-15 18:36:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-04-15 18:36:51 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-04-15 18:36:51 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-04-15 18:36:51 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-04-15 18:36:51 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 18:36:51 ----A---- C:\Windows\system32\msfeeds.dll
2015-04-15 18:36:51 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 18:36:51 ----A---- C:\Windows\system32\dxtrans.dll
2015-04-15 18:36:50 ----A---- C:\Windows\system32\iesetup.dll
2015-04-15 18:36:50 ----A---- C:\Windows\system32\ieapfltr.dll
2015-04-15 18:36:49 ----A---- C:\Windows\system32\iertutil.dll
2015-04-15 18:36:48 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-04-15 18:36:48 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-04-15 18:36:48 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-04-15 18:36:47 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-04-15 18:36:47 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-04-15 18:36:47 ----A---- C:\Windows\system32\jsproxy.dll
2015-04-15 18:36:47 ----A---- C:\Windows\system32\ieUnatt.exe
2015-04-15 18:36:46 ----A---- C:\Windows\system32\ieui.dll
2015-04-15 18:36:46 ----A---- C:\Windows\system32\ieframe.dll
2015-04-15 18:36:46 ----A---- C:\Windows\system32\dxtmsft.dll
2015-04-15 18:36:45 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-04-15 18:36:45 ----A---- C:\Windows\system32\mshtmled.dll
2015-04-15 18:36:45 ----A---- C:\Windows\system32\jscript9diag.dll
2015-04-15 18:36:44 ----A---- C:\Windows\system32\wininet.dll
2015-04-15 18:36:44 ----A---- C:\Windows\system32\vbscript.dll
2015-04-15 18:36:44 ----A---- C:\Windows\system32\jscript9.dll
2015-04-15 18:36:43 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-04-15 18:36:42 ----A---- C:\Windows\system32\msrating.dll
2015-04-15 18:36:42 ----A---- C:\Windows\system32\mshtml.dll
2015-04-15 18:32:54 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-15 18:32:54 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-15 18:32:54 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-15 18:32:54 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-15 18:32:54 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-15 18:32:54 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 18:32:54 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 18:32:54 ----A---- C:\Windows\system32\wups.dll
2015-04-15 18:32:54 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 18:32:54 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 18:32:54 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 18:32:54 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 18:32:54 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 18:32:54 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 18:32:54 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 18:32:53 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 18:32:37 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 18:32:37 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 18:32:37 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 18:32:37 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 18:32:37 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 18:32:37 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 18:32:36 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 18:32:36 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 18:32:36 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 18:32:35 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-04-15 18:32:35 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-04-15 18:32:35 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 18:32:34 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2015-04-15 18:32:34 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-15 18:32:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-04-15 18:32:27 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-04-15 18:32:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-04-15 18:32:27 ----A---- C:\Windows\system32\ntdll.dll
2015-04-15 18:32:27 ----A---- C:\Windows\system32\KernelBase.dll
2015-04-15 18:32:27 ----A---- C:\Windows\system32\kernel32.dll
2015-04-15 18:32:26 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-04-15 18:32:26 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-04-15 18:32:26 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-04-15 18:32:26 ----A---- C:\Windows\system32\wow64win.dll
2015-04-15 18:32:26 ----A---- C:\Windows\system32\schannel.dll
2015-04-15 18:32:26 ----A---- C:\Windows\system32\lsasrv.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 18:32:25 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-04-15 18:32:25 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-04-15 18:32:25 ----A---- C:\Windows\system32\wow64cpu.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\wow64.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\winsrv.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\wdigest.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\TSpkg.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\sspisrv.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\sspicli.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\srcore.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\srclient.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\smss.exe
2015-04-15 18:32:25 ----A---- C:\Windows\system32\secur32.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\rstrui.exe
2015-04-15 18:32:25 ----A---- C:\Windows\system32\ntvdm64.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\ncrypt.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\msv1_0.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\lsass.exe
2015-04-15 18:32:25 ----A---- C:\Windows\system32\kerberos.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-04-15 18:32:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-04-15 18:32:25 ----A---- C:\Windows\system32\csrsrv.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\credssp.dll
2015-04-15 18:32:25 ----A---- C:\Windows\system32\conhost.exe
2015-04-15 18:32:25 ----A---- C:\Windows\system32\auditpol.exe
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 18:32:24 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 18:32:23 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 18:32:23 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 18:32:23 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 18:32:23 ----A---- C:\Windows\SYSWOW64\user.exe
2015-04-15 18:32:23 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-04-15 18:32:23 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-04-15 18:32:23 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-04-15 18:32:23 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-04-15 18:32:23 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-04-15 18:32:23 ----A---- C:\Windows\system32\msobjs.dll
2015-04-15 18:32:23 ----A---- C:\Windows\system32\msaudite.dll
2015-04-15 18:32:23 ----A---- C:\Windows\system32\apisetschema.dll
2015-04-15 18:32:23 ----A---- C:\Windows\system32\adtschema.dll
2015-04-15 17:31:02 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 16:58:37 ----A---- C:\Windows\SYSWOW64\clfsw32.dll
2015-04-15 16:58:37 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 16:58:37 ----A---- C:\Windows\system32\clfs.sys
2015-04-06 21:03:18 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-06 21:02:57 ----A---- C:\Windows\avastSS.scr
2015-04-05 18:56:08 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-05 18:56:08 ----SD---- C:\Windows\system32\GWX

======List of files/folders modified in the last 1 month======

2015-05-02 19:07:04 ----D---- C:\Windows\Prefetch
2015-05-02 19:07:02 ----D---- C:\Windows\Temp
2015-05-02 19:07:02 ----D---- C:\Program Files\trend micro
2015-05-02 19:01:13 ----D---- C:\Windows\system32\NDF
2015-05-02 10:47:54 ----D---- C:\Windows\system32\config
2015-05-02 10:37:50 ----D---- C:\Windows\System32
2015-05-02 10:37:50 ----D---- C:\Windows\inf
2015-05-02 10:37:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-29 17:27:35 ----SHD---- C:\System Volume Information
2015-04-23 18:31:12 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-22 21:10:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-20 16:53:45 ----D---- C:\Program Files (x86)\VuuPC
2015-04-18 14:42:44 ----D---- C:\Windows\rescache
2015-04-17 15:52:35 ----D---- C:\Windows\AppCompat
2015-04-17 14:21:06 ----D---- C:\Windows\Microsoft.NET
2015-04-17 14:19:08 ----RSD---- C:\Windows\assembly
2015-04-16 17:04:40 ----D---- C:\Windows\winsxs
2015-04-16 17:03:49 ----D---- C:\Windows\SYSWOW64\en-US
2015-04-16 17:03:49 ----D---- C:\Program Files\Internet Explorer
2015-04-16 17:03:48 ----D---- C:\Windows\SysWOW64
2015-04-16 17:03:46 ----D---- C:\Windows\system32\en-US
2015-04-16 17:03:43 ----D---- C:\Program Files (x86)\Internet Explorer
2015-04-15 20:17:35 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-04-15 20:17:35 ----D---- C:\Windows\system32\sk-SK
2015-04-15 20:17:35 ----D---- C:\Windows\PolicyDefinitions
2015-04-15 20:17:34 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 20:17:34 ----D---- C:\Windows\system32\wbem
2015-04-15 20:17:34 ----D---- C:\Windows\system32\appraiser
2015-04-15 20:17:34 ----D---- C:\Windows\AppPatch
2015-04-15 20:17:23 ----D---- C:\Windows\system32\drivers
2015-04-15 18:43:45 ----SHD---- C:\Windows\Installer
2015-04-15 18:42:58 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-15 18:36:03 ----D---- C:\Windows\system32\MRT
2015-04-15 18:36:02 ----D---- C:\Windows\debug
2015-04-15 18:35:57 ----A---- C:\Windows\system32\MRT.exe
2015-04-15 16:56:43 ----D---- C:\Windows\system32\catroot2
2015-04-12 15:49:15 ----D---- C:\Windows
2015-04-06 21:03:42 ----D---- C:\Windows\system32\Tasks
2015-04-05 18:56:19 ----D---- C:\Windows\Logs

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-06 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-06 271200]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-06 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-06 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-06 442264]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222;F06DEFF2-5B9C-490D-910F-35D3A91196222; \??\C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc3.cfg [2014-12-15 45968]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2014-02-03 129944]
R1 VWiFiFlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-06 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-06 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-06 136752]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-03-21 273824]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-19 9319936]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-19 306176]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 MBAMProtector;MBAMProtector; C:\Windows\system32\drivers\MBAMProtector.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-19 203776]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2009-06-15 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2009-12-15 96896]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-06 343336]
R2 RemoteEngineService;VuuPC RemoteEngine Service; C:\Program Files (x86)\VuuPC\remoteengine.exe [2014-06-02 2967568]
R2 VuuPCConnectivity;VuuPC Connectivity; C:\Program Files (x86)\VuuPC\Connectivity.exe [2014-06-02 4747280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-03-21 4030800]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-03-26 1255736]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07 267440]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-03-13 114688]
S4 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-22 148080]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zdravim

Odinstalujte McAfee Security Scan.

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

# AdwCleaner v4.203 - Log vytvorený 03/05/2015 at 07:11:38
# Aktualizované 30/04/2015 by Xplode
# Databáza : 2015-04-30.2 [Local]
# Operačný systém : Windows 7 Home Premium Service Pack 1 (x64)
# Uživateľské meno : PC - PC-PC
# Spustené z : C:\Users\PC\Downloads\adwcleaner_4.203.exe
# Nastavenia : Čistenie

***** [ Služby ] *****

[#] Služba Zmazané : RemoteEngineService
[#] Služba Zmazané : VuuPCConnectivity

***** [ Súbory / Priečinky ] *****

Priečinok Zmazané : C:\ProgramData\smdmf
Priečinok Zmazané : C:\Program Files (x86)\Settings Manager
Priečinok Zmazané : C:\Program Files (x86)\VuuPC
Priečinok Zmazané : C:\Users\PC\AppData\Local\Linkey
Priečinok Zmazané : C:\Users\PC\AppData\Local\Popajar
Priečinok Zmazané : C:\Users\PC\AppData\Local\SearchProtect
Priečinok Zmazané : C:\Users\PC\AppData\Roaming\FirefoxToolbar
Priečinok Zmazané : C:\Users\PC\AppData\Roaming\VOPackage
Priečinok Zmazané : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\vsw5cdff.default\Extensions\yasearch@yandex.ru
Súbor Zmazané : C:\END
Súbor Zmazané : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\2vfj67kb.default-1413289569602\invalidprefs.js
Súbor Zmazané : C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\2vfj67kb.default-1413289569602\searchplugins\default-search.xml
Súbor Zmazané : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml

***** [ Naplánované úlohy ] *****


***** [ Zástupcovia ] *****


***** [ Registre ] *****

Kľúč registra Zmazané : HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
Kľúč registra Zmazané : HKLM\SOFTWARE\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah
Kľúč registra Zmazané : HKLM\SOFTWARE\Google\Chrome\Extensions\aminlpmkfcdibgpgfajlgnamicjckkjf
Kľúč registra Zmazané : HKLM\SOFTWARE\Google\Chrome\Extensions\jdkihdhlegcdggknokfekoemkjjnjhgi
Hodnota Zmazané : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Hodnota Zmazané : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Hodnota Zmazané : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Hodnota Zmazané : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard.1
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\SettingsManagerIEHelper.DNSGuard
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\iedll.dll
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\TypeLib\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91397D20-1446-11D4-8AF4-0040CA1127B6}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{91397D20-1446-11D4-8AF4-0040CA1127B6}
Hodnota Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{91397D20-1446-11D4-8AF4-0040CA1127B6}]
Hodnota Zmazané : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{91397D20-1446-11D4-8AF4-0040CA1127B6}]
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{AA760BA8-5862-4BC5-9263-4452CBC0B264}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Kľúč registra Zmazané : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2498}
Kľúč registra Zmazané : HKCU\Software\Popajar
Kľúč registra Zmazané : HKCU\Software\SmdmF
Kľúč registra Zmazané : HKCU\Software\SmileysWeLove
Kľúč registra Zmazané : HKCU\Software\Softonic
Kľúč registra Zmazané : HKCU\Software\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\SmdmF
Kľúč registra Zmazané : HKLM\SOFTWARE\Linkey
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Settings Manager
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VuuPC
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Linkey

***** [ Webové prehliadače ] *****

-\\ Internet Explorer v11.0.9600.17728

Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v37.0.2 (x86 sk)

[2vfj67kb.default-1413289569602\prefs.js] - Riadok Zmazané : user_pref("browser.search.order.1", "default-search.net");
[2vfj67kb.default-1413289569602\prefs.js] - Riadok Zmazané : user_pref("browser.search.selectedEngine", "default-search.net");
[2vfj67kb.default-1413289569602\prefs.js] - Riadok Zmazané : user_pref("browser.startup.homepage", "hxxp://www.default-search.net?sid=498&aid=156& ... 99&src=hmp");
[2vfj67kb.default-1413289569602\prefs.js] - Riadok Zmazané : user_pref("keyword.URL", "hxxp://www.default-search.net/search?sid=498&a ... &src=ds&p=");

-\\ Google Chrome v42.0.2311.135

[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M73B76A30-31A3-487F-92F5-31774642B63F&SearchSource=58&CUI=&UM=5&UP=SPCCADB952-8A64-4CB3-87A8-98AAF3EBC79D&q={searchTerms}&SSPV=
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M73B76A30-31A3-487F-92F5-31774642B63F&SearchSource=58&CUI=&UM=5&UP=SPCCADB952-8A64-4CB3-87A8-98AAF3EBC79D&q={searchTerms}&SSPV=
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Zmazané [Extension] : fpmeembnagmagppkgghhfjfdfajdfcah
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Zmazané [Extension] : aminlpmkfcdibgpgfajlgnamicjckkjf
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Zmazané [Extension] : jdkihdhlegcdggknokfekoemkjjnjhgi
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Zmazané [Homepage] : hxxp://search.conduit.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M73B76A30-31A3-487F-92F5-31774642B63F&SearchSource=55&CUI=&UM=5&UP=SPCCADB952-8A64-4CB3-87A8-98AAF3EBC79D&SSPV=
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Zmazané [Startup_URLs] : hxxp://search.conduit.com/?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M73B76A30-31A3-487F-92F5-31774642B63F&SearchSource=55&CUI=&UM=5&UP=SPCCADB952-8A64-4CB3-87A8-98AAF3EBC79D&SSPV=
[C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Zmazané [Default_Search_Provider_Data] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321459&octid=EB_ORIGINAL_CTID&ISID=M73B76A30-31A3-487F-92F5-31774642B63F&SearchSource=58&CUI=&UM=5&UP=SPCCADB952-8A64-4CB3-87A8-98AAF3EBC79D&q={searchTerms}&SSPV=

-\\ Chromium v

[C:\Users\PC\AppData\Local\Chromium\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://www.default-search.net/search?sid=498&a ... earchTerms}

-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [9857 bajtov] - [03/05/2015 07:10:12]
AdwCleaner[S0].txt - [8839 bajtov] - [03/05/2015 07:11:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8899 bajtov] ##########

Vidim v logu MBAM

Udelejte novou kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 3. 5. 2015
Čas skenování: 8:54:13
Protokol: m.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.03.02
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: PC

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 458697
Uplynulý čas: 1 hod, 11 min, 14 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 5
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\Linkey.Linkey, , [e05ea9e6523846f045ba71dc7a899c64],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Linkey.Linkey, , [e7579cf3c7c33df9ae513d109d66ed13],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Linkey.Linkey, , [e7579cf3c7c33df9ae513d109d66ed13],
PUP.Optional.SettingsManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A91196222, , [ef4fb6d986046bcb56a765f5cb3aae52],
PUP.Optional.UpdateCheckerApp.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\UpdateCheckerApp, , [b08e7b146921b284c9799f3221e2d32d],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.Datamngr.A, C:\Users\PC\AppData\LocalLow\DataMngr, , [46f8f7987a107abc9f5f8b1262a1f808],

Soubory: 46
PUP.Optional.Softonic.A, C:\Users\PC\Downloads\SoftonicDownloader_for_fifa-12.exe, , [3e00a1eeddad2e08aec3fe543cc5e818],
PUP.Optional.Bandoo.A, C:\Users\PC\Downloads\iMeshSetup-r1444-n-bf.exe, , [e658b1de315981b50fd1a2bd34cd2cd4],
PUP.Optional.Linkey.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\smdmf\tbicon.exe.vir, , [310d0689870371c572d2615720e109f7],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\smdmf\del_DM_DLL_nslF493.dll.vir, , [bb832867a9e185b166f063648f727a86],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\smdmf\smdmf.dll.vir, , [ea54e4abbfcb989e124412b5f20f8a76],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\smdmf\smdmfbho.dll.vir, , [2816444bb0da6dc9b9abb05953af7c84],
PUP.Optional.Linkey.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\smdmf\Uninstall.exe.vir, , [7ec0127d90fabb7bdb6ad5e37091a45c],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\smdmf\x64\smdmf.dll.vir, , [4df16b24048638fef95d3b8c7a87f30d],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Settings Manager\smdmf\x64\smdmfbho.dll.vir, , [7cc2d7b82c5ee84e95cf5dac867cc739],
PUP.Optional.Linkey.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Local\Linkey\LinkeyDeals.exe.vir, , [0c32602f4e3c6cca6cb9b6e722df9c64],
PUP.Optional.Linkey.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Local\Linkey\Uninstall.exe.vir, , [96a8c3cc5337e1554eba59447d84f50b],
PUP.Optional.UpdateChecker.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Local\Popajar\UpdateChecker\UpdateCheckerApp.exe.vir, , [4af41d72b7d3ad89e5e3b4068f72a45c],
PUP.Optional.SmileysWeLove.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Local\Popajar\UpdateChecker\UpdateNotifier.exe.vir, , [72cc6728cfbb2610cefc26944ab7b34d],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF14.dll.vir, , [b78794fb197162d40650cafdaf520000],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF29.dll.vir, , [2f0f880796f43ef84511a720857ce21e],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF10.dll.vir, , [c37b79161c6ed165a6b04087e918c937],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF11.dll.vir, , [82bca9e6fc8ea2944313d1f621e00bf5],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF12.dll.vir, , [8fafbfd05e2cd75f441227a0ae5326da],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF13.dll.vir, , [172766296525dc5af85ead1a8a77aa56],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF15.dll.vir, , [b787028d3b4fb185292db90e867b867a],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF16.dll.vir, , [df5f92fd870350e6a6b09c2b44bd12ee],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF17.dll.vir, , [a49ac8c7a4e636004511f2d50af7956b],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF18.dll.vir, , [71cd434ca5e50333c096a32418e93dc3],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF19.dll.vir, , [36089cf3810963d33521d8ef89780bf5],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF2.dll.vir, , [41fd315ed6b43df9540250777889ac54],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF20.dll.vir, , [d36b6a258901e353fe585374ad546997],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF21.dll.vir, , [64da612e662478be15413a8d41c06c94],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF22.dll.vir, , [86b8523d72186acc87cfa423956c946c],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF23.dll.vir, , [0539632c256576c03f17c601b150ac54],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF24.dll.vir, , [06380a857d0df541d680d9ee6b96a65a],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF25.dll.vir, , [ae90711e088269cd2432e9de49b831cf],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF26.dll.vir, , [54ea2c638208f5417dd9cafdfe0356aa],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF27.dll.vir, , [c27ccdc23555340299bde1e63bc604fc],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF28.dll.vir, , [51ed08872a60cd69df777c4be51c17e9],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF30.dll.vir, , [8ab4cdc2b7d35bdb6beb8f38fc053fc1],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF31.dll.vir, , [a5994847b3d75bdbb2a4b1166899b050],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF32.dll.vir, , [2f0fd4bb3e4c8aac371fe7e0768bc040],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF33.dll.vir, , [a7979af54446b48290c624a344bd827e],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF34.dll.vir, , [ef4ffc93b4d65fd7391df7d0bd44f10f],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF4.dll.vir, , [66d896f95c2ef343ada9a5227f8204fc],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF5.dll.vir, , [f34b1c73355501352a2c22a536cb5da3],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF6.dll.vir, , [5fdf7619c2c872c47cda7255936e827e],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF7.dll.vir, , [47f7f798bfcb90a606503d8ab8494fb1],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF8.dll.vir, , [142ab1def69486b08bcb02c5ef12a55b],
PUP.Optional.SettingsManager.A, C:\AdwCleaner\Quarantine\C\Users\PC\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF9.dll.vir, , [2816652ac6c45adce86ee8dfc0414fb1],
PUP.Optional.Datamngr.A, C:\Users\PC\AppData\LocalLow\DataMngr\{99BB1406-1CFB-488C-90D1-2D978E04F707}64, , [46f8f7987a107abc9f5f8b1262a1f808],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Nalezy nechte odstranit (nebo dejte do karanteny). Po odstraneni a restartu pc test zopakujte (staci Sken hrozeb), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

posielam log po vymazani

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 3. 5. 2015
Čas skenování: 22:23:30
Protokol: 14.txt
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.03.06
Databáze rootkitů: v2015.04.21.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: PC

Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 335940
Uplynulý čas: 15 min, 29 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

MBAM muzete odinstalovat.

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Zdravím.
Stažení FRSTLauncheru: nedarí sa mi ho stiahnuť aj po vypnutí avast antivirus stale mi ho blokuje ako ďalej?

Tak dejte logy ze samotneho FRST, tedy bez pouziti Launcheru.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by PC (administrator) on PC-PC on 04-05-2015 21:49:45
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available profiles: PC)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Yandex) C:\Users\PC\AppData\Local\Yandex\Elements\elements.exe\8.4.0.9140\elements64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [337432 2014-02-03] (Power Software Ltd)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-03] (Avast Software s.r.o.)
HKU\S-1-5-21-4265028784-2171246771-3604942379-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-4265028784-2171246771-3604942379-1000\...\Run: [YandexElements] => C:\Users\PC\AppData\Local\Yandex\Elements\elements.exe\8.4.0.9140\elements64.exe [1594656 2014-08-27] (Yandex)
HKU\S-1-5-21-4265028784-2171246771-3604942379-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-03] (Avast Software s.r.o.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kId=255141
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-06] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-04] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-06] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-04] (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} http://195.28.70.134/kapor2/lib/mgaxctrl.cab
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\2vfj67kb.default-1413289569602
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1212152.dll [2014-05-30] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4265028784-2171246771-3604942379-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-21]

Chrome:
=======
CHR HomePage: Default ->
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-26]
CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-26]
CHR Extension: (Avast Online Security) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-16]
CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-26]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-21]

Opera:
=======
OPR StartupUrls: "hxxp://www.yandex.ru/?win=146&clid=1989595"

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-03] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-03] (Avast Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-03] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-03] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-03] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-03] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-03] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-03] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-03] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-04 21:49 - 2015-05-04 21:50 - 00010819 _____ () C:\Users\PC\Desktop\FRST.txt
2015-05-04 21:47 - 2015-05-04 21:49 - 00000000 ____D () C:\FRST
2015-05-04 20:21 - 2015-05-04 20:21 - 00112107 _____ (forum.viry.cz) C:\Users\PC\Downloads\VerzeOS.exe
2015-05-04 19:52 - 2015-05-04 19:52 - 02101248 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2015-05-03 22:39 - 2015-05-03 22:39 - 00001149 _____ () C:\Users\PC\Desktop\14.txt
2015-05-03 11:35 - 2015-05-03 11:35 - 00010114 _____ () C:\Users\PC\Desktop\m.txt
2015-05-03 08:46 - 2015-05-03 08:48 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\PC\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-03 07:09 - 2015-05-03 07:11 - 00000000 ____D () C:\AdwCleaner
2015-05-03 07:08 - 2015-05-03 07:08 - 02204160 _____ () C:\Users\PC\Downloads\adwcleaner_4.203.exe
2015-05-03 06:58 - 2015-05-03 06:58 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-03 06:58 - 2015-05-03 06:58 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-02 19:06 - 2015-05-02 19:06 - 01222144 _____ () C:\Users\PC\Downloads\RSITx64(1).exe
2015-04-15 18:36 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 18:36 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 18:36 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 18:36 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 18:36 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 18:36 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 18:36 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 18:36 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 18:36 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 18:36 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 18:36 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 18:36 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 18:36 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 18:36 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 18:36 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 18:36 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 18:36 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 18:36 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 18:36 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 18:36 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 18:36 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 18:36 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 18:36 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 18:36 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 18:36 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 18:36 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 18:36 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 18:36 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 18:36 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 18:36 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 18:36 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 18:36 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 18:36 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 18:36 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 18:36 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 18:36 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 18:36 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 18:36 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 18:36 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 18:36 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 18:36 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 18:36 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 18:36 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 18:36 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 18:36 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 18:36 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 18:36 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 18:36 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 18:36 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 18:36 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 18:36 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 18:36 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 18:36 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 18:36 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 18:36 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 18:36 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 18:36 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 18:36 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 18:32 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 18:32 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 18:32 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 18:32 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 18:32 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 18:32 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 18:32 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 18:32 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 18:32 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 18:32 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 18:32 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 18:32 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 18:32 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 18:32 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 18:32 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 18:32 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 18:32 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 18:32 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 18:32 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 18:32 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 18:32 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 18:32 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 18:32 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 18:32 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 18:32 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 18:32 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 18:32 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 18:32 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 18:32 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 18:32 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 18:32 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 18:32 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 18:32 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 18:32 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 18:32 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 18:32 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 18:32 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 18:32 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 18:32 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 18:32 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 18:32 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 18:32 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 18:32 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 18:32 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 18:32 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 18:32 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 18:32 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 18:32 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 18:32 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 18:32 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 18:32 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 18:32 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 18:32 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 18:32 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 18:32 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 18:32 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 18:32 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 18:32 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 18:32 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 18:32 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 18:32 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 18:32 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 18:32 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 18:32 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 18:32 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 18:32 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 18:32 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 18:32 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 17:31 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 16:58 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 16:58 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 16:58 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-05 18:56 - 2015-04-05 18:56 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-05 18:56 - 2015-04-05 18:56 - 00000000 ___SD () C:\Windows\system32\GWX

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-04 21:47 - 2014-03-28 15:39 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-04 21:34 - 2014-10-31 22:42 - 01534299 _____ () C:\Windows\WindowsUpdate.log
2015-05-04 20:55 - 2009-07-14 06:45 - 00024480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-04 20:55 - 2009-07-14 06:45 - 00024480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-04 20:53 - 2014-03-26 11:40 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-04 20:24 - 2014-04-03 14:54 - 00000000 ____D () C:\Users\PC\AppData\Local\CrashDumps
2015-05-04 18:52 - 2015-03-21 16:59 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-04 18:52 - 2014-03-26 11:40 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-04 18:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-03 22:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Registration
2015-05-03 21:07 - 2009-07-14 07:13 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-03 10:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-03 08:35 - 2014-03-30 15:40 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Malwarebytes
2015-05-03 08:35 - 2014-03-30 15:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-03 08:35 - 2014-03-30 15:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-05-03 06:58 - 2015-03-21 16:59 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-03 06:58 - 2015-03-21 16:59 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-03 06:58 - 2015-03-21 16:59 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-03 06:58 - 2015-03-21 16:59 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-03 06:58 - 2015-03-21 16:59 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-03 06:58 - 2015-03-21 16:59 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-03 06:58 - 2015-03-21 16:59 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-03 06:58 - 2015-03-21 16:59 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-02 19:07 - 2014-03-31 14:29 - 00000000 ____D () C:\Program Files\trend micro
2015-05-02 10:55 - 2014-03-26 11:42 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-23 18:31 - 2014-03-28 15:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-22 21:10 - 2014-03-26 10:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-18 14:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-17 15:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-15 20:17 - 2014-12-11 18:40 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 20:17 - 2014-05-06 16:42 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 20:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-04-15 20:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-04-15 20:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-15 18:42 - 2014-03-27 18:56 - 00765700 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-15 18:36 - 2014-03-27 21:46 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 18:35 - 2014-03-27 21:45 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-10-13 13:41 - 2014-10-13 13:41 - 0301608 _____ (VuuPC Limited) C:\Users\PC\AppData\Local\nsnE59F.tmp
2014-03-30 16:12 - 2014-05-31 06:47 - 0007598 _____ () C:\Users\PC\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-01 18:09

==================== End Of Log ============================

vyhodilo mi aj tento log tak posielam neviem ktorý je ok ďakujem


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05-2015
Ran by PC at 2015-05-04 21:50:35
Running from C:\Users\PC\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4265028784-2171246771-3604942379-500 - Administrator - Disabled)
Guest (S-1-5-21-4265028784-2171246771-3604942379-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4265028784-2171246771-3604942379-1002 - Limited - Enabled)
PC (S-1-5-21-4265028784-2171246771-3604942379-1000 - Administrator - Enabled) => C:\Users\PC

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.2.152 - Adobe Systems, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.12.5.0 - Asmedia Technology)
ATI AVIVO64 Codecs (Version: 11.6.0.10419 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{D9D7384A-8014-EE99-279E-E9BA3F6C4836}) (Version: 3.0.825.0 - ATI Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0008 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
Colin McRae Rally 04 (HKLM-x32\...\InstallShield_{5A2C635B-7ECE-4294-AE66-195BBFBC82F7}) (Version: 1.00.000 - Název společnosti:)
Colin McRae Rally 04 (x32 Version: 1.00.000 - Název společnosti:) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Euro Truck Simulator 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
GTAIII (HKLM-x32\...\{F2DDE4A8-A062-4D58-AE08-FAC1182955AF}) (Version: 1.00.000 - )
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Kobra 11 Nitro (HKLM-x32\...\{5AAA952E-B15E-47E0-94E4-DD6DC7B9C796}_is1) (Version: 3.0.0.CZ - US - ACTION, s.r.o.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 sk) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 sk)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.9 - Power Software Ltd)
Sweet Home 3D version 4.5 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Unity Web Player (HKU\S-1-5-21-4265028784-2171246771-3604942379-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
UpdateChecker (HKU\S-1-5-21-4265028784-2171246771-3604942379-1000\...\Popajar, inc UpdateChecker) (Version: - Popajar, inc) <==== ATTENTION
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Intel (NETwLv64) net (10/07/2010 13.4.0.139) (HKLM\...\EA1C8ECD4E416637C38F0079F98C8C7B0A112265) (Version: 10/07/2010 13.4.0.139 - Intel)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Элементы Яндекса 8.4 для Internet Explorer (HKLM-x32\...\{B9C3392F-76A5-4130-B60B-4D9C0B03E6C8}) (Version: 8.4.0.9140 - Яндекс)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-04-01 21:17 - 00000741 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {206AED64-4284-4E5E-801E-69A723A49E33} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14] (Google Inc.)
Task: {25C8066C-2FA2-4EE8-938D-D52001C77D0B} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {2D2BAF9B-C524-418E-95F9-D062D6111BB1} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {36113EB4-96FB-4022-B51E-D7B29F39351C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {45C8CAC4-CF9B-4B21-9F90-71785C10E7BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {4B1AB82C-2A1D-406E-B791-4526173A43B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07] (Adobe Systems Incorporated)
Task: {6740C00A-4805-4679-975B-16712C5F3D02} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {74F465D8-939E-46CD-B9B1-4F24A6FA7655} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {CAF415A5-A17C-4DF8-B316-2BC5E63A3C59} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14] (Google Inc.)
Task: {F3C3F2FB-EADC-4D16-8A86-6E6C5B318B52} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-03] (Avast Software s.r.o.)
Task: {F7BCC058-793C-423A-9757-32B9E3D1EFB3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-22 02:03 - 2014-11-22 02:03 - 00042496 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2015-05-03 06:58 - 2015-05-03 06:58 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-03 06:58 - 2015-05-03 06:58 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-04 16:56 - 2015-05-04 16:56 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050400\algo.dll
2015-05-04 18:53 - 2015-05-04 18:53 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050401\algo.dll
2015-03-21 16:59 - 2015-03-21 16:59 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4265028784-2171246771-3604942379-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IEEtwCollectorService => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{FC438FC3-89B7-413A-8752-F26A09681116}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office12\outlook.exe
FirewallRules: [{D1BED553-63D9-4577-95A5-5ECC161AB6D5}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{37413D1C-F387-4870-888D-D2B0D27CCAAB}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{94E32A6F-514B-410A-B1C1-F47234859D75}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{883A9131-1EC8-4440-B9F6-EF2817C11144}C:\program files (x86)\codemasters\colin mcrae rally 04\cmr4.exe] => (Block) C:\program files (x86)\codemasters\colin mcrae rally 04\cmr4.exe
FirewallRules: [UDP Query User{FF8508CA-E0DC-48BE-9C36-BC9E4CAFB724}C:\program files (x86)\codemasters\colin mcrae rally 04\cmr4.exe] => (Block) C:\program files (x86)\codemasters\colin mcrae rally 04\cmr4.exe
FirewallRules: [{8CDF88E1-050D-4F79-8CCB-13117A5AABEF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5152B220-BAC2-4E45-B34D-1713521CC98C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7D030C57-724B-4337-B378-C321A4F4F7FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{EC346994-9E91-4C07-ABD0-8FC78C320696}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{C16B3FB5-3B26-4FE2-A8B3-8E6DC882C612}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1DD97510-FB3A-426B-9AF3-1C8DD1B728D1}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{0814A748-8E72-4344-AA5E-836D3AB6A9E7}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/04/2015 09:40:22 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (05/04/2015 08:40:22 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (05/04/2015 07:40:22 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005

Error: (05/04/2015 06:52:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 06:52:04 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivácia licencie systému Windows zlyhala. Chyba: 0x80070005.

Error: (05/04/2015 04:56:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/04/2015 04:56:04 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivácia licencie systému Windows zlyhala. Chyba: 0x80070005.

Error: (05/03/2015 10:22:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/03/2015 10:22:25 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivácia licencie systému Windows zlyhala. Chyba: 0x80070005.

Error: (05/03/2015 09:27:17 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: )
Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code:
0x80070005


System errors:
=============
Error: (05/04/2015 07:40:22 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (05/04/2015 05:25:30 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/03/2015 10:57:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/03/2015 10:21:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/03/2015 09:27:17 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (05/03/2015 08:39:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
F06DEFF2-5B9C-490D-910F-35D3A91196222

Error: (05/03/2015 00:31:33 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (05/03/2015 09:24:08 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

Error: (05/03/2015 08:44:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
F06DEFF2-5B9C-490D-910F-35D3A91196222

Error: (05/03/2015 08:42:55 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU B800 @ 1.50GHz
Percentage of memory in use: 33%
Total physical RAM: 4072.13 MB
Available physical RAM: 2699.89 MB
Total Pagefile: 8142.45 MB
Available Pagefile: 6491.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:200.2 GB) (Free:53.82 GB) NTFS
Drive d: () (Fixed) (Total:370.88 GB) (Free:216.32 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 496B9619)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=200.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=370.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Vypnete trvale Windows Defender.



Napiste mi velikost adresare plochy (C:\Users\PC\Plocha)



Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Veľkosť (C:\Users\PC\Plocha) je 106GB
LOG

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-05-2015
Ran by PC at 2015-05-05 15:23:53 Run:2
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available profiles: PC)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-4265028784-2171246771-3604942379-1000\...\Run: [YandexElements] => C:\Users\PC\AppData\Local\Yandex\Elements\elements.exe\8.4.0.9140\elements64.exe [1594656 2014-08-27] (Yandex)
HKU\S-1-5-21-4265028784-2171246771-3604942379-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
BootExecute: autocheck autochk * sdnclean64.exe

Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File

OPR StartupUrls: "hxxp://www.yandex.ru/?win=146&clid=1989595"

2015-05-03 08:46 - 2015-05-03 08:48 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\PC\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-03 08:35 - 2014-03-30 15:40 - 00000000 ____D () C:\Users\PC\AppData\Roaming\Malwarebytes
2015-05-03 08:35 - 2014-03-30 15:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-03 08:35 - 2014-03-30 15:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [2014-04-09 289256]
S4 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S4 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S3 MBAMProtector;MBAMProtector; C:\Windows\system32\drivers\MBAMProtector.sys []

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-4265028784-2171246771-3604942379-1000\Software\Microsoft\Windows\CurrentVersion\Run\\YandexElements => Value not found.
HKU\S-1-5-21-4265028784-2171246771-3604942379-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => Value not found.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => Value was restored successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Value not found.
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => Key not found.
Opera StartupUrls not detected.
"C:\Users\PC\Downloads\mbam-setup-2.1.6.1022.exe" => File/Directory not found.
"C:\Users\PC\AppData\Roaming\Malwarebytes" => File/Directory not found.
"C:\ProgramData\Malwarebytes" => File/Directory not found.
"C:\Program Files (x86)\Malwarebytes' Anti-Malware" => File/Directory not found.
C:\Windows\Tasks\Adobe Flash Player Updater.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
AdobeARMservice => Service not found.
gupdate => Service not found.
gupdatem => Service not found.
McComponentHostService => Service not found.
MBAMService => Service not found.
MBAMScheduler => Service not found.
MBAMProtector => Service not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 5.6 MB temporary data.


The system needed a reboot.

==== End of Fixlog 15:24:22 ====

Jste to spustil 2x, ze?

pavbol306 píše:Veľkosť (C:\Users\PC\Plocha) je 106GB

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku



Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

vyosek píše: DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.