VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

kontrola logu po odvirovani

https://forum.viry.cz:443/viewtopic.php?t=144575

Stránka 1 z 1

kontrola logu po odvirovani

Napsal: 24 kvě 2015 18:54
od plasko
Zdravim, rad by som poprosil o kontrolu logu po odstraneni havede pomocou avast-u. prikladamm log z RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Denisa at 2015-05-24 19:49:01
Microsoft Windows 8.1 with Bing
System drive C: has 378 GB (87%) free of 435 GB
Total RAM: 1931 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:49:17, on 24.5.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\Lenovo\iMController\AutoUpdate.exe
C:\Users\Denisa\AppData\Local\Pokki\Engine\HostAppService.exe
C:\Users\Denisa\AppData\Local\Pokki\Engine\HostAppService.exe
C:\Program Files\trend micro\Denisa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Pokki] "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9012 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 67005886240
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
C:\windows\system32\CxAudMsg64.exe
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-b86b833c-dc8a-43a3-ad16-47f9a91df397 -SystemEventPortName:HostProcess-d17819bc-fffc-42f8-8a95-e709efcd116d -IoCancelEventPortName:HostProcess-f5ce4733-985b-4ba2-9b17-6c82298aee41 -NonStateChangingEventPortName:HostProcess-926227ce-263f-463e-964f-7d88fd12e6ce -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9def615c-f31f-4f92-a58f-ce26afa58a3a -DeviceGroupId:WudfDefaultDevicePool
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe /Embedding
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\Explorer.EXE
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
igfxHK.exe
igfxTray.exe
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\windows\system32\igfxEM.exe" -Embedding
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Users\Denisa\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
adb fork-server server
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /SHOWASYNC
"C:\Users\Denisa\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Lenovo\iMController\AutoUpdate.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
dashost.exe {be0a0105-5811-4937-906bc6097b0fb8c7}
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Users\Denisa\AppData\Local\Pokki\Engine\HostAppService.exe"
"C:\Users\Denisa\AppData\Local\Pokki\Engine\HostAppService.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/15/OneClickSignIn/BlueOnWhite/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderMulti/ProxyConnectionImpact/proxy_connections_32/SBInterstitial/V1/SpdyCwnd/cwnd16/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/Test0PercentDefault/default/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_03/UMA-Uniformity-Trial-1-Percent/group_21/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_01/UMA-Uniformity-Trial-50-Percent/group_01/WarmSocketImpact/warmest_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="6052.2.328863290\775108577" /prefetch:3
"C:\Users\Denisa\AppData\Local\Pokki\Engine\StartMenuIndexer.exe"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0x1488_0x148c_0x18d162029"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2316.0.1520508562\1077211125" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,43 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3496 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="AffiliationBasedMatching/Disabled/BackgroundRendererProcesses/AllowBelowNormalFromBrowser/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_44/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2316 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="2316.1.1278617497\1075794338" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="AffiliationBasedMatching/Disabled/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_44/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2316 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="2316.16.607657501\944487996" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=sk --force-fieldtrials="AffiliationBasedMatching/Disabled/*BackgroundRendererProcesses/AllowBelowNormalFromBrowser/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Disabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A2_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_44/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_14/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Disabled/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=2316 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --use-image-texture-target=3553 --channel="2316.21.304031798\1838919973" /prefetch:673131151

C:\windows\servicing\TrustedInstaller.exe
taskeng.exe {20F6C40C-993A-4464-8915-714B77F000F9}
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Users\Denisa\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Denisa\AppData\Roaming\Mozilla\Firefox\Profiles\a0gygy8l.default-1431462682292

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.169 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-11 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-11 565304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"BtServer"=C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [2014-01-06 216064]
"RtsFT"=C:\windows\RTFTrack.exe [2014-01-21 6340312]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-09-20 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-09-20 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-09-20 10841584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pokki"=C:\Users\Denisa\AppData\Local\Pokki\Engine\HostAppServiceUpdater.exe [2015-05-23 10566656]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-04-23 8204056]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-12 5515496]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19 1022152]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VisualDiscovery]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-05-24 19:49:02 ----D---- C:\Program Files\trend micro
2015-05-24 19:49:01 ----D---- C:\rsit
2015-05-24 19:20:11 ----D---- C:\Program Files\CCleaner
2015-05-17 09:47:52 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 09:47:52 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 19:09:37 ----A---- C:\windows\system32\drivers\USBHUB3.SYS
2015-05-13 19:09:37 ----A---- C:\windows\system32\drivers\bthhfenum.sys
2015-05-13 19:09:31 ----A---- C:\windows\system32\mshtml.dll
2015-05-13 19:09:30 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-05-13 19:09:27 ----A---- C:\windows\system32\jscript9.dll
2015-05-13 19:09:26 ----A---- C:\windows\system32\ieframe.dll
2015-05-13 19:09:25 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-05-13 19:09:24 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-05-13 19:09:24 ----A---- C:\windows\system32\wininet.dll
2015-05-13 19:09:23 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-05-13 19:09:23 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-05-13 19:09:23 ----A---- C:\windows\system32\iertutil.dll
2015-05-13 19:09:22 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-05-13 19:09:22 ----A---- C:\windows\system32\vbscript.dll
2015-05-13 19:09:22 ----A---- C:\windows\system32\urlmon.dll
2015-05-13 19:09:22 ----A---- C:\windows\system32\jscript.dll
2015-05-13 19:09:21 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-05-13 19:09:21 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-05-13 19:09:21 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-05-13 19:09:21 ----A---- C:\windows\system32\ie4uinit.exe
2015-05-13 19:09:20 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-05-13 19:09:20 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-05-13 19:09:20 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-05-13 19:09:20 ----A---- C:\windows\system32\webcheck.dll
2015-05-13 19:09:20 ----A---- C:\windows\system32\mshtmled.dll
2015-05-13 19:09:20 ----A---- C:\windows\system32\msfeeds.dll
2015-05-13 19:09:20 ----A---- C:\windows\system32\inseng.dll
2015-05-13 19:09:20 ----A---- C:\windows\system32\ieui.dll
2015-05-13 19:09:20 ----A---- C:\windows\system32\iepeers.dll
2015-05-13 19:09:20 ----A---- C:\windows\system32\dxtrans.dll
2015-05-13 19:09:19 ----A---- C:\windows\SYSWOW64\webcheck.dll
2015-05-13 19:09:19 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2015-05-13 19:09:19 ----A---- C:\windows\SYSWOW64\iepeers.dll
2015-05-13 19:09:19 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-05-13 19:09:19 ----A---- C:\windows\system32\inetcomm.dll
2015-05-13 19:09:19 ----A---- C:\windows\system32\iedkcs32.dll
2015-05-13 19:09:19 ----A---- C:\windows\system32\ieapfltr.dll
2015-05-13 19:08:49 ----A---- C:\windows\SYSWOW64\dwmcore.dll
2015-05-13 19:08:49 ----A---- C:\windows\system32\dwmcore.dll
2015-05-13 19:03:41 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-05-13 19:03:41 ----A---- C:\windows\system32\schannel.dll
2015-05-13 19:03:37 ----A---- C:\windows\system32\drivers\ahcache.sys
2015-05-13 19:03:32 ----A---- C:\windows\SYSWOW64\Windows.UI.Input.Inking.dll
2015-05-13 19:03:32 ----A---- C:\windows\system32\Windows.UI.Input.Inking.dll
2015-05-13 19:03:28 ----A---- C:\windows\system32\SettingsHandlers.dll
2015-05-13 19:03:27 ----A---- C:\windows\system32\SystemSettingsDatabase.dll
2015-05-13 18:58:51 ----A---- C:\windows\SYSWOW64\dbghelp.dll
2015-05-13 18:58:51 ----A---- C:\windows\SYSWOW64\dbgeng.dll
2015-05-13 18:58:51 ----A---- C:\windows\system32\dbghelp.dll
2015-05-13 18:58:51 ----A---- C:\windows\system32\dbgeng.dll
2015-05-13 18:58:37 ----A---- C:\windows\SYSWOW64\SRH.dll
2015-05-13 18:58:37 ----A---- C:\windows\system32\SRH.dll
2015-05-13 18:53:47 ----A---- C:\windows\SYSWOW64\PhotoMetadataHandler.dll
2015-05-13 18:53:47 ----A---- C:\windows\system32\PhotoMetadataHandler.dll
2015-05-13 18:53:46 ----A---- C:\windows\system32\FntCache.dll
2015-05-13 18:53:46 ----A---- C:\windows\system32\DWrite.dll
2015-05-13 18:53:45 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-05-13 18:53:45 ----A---- C:\windows\system32\win32k.sys
2015-05-13 18:53:44 ----A---- C:\windows\system32\UtcResources.dll
2015-05-13 18:53:44 ----A---- C:\windows\system32\diagtrack.dll
2015-05-13 18:53:42 ----A---- C:\windows\system32\drivers\cng.sys
2015-05-13 18:53:41 ----A---- C:\windows\SYSWOW64\certcli.dll
2015-05-13 18:53:41 ----A---- C:\windows\system32\lsasrv.dll
2015-05-13 18:53:41 ----A---- C:\windows\system32\certcli.dll
2015-05-13 18:53:32 ----A---- C:\windows\SYSWOW64\sdbinst.exe
2015-05-13 18:53:32 ----A---- C:\windows\system32\sdbinst.exe
2015-05-13 18:53:30 ----A---- C:\windows\system32\wevtsvc.dll
2015-05-13 18:53:28 ----A---- C:\windows\system32\drivers\sdbus.sys
2015-05-13 18:53:28 ----A---- C:\windows\system32\drivers\dumpsd.sys
2015-05-13 18:53:27 ----A---- C:\windows\system32\services.exe
2015-05-13 18:53:25 ----A---- C:\windows\SYSWOW64\wpdshext.dll
2015-05-13 18:53:25 ----A---- C:\windows\system32\wpdshext.dll
2015-05-13 18:53:21 ----A---- C:\windows\system32\dpapisrv.dll
2015-05-13 18:53:15 ----A---- C:\windows\system32\drivers\udfs.sys
2015-05-03 03:27:54 ----A---- C:\windows\system32\aswBoot.exe
2015-05-03 03:27:17 ----A---- C:\windows\avastSS.scr
2015-04-25 20:35:41 ----SD---- C:\windows\system32\CompatTel
2015-04-25 20:35:41 ----D---- C:\windows\system32\appraiser

======List of files/folders modified in the last 1 month======

2015-05-24 19:49:02 ----RD---- C:\Program Files
2015-05-24 19:24:54 ----D---- C:\windows\Prefetch
2015-05-24 19:23:26 ----D---- C:\Users\Denisa\AppData\Roaming\DAEMON Tools Lite
2015-05-24 19:23:10 ----D---- C:\windows\Panther
2015-05-24 19:23:10 ----D---- C:\windows\Inf
2015-05-24 19:23:09 ----D---- C:\windows\Logs
2015-05-24 19:23:09 ----D---- C:\windows\debug
2015-05-24 19:23:09 ----AD---- C:\Windows
2015-05-24 19:23:08 ----D---- C:\windows\Temp
2015-05-24 19:20:23 ----D---- C:\windows\system32\Tasks
2015-05-24 19:16:42 ----RD---- C:\Program Files (x86)
2015-05-24 19:16:00 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-24 19:02:30 ----D---- C:\windows\system32\sru
2015-05-24 19:01:40 ----D---- C:\windows\CbsTemp
2015-05-24 18:56:28 ----D---- C:\windows\Microsoft.NET
2015-05-24 18:43:41 ----SHD---- C:\System Volume Information
2015-05-24 18:37:36 ----D---- C:\windows\system32\config
2015-05-24 15:09:46 ----RAD---- C:\windows\System32
2015-05-24 15:09:46 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-05-22 18:48:11 ----SHD---- C:\windows\Installer
2015-05-22 18:43:24 ----D---- C:\windows\Tasks
2015-05-22 18:24:51 ----D---- C:\windows\AppReadiness
2015-05-22 18:24:48 ----HD---- C:\Program Files\WindowsApps
2015-05-17 19:27:51 ----D---- C:\windows\WinSxS
2015-05-17 09:52:55 ----D---- C:\windows\SysWOW64
2015-05-17 09:52:54 ----D---- C:\windows\system32\drivers
2015-05-17 09:52:52 ----RSD---- C:\windows\Fonts
2015-05-17 09:52:51 ----D---- C:\windows\system32\DriverStore
2015-05-17 09:48:19 ----RD---- C:\windows\ImmersiveControlPanel
2015-05-17 09:47:33 ----D---- C:\windows\system32\AdvancedInstallers
2015-05-13 19:49:24 ----D---- C:\windows\apppatch
2015-05-13 19:49:22 ----D---- C:\Program Files\Internet Explorer
2015-05-13 19:49:22 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-13 19:48:52 ----D---- C:\windows\system32\MRT
2015-05-13 19:43:19 ----A---- C:\windows\system32\MRT.exe
2015-05-13 19:33:31 ----D---- C:\Program Files\Windows Journal
2015-05-13 18:44:10 ----D---- C:\windows\system32\catroot2
2015-05-12 07:06:07 ----D---- C:\windows\MediaViewer
2015-05-12 07:06:06 ----D---- C:\windows\FileManager
2015-05-12 07:06:06 ----D---- C:\windows\Camera
2015-05-12 07:06:04 ----RD---- C:\windows\ToastData
2015-05-12 07:05:42 ----D---- C:\Program Files\Windows Portable Devices
2015-05-12 07:05:42 ----D---- C:\Program Files\Windows Photo Viewer
2015-05-12 07:05:42 ----D---- C:\Program Files\Windows Multimedia Platform
2015-05-12 07:05:42 ----D---- C:\Program Files\Windows Media Player
2015-05-12 07:05:42 ----D---- C:\Program Files\Windows Mail
2015-05-12 07:05:41 ----D---- C:\windows\SYSWOW64\sk-SK
2015-05-12 07:05:41 ----D---- C:\windows\SYSWOW64\oobe
2015-05-12 07:05:41 ----D---- C:\windows\SYSWOW64\migration
2015-05-12 07:05:41 ----D---- C:\windows\SYSWOW64\en-US
2015-05-12 07:05:41 ----D---- C:\windows\SYSWOW64\Com
2015-05-12 07:05:41 ----D---- C:\windows\servicing
2015-05-12 07:05:41 ----D---- C:\Program Files\Common Files\System
2015-05-12 07:05:40 ----D---- C:\windows\SYSWOW64\sppui
2015-05-12 07:05:40 ----D---- C:\windows\SYSWOW64\setup
2015-05-12 07:05:39 ----D---- C:\windows\SYSWOW64\wbem
2015-05-12 07:05:39 ----D---- C:\windows\SYSWOW64\migwiz
2015-05-12 07:05:39 ----D---- C:\windows\SYSWOW64\Dism
2015-05-12 07:05:01 ----D---- C:\windows\twain_32
2015-05-12 07:05:01 ----D---- C:\windows\system32\Sysprep
2015-05-12 07:05:01 ----D---- C:\windows\system32\sk-SK
2015-05-12 07:05:01 ----D---- C:\windows\system32\migration
2015-05-12 07:05:01 ----D---- C:\windows\system32\en-US
2015-05-12 07:05:01 ----D---- C:\windows\system32\Com
2015-05-12 07:05:01 ----D---- C:\windows\IME
2015-05-12 07:05:01 ----AD---- C:\windows\system32\oobe
2015-05-12 07:05:00 ----D---- C:\windows\system32\setup
2015-05-12 07:04:57 ----D---- C:\windows\system32\sppui
2015-05-12 07:04:56 ----D---- C:\windows\system32\WinBioPlugIns
2015-05-12 07:04:56 ----D---- C:\windows\system32\drivers\en-US
2015-05-12 07:04:55 ----D---- C:\windows\system32\wbem
2015-05-12 07:04:54 ----SD---- C:\windows\system32\dsc
2015-05-12 07:04:54 ----D---- C:\windows\system32\SystemResetPlatform
2015-05-12 07:04:54 ----D---- C:\windows\system32\migwiz
2015-05-12 07:04:54 ----D---- C:\windows\system32\Dism
2015-05-12 07:04:05 ----D---- C:\Program Files (x86)\Windows Portable Devices
2015-05-12 07:04:05 ----D---- C:\Program Files (x86)\Windows Multimedia Platform
2015-05-12 07:04:05 ----D---- C:\Program Files (x86)\Windows Media Player
2015-05-12 07:04:05 ----D---- C:\Program Files (x86)\Windows Mail
2015-05-12 07:04:04 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2015-05-12 07:03:50 ----D---- C:\Program Files\WindowsPowerShell
2015-05-12 07:03:31 ----D---- C:\windows\system32\drivers\UMDF
2015-05-12 05:37:56 ----SH---- C:\windows\system32\desktop.ini
2015-05-12 05:31:25 ----A---- C:\windows\SYSWOW64\msclmd.dll
2015-05-12 05:30:26 ----A---- C:\windows\system32\msclmd.dll
2015-05-09 07:43:25 ----D---- C:\Users\Denisa\AppData\Roaming\Skype
2015-05-05 19:59:54 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-05-03 21:25:47 ----D---- C:\Users\Denisa\AppData\Roaming\vlc
2015-04-25 20:44:06 ----D---- C:\windows\AppCompat
2015-04-25 20:38:42 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-25 20:35:41 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2015-05-03 65736]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2015-05-03 272248]
R0 MBI;@oem10.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\windows\System32\drivers\MBI.sys [2013-10-10 29464]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2015-05-03 93528]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2015-05-03 1047320]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2015-05-03 442264]
R1 dtsoftbus01;@oem38.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\windows\System32\drivers\dtsoftbus01.sys [2014-10-08 283064]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2015-05-03 29168]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2015-05-03 89944]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2015-05-03 137288]
R3 ACPIVPC;@oem36.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-09-20 35576]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2014-07-24 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem11.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 MarvinBus;@oem44.inf,%MarvinBus.SVCDESC%;Pinnacle Marvin Bus 64; C:\windows\System32\drivers\MarvinBus64.sys [2005-09-23 261120]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSUSBVSTOR;@oem34.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2013-09-24 329944]
R3 RtkBtFilter;@oem14.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\windows\system32\DRIVERS\RtkBtfilter.sys [2014-01-14 558296]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 rtsuvc;@oem24.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
R3 RTWlanE;@oem18.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\windows\system32\DRIVERS\rtwlane.sys [2013-12-26 2982104]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-24 34544]
R3 SynTP;@oem13.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-12-24 532720]
R3 TXEIx64;@oem9.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 dg_ssudbus;@oem48.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 ssudmdm;@oem50.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;@oem51.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\windows\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-05-03 343336]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2014-01-22 84992]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-03-12 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-03-06 584632]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-09-20 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-09-20 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2014-09-20 67856]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-09-20 305136]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-20 268464]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-12 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18 116648]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-06-03 533760]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-09-03 272776]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-25 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------

Re: kontrola logu po odvirovani

Napsal: 25 kvě 2015 15:30
od Márty84
Zdravim :)

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Re: kontrola logu po odvirovani

Napsal: 25 kvě 2015 19:33
od plasko
nech sa paci ten log z adwcleaner :)
# AdwCleaner v4.205 - Log vytvorený 25/05/2015 at 20:19:41
# Aktualizované 21/05/2015 by Xplode
# Databáza : 2015-05-25.3 [Server]
# Operačný systém : Windows 8.1 Connected (x64)
# Uživateľské meno : Denisa - DENISKAKARINKA
# Spustené z : C:\Users\Denisa\Desktop\adwcleaner_4.205.exe
# Nastavenia : Čistenie

***** [ Služby ] *****


***** [ Súbory / Priečinky ] *****

Priečinok Zmazané : C:\ProgramData\pokki
Priečinok Zmazané : C:\Users\Denisa\AppData\Local\pokki
Súbor Zmazané : C:\windows\SysWOW64\VisualDiscovery.ini
Súbor Zmazané : C:\windows\SysWOW64\VisualDiscoveryOff.ini
Súbor Zmazané : C:\windows\System32\VisualDiscoveryOff.ini

***** [ Naplánované úlohy ] *****


***** [ Zástupcovia ] *****


***** [ Registre ] *****

Kľúč registra Zmazané : HKCU\Software\Classes\pokki
Hodnota Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Kľúč registra Zmazané : HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Kľúč registra Zmazané : HKCU\Software\Classes\Directory\shell\pokki
Kľúč registra Zmazané : HKCU\Software\Classes\Drive\shell\pokki
Kľúč registra Zmazané : HKCU\Software\Classes\lnkfile\shell\pokki
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_Start_Menu
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Kľúč registra Zmazané : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Kľúč registra Zmazané : HKCU\Software\Pokki
Kľúč registra Zmazané : HKLM\SOFTWARE\VisualDiscovery
Kľúč registra Zmazané : HKLM\SOFTWARE\Superfish Inc. VisualDiscovery
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki

***** [ Webové prehliadače ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v37.0.2 (x86 sk)


-\\ Google Chrome v43.0.2357.65


*************************

AdwCleaner[R0].txt - [3924 bajtov] - [25/05/2015 20:15:14]
AdwCleaner[S0].txt - [3658 bajtov] - [25/05/2015 20:19:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3718 bajtov] ##########

Re: kontrola logu po odvirovani

Napsal: 26 kvě 2015 08:41
od Márty84
:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: kontrola logu po odvirovani

Napsal: 26 kvě 2015 21:48
od plasko
log z MBAM:
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 26.5.2015
Čas skenování: 19:48:48
Protokol:
Správce: Ano

Verze: 2.01.6.1022
Databáze malwaru: v2015.05.26.05
Databáze rootkitů: v2015.05.24.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Denisa

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 547828
Uplynulý čas: 2 hod, 21 min, 11 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 1
PUP.Optional.VisualDiscovery.A, HKLM\SOFTWARE\WOW6432NODE\LENOVO\VisualDiscovery, , [94a9dcbc7713fa3c5a7d81614fb4f709],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: kontrola logu po odvirovani

Napsal: 27 kvě 2015 09:11
od Márty84
:arrow: Nalez nechte odstranit, pak muzete MBAM odinstalovat.

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)

Re: kontrola logu po odvirovani

Napsal: 27 kvě 2015 18:46
od plasko
no dufam som vsetko spravil dobre a prikladam log z frst a v prilohe zbaleny addition :)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015
Ran by Denisa (administrator) on DENISKAKARINKA on 27-05-2015 19:36:54
Running from C:\Users\Denisa\Desktop
Loaded Profiles: Denisa (Available Profiles: Denisa)
Platform: Windows 8.1 Connected (X64) OS Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Denisa\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [216064 2014-01-06] (Realtek Semiconductor Corporation)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-20] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-20] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-09-20] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\adfaa539-5391-4c20-bfcd-1113243af10c.exe [183232 2015-05-25] (AVAST Software)
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-03] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3519531886-3188647942-518754697-1001 -> {0F75488E-5183-47B6-B173-CA112965E5DC} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-11] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-11] (Avast Software s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Denisa\AppData\Roaming\Mozilla\Firefox\Profiles\a0gygy8l.default-1431462682292
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-20] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-20] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Firefox Certificate Store Hotfix - C:\Users\Denisa\AppData\Roaming\Mozilla\Firefox\Profiles\a0gygy8l.default-1431462682292\Extensions\firefox-hotfix@mozilla.org.xpi [2015-05-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-08]

Chrome:
=======
CHR Profile: C:\Users\Denisa\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Denisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-18]
CHR Extension: (Google Docs) - C:\Users\Denisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-18]
CHR Extension: (Google Drive) - C:\Users\Denisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-18]
CHR Extension: (YouTube) - C:\Users\Denisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-18]
CHR Extension: (Google Search) - C:\Users\Denisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-18]
CHR Extension: (Google Sheets) - C:\Users\Denisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-18]
CHR Extension: (Bookmark Manager) - C:\Users\Denisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-24]
CHR Extension: (Avast Online Security) - C:\Users\Denisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-18]
CHR Extension: (Google Wallet) - C:\Users\Denisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-18]
CHR Extension: (Gmail) - C:\Users\Denisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-03] (Avast Software s.r.o.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [84992 2014-01-22] () [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-20] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272776 2014-09-03] ()
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-20] (Lenovo)
R3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-09-20] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-20] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-03] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-03] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-03] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-03] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-03] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-03] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-03] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-03] ()
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-08] (Disc Soft Ltd)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-14] (Realtek Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2982104 2013-12-26] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-27 19:36 - 2015-05-27 19:37 - 00017166 _____ () C:\Users\Denisa\Desktop\FRST.txt
2015-05-27 19:35 - 2015-05-27 19:37 - 00000000 ____D () C:\FRST
2015-05-27 19:34 - 2015-05-27 19:34 - 00112640 _____ (forum.viry.cz) C:\Users\Denisa\Downloads\FRSTLauncher.exe
2015-05-27 19:34 - 2015-05-27 19:34 - 00112640 _____ (forum.viry.cz) C:\Users\Denisa\Desktop\FRSTLauncher.exe
2015-05-27 19:29 - 2015-05-27 19:30 - 02108928 _____ (Farbar) C:\Users\Denisa\Desktop\FRST64.exe
2015-05-26 19:47 - 2015-05-26 19:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-26 19:45 - 2015-05-26 19:46 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Denisa\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-25 20:31 - 2015-05-25 20:31 - 02223104 _____ () C:\Users\Denisa\Downloads\adwcleaner_4.205.exe
2015-05-25 20:28 - 2015-05-25 20:28 - 00002266 _____ () C:\windows\PFRO.log
2015-05-25 20:15 - 2015-05-25 20:20 - 00000000 ____D () C:\AdwCleaner
2015-05-25 20:13 - 2015-05-25 20:14 - 02223104 _____ () C:\Users\Denisa\Desktop\adwcleaner_4.205.exe
2015-05-24 20:10 - 2015-05-27 08:39 - 00001804 _____ () C:\windows\setupact.log
2015-05-24 20:10 - 2015-05-24 20:10 - 00000000 _____ () C:\windows\setuperr.log
2015-05-24 19:49 - 2015-05-24 19:49 - 00000000 ____D () C:\rsit
2015-05-24 19:49 - 2015-05-24 19:49 - 00000000 ____D () C:\Program Files\trend micro
2015-05-24 19:48 - 2015-05-24 19:48 - 01222144 _____ () C:\Users\Denisa\Downloads\RSITx64.exe
2015-05-24 19:20 - 2015-05-24 19:20 - 00002804 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2015-05-24 19:20 - 2015-05-24 19:20 - 00000845 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-05-24 19:20 - 2015-05-24 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-24 19:20 - 2015-05-24 19:20 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-24 19:18 - 2015-05-24 19:18 - 06484352 _____ (Piriform Ltd) C:\Users\Denisa\Downloads\ccsetup505.exe
2015-05-24 19:11 - 2015-05-24 19:11 - 00880208 _____ (Google Inc.) C:\Users\Denisa\Downloads\ChromeSetup(1).exe
2015-05-22 18:38 - 2015-05-22 18:38 - 00880208 _____ (Google Inc.) C:\Users\Denisa\Downloads\ChromeSetup.exe
2015-05-17 09:47 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 09:47 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 19:09 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-13 19:09 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-13 19:09 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-13 19:09 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-13 19:09 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-13 19:09 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-13 19:09 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-13 19:09 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-13 19:09 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2015-05-13 19:09 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-13 19:09 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-13 19:09 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-13 19:09 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2015-05-13 19:09 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-13 19:09 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-13 19:09 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2015-05-13 19:09 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-13 19:09 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2015-05-13 19:09 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-13 19:09 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-13 19:09 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-13 19:09 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-13 19:09 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-13 19:09 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-13 19:09 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2015-05-13 19:09 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-13 19:09 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2015-05-13 19:09 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-13 19:09 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2015-05-13 19:09 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-13 19:09 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-13 19:09 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-13 19:09 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-13 19:09 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-13 19:09 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-13 19:09 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-13 19:09 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-13 19:09 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-13 19:09 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-13 19:09 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2015-05-13 19:09 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthhfenum.sys
2015-05-13 19:08 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2015-05-13 19:08 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2015-05-13 19:03 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-13 19:03 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-05-13 19:03 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ahcache.sys
2015-05-13 19:03 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Input.Inking.dll
2015-05-13 19:03 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 19:03 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers.dll
2015-05-13 19:03 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsDatabase.dll
2015-05-13 18:58 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbgeng.dll
2015-05-13 18:58 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\windows\system32\dbgeng.dll
2015-05-13 18:58 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\windows\system32\dbghelp.dll
2015-05-13 18:58 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbghelp.dll
2015-05-13 18:58 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\windows\system32\SRH.dll
2015-05-13 18:58 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\windows\SysWOW64\SRH.dll
2015-05-13 18:53 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-13 18:53 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-13 18:53 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-13 18:53 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-13 18:53 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-05-13 18:53 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-13 18:53 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\PhotoMetadataHandler.dll
2015-05-13 18:53 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 18:53 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-05-13 18:53 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-13 18:53 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-05-13 18:53 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-13 18:53 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2015-05-13 18:53 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2015-05-13 18:53 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2015-05-13 18:53 - 2015-03-13 02:29 - 00410017 _____ () C:\windows\system32\ApnDatabase.xml
2015-05-13 18:53 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-13 18:53 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-05-13 18:53 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-05-13 18:53 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
2015-05-13 18:53 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-05-13 18:53 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-13 18:53 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2015-05-05 20:08 - 2015-05-05 20:45 - 238805764 _____ () C:\Users\Denisa\Downloads\Elena-Undone_arc.avi
2015-05-03 21:44 - 2015-05-03 22:03 - 1057414808 _____ () C:\Users\Denisa\Downloads\Život Adele Blue Is the Warmest Color - 2013 cz tit..avi
2015-05-03 03:27 - 2015-05-03 03:27 - 00364472 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-05-03 03:27 - 2015-05-03 03:27 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-27 19:27 - 2014-10-08 09:51 - 00003596 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3519531886-3188647942-518754697-1001
2015-05-27 19:01 - 2014-09-20 15:39 - 01163511 _____ () C:\windows\WindowsUpdate.log
2015-05-27 19:00 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\system32\sru
2015-05-27 18:57 - 2014-10-08 09:49 - 00003954 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{BAC8C55C-0514-418B-855E-5F095FD06DA6}
2015-05-27 18:48 - 2015-01-18 06:15 - 00000974 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-27 18:48 - 2015-01-18 06:15 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-27 18:45 - 2014-10-08 21:07 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-25 20:40 - 2014-09-20 16:10 - 00000000 ____D () C:\windows\System32\Tasks\Lenovo
2015-05-25 20:31 - 2014-10-08 09:48 - 00000000 ___DO () C:\Users\Denisa\OneDrive
2015-05-25 20:29 - 2014-10-08 09:44 - 00402330 _____ () C:\Users\Denisa\AppData\Local\BTServer.log
2015-05-25 20:28 - 2013-08-22 16:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-25 20:27 - 2013-08-22 15:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2015-05-25 20:25 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\AppReadiness
2015-05-25 20:19 - 2014-09-20 16:25 - 00002560 _____ () C:\windows\system32\VfService.trf
2015-05-25 20:19 - 2014-09-20 15:31 - 01574768 _____ () C:\Users\Public\CAFADEBUG.log
2015-05-24 23:04 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\rescache
2015-05-24 20:36 - 2013-08-22 17:20 - 00000000 ____D () C:\windows\CbsTemp
2015-05-24 20:32 - 2015-04-06 12:08 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-05-24 20:32 - 2015-04-06 12:08 - 00000000 ___SD () C:\windows\system32\GWX
2015-05-24 20:12 - 2014-03-18 11:53 - 00863592 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-24 19:23 - 2014-10-08 19:57 - 00000000 ____D () C:\Users\Denisa\AppData\Roaming\DAEMON Tools Lite
2015-05-24 19:23 - 2014-04-02 19:34 - 00000000 ____D () C:\windows\Panther
2015-05-24 19:16 - 2015-04-21 20:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-24 19:02 - 2014-10-08 20:26 - 00002285 _____ () C:\Users\Denisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2015-05-24 15:06 - 2014-10-08 20:01 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-05-24 15:02 - 2013-08-22 16:44 - 00560528 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-22 18:43 - 2015-01-18 06:15 - 00003946 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-22 18:43 - 2015-01-18 06:15 - 00003710 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-22 18:42 - 2015-03-08 14:55 - 00000000 ____D () C:\Users\Denisa\Desktop\IV.stretnutie
2015-05-17 09:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\windows\ImmersiveControlPanel
2015-05-17 09:47 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
2015-05-17 09:04 - 2014-10-08 20:39 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-13 19:48 - 2014-10-09 19:28 - 00000000 ____D () C:\windows\system32\MRT
2015-05-13 19:43 - 2014-10-09 19:28 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-13 19:33 - 2014-03-18 11:38 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\windows\ToastData
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\MediaViewer
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\FileManager
2015-05-12 07:06 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\Camera
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\SysWOW64\sppui
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\SysWOW64\sk-SK
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\SysWOW64\setup
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\SysWOW64\migwiz
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\SysWOW64\Com
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\system32\sk-SK
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\system32\setup
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\system32\Com
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\IME
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2015-05-12 07:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-12 07:05 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\SysWOW64\oobe
2015-05-12 07:05 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\SysWOW64\Dism
2015-05-12 07:05 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\system32\Sysprep
2015-05-12 07:05 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\system32\oobe
2015-05-12 07:05 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\servicing
2015-05-12 07:04 - 2013-08-22 17:36 - 00000000 ___SD () C:\windows\system32\dsc
2015-05-12 07:04 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\system32\WinBioPlugIns
2015-05-12 07:04 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\system32\SystemResetPlatform
2015-05-12 07:04 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\system32\sppui
2015-05-12 07:04 - 2013-08-22 17:36 - 00000000 ____D () C:\windows\system32\migwiz
2015-05-12 07:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2015-05-12 07:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-05-12 07:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Multimedia Platform
2015-05-12 07:04 - 2013-08-22 15:36 - 00000000 ____D () C:\windows\system32\Dism
2015-05-12 07:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\WindowsPowerShell
2015-05-12 06:38 - 2014-10-28 21:35 - 00011068 _____ () C:\Users\Denisa\Documents\mzda.xlsx
2015-05-12 05:31 - 2013-08-22 17:36 - 00195072 _____ (Microsoft Corporation) C:\windows\SysWOW64\msclmd.dll
2015-05-12 05:30 - 2013-08-22 17:36 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\msclmd.dll
2015-05-09 10:08 - 2014-10-08 09:41 - 00000000 ____D () C:\Users\Denisa
2015-05-09 07:43 - 2014-10-08 20:13 - 00000000 ____D () C:\Users\Denisa\AppData\Roaming\Skype
2015-05-05 19:59 - 2015-03-21 09:17 - 00792568 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-03-21 09:17 - 00178168 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-03 21:25 - 2014-10-08 20:54 - 00000000 ____D () C:\Users\Denisa\AppData\Roaming\vlc
2015-05-03 03:27 - 2014-10-08 20:00 - 00442264 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys
2015-05-03 03:27 - 2014-10-08 20:00 - 00272248 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-05-03 03:27 - 2014-10-08 20:00 - 00137288 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys
2015-05-03 03:27 - 2014-10-08 20:00 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys
2015-05-03 03:27 - 2014-10-08 20:00 - 00089944 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-05-03 03:27 - 2014-10-08 20:00 - 00065736 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-05-03 03:27 - 2014-10-08 20:00 - 00029168 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-05-03 03:26 - 2014-10-08 20:00 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-05-01 10:11 - 2014-10-08 09:44 - 00000000 ____D () C:\Users\Denisa\Documents\My Bluetooth

==================== Files in the root of some directories =======

2014-10-08 09:44 - 2015-05-25 20:29 - 0402330 _____ () C:\Users\Denisa\AppData\Local\BTServer.log
2014-09-20 15:31 - 2014-09-20 15:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Denisa\AppData\Local\Temp\oct83DE.tmp.exe
C:\Users\Denisa\AppData\Local\Temp\Quarantine.exe
C:\Users\Denisa\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Denisa\Desktop" je 770 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: kontrola logu po odvirovani

Napsal: 27 kvě 2015 18:57
od Márty84
:arrow: Hlidejte velikost plochy, nemela by presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku :-)



:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)

HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\S-1-5-21-3519531886-3188647942-518754697-1001 -> {0F75488E-5183-47B6-B173-CA112965E5DC} URL =

2015-05-26 19:47 - 2015-05-26 19:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-26 19:45 - 2015-05-26 19:46 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Denisa\Downloads\mbam-setup-2.1.6.1022.exe

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-20 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18 116648]

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Re: kontrola logu po odvirovani

Napsal: 28 kvě 2015 01:07
od plasko
ah... velkost suborov na ploche este stale hraju rolu? :) som myslel ze odkedy je operacna pamat uz v radoch GB tak uz to nema taky vplyv ako na win 98 :)

mal som nastavene pozastavenie antiviru do restartu koli funkcii frst ale po restarte uz nabehol a hodil mi tam blokaciu nan ktoru som uz sice pridal do vynimiek ale nie som si isty ci vykonal uz kompletne cely script, prikladam log po restarte:

Fix result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015
Ran by Denisa at 2015-05-28 01:53:17 Run:1
Running from C:\Users\Denisa\Desktop
Loaded Profiles: Denisa (Available Profiles: Denisa)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)

HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKU\S-1-5-21-3519531886-3188647942-518754697-1001 -> {0F75488E-5183-47B6-B173-CA112965E5DC} URL =

2015-05-26 19:47 - 2015-05-26 19:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-26 19:45 - 2015-05-26 19:46 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Denisa\Downloads\mbam-setup-2.1.6.1022.exe

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-20 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-18 116648]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value Removed successfully
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value Removed successfully
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value Removed successfully
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value Removed successfully
HKU\S-1-5-21-3519531886-3188647942-518754697-1001\Software\Microsoft\Internet Explorer\Main\\Default_Secondary_Page_URL => value Removed successfully
"HKU\S-1-5-21-3519531886-3188647942-518754697-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0F75488E-5183-47B6-B173-CA112965E5DC}" => key Removed successfully
HKCR\CLSID\{0F75488E-5183-47B6-B173-CA112965E5DC} => key not found.
C:\ProgramData\Malwarebytes => Moved successfully.
C:\Users\Denisa\Downloads\mbam-setup-2.1.6.1022.exe => Moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
AdobeARMservice => Service Removed successfully
gupdate => Service Removed successfully
SkypeUpdate => Service Removed successfully
AdobeFlashPlayerUpdateSvc => Service Removed successfully
gupdatem => Service Removed successfully
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts restored successfully.
EmptyTemp: => Removed 128.2 MB temporary data.


The system needed a reboot.

==== End of Fixlog 01:54:50 ====

Re: kontrola logu po odvirovani

Napsal: 28 kvě 2015 09:31
od Márty84
plasko píše:ah... velkost suborov na ploche este stale hraju rolu?
Jasne ze hraje. Mozna ne tak velkou, ale porad je to znat, zvlas kdyz tam ma nekdo treba 200GB, jak se tu obcas stava :)



:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak je na tom pc.

Re: kontrola logu po odvirovani

Napsal: 10 čer 2015 21:51
od plasko
prepacte, bol som par dni mimo a potom som na to trochu pozabudol priznam sa O:) dakujem pekne, vsetko uz slape tak ako ma, je to citelny rozdiel :) takze ak som spravne odpozoroval tak tam este nejaka haved zasita ostala, vsak? este raz velmi pekne dakujem za rady, postupy, ochotu a cas :)

Re: kontrola logu po odvirovani

Napsal: 11 čer 2015 07:36
od Márty84
plasko píše:takze ak som spravne odpozoroval tak tam este nejaka haved zasita ostala, vsak?
Ano, nejake to smeti tam bylo. A pak bezne zbytecnosti a brzdy, ktere jsou v podstate v kazdem pc. A kdyz se to nahromadi, zpomaluje se.



Jsem rad, ze se to zlepsilo. Nemate zac! :-)

Mejte se a treba zase nekdy :bye:

:closed:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz