VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=144692

Stránka 1 z 2

Prosím o kontrolu

Napsal: 01 čer 2015 16:48
od wedders
Ahojte, zas mi nejak spomalilo noťas, kamaráti mi pchali nejaké zavírené kľúče do neho tak, že či tam niečo nezostalo. Môžete mi prosím kuknúť ten log?

Logfile of random's system information tool 1.08 (written by random/random)
Run by Tomi at 2015-06-01 17:43:25
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 72 GB (26%) free of 278 GB
Total RAM: 4010 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:43:28, on 1. 6. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
C:\Users\Tomi\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
C:\Program Files\trend micro\Tomi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.OE.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
O23 - Service: Bluetooth Device Monitor - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit Cloud Safe Update Service (FoxitCloudUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12023 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\windows\system32\nvvsvc.exe"
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
"taskhost.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
taskeng.exe {265AB962-FCC3-474E-8D31-7AE3C1A3D934}
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\System32\svchost.exe -k utcsvc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" nss 86729009-3bcc-4765-a43a-791c9ed5d5a6 1
\??\C:\windows\system32\conhost.exe "1297676331-5939513091767119899-1470517506-78974211-1104421324-607689140-626597983
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\windows\system32\conhost.exe "12952285642020679248-214293351-14187133126085295201323736810761135587-1336038229
C:\windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_0000061c
taskeng.exe {67CABC1D-4F32-46AC-9C82-FB4A7BD071B5}
"C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"
"C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe"
C:\windows\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
"C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
C:\windows\System32\alg.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxtray.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\igfxpers.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\windows\servicing\TrustedInstaller.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe" /connectToHost
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2028
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\Users\Tomi\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
"C:\Users\Tomi\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job
C:\windows\tasks\GoogleUpdateTaskMachineCore.job
C:\windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-29 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-29 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-12 12558440]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [2011-03-30 10372368]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2011-06-17 2721576]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-11-17 2465088]
"ShadowPlay"=C:\windows\system32\nvspcap64.dll [2014-11-17 2800296]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-01-20 7404312]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2015-05-05 728312]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-03-07 335232]
"Avira Systray"=C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [2015-03-16 129272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-12-16 384000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2015-06-01 17:43:25 ----D---- C:\rsit
2015-05-13 14:30:48 ----D---- C:\ProgramData\McAfee
2015-05-13 12:28:31 ----SHD---- C:\Config.Msi
2015-05-13 12:27:51 ----A---- C:\windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:27:51 ----A---- C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:22:58 ----A---- C:\windows\SYSWOW64\schannel.dll
2015-05-13 12:22:58 ----A---- C:\windows\system32\schannel.dll
2015-05-13 12:22:58 ----A---- C:\windows\system32\certcli.dll
2015-05-13 12:22:57 ----A---- C:\windows\SYSWOW64\certcli.dll
2015-05-13 12:22:43 ----A---- C:\windows\system32\UtcResources.dll
2015-05-13 12:22:43 ----A---- C:\windows\system32\ntoskrnl.exe
2015-05-13 12:22:43 ----A---- C:\windows\system32\diagtrack.dll
2015-05-13 12:22:42 ----A---- C:\windows\system32\ntdll.dll
2015-05-13 12:22:41 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2015-05-13 12:22:41 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2015-05-13 12:22:40 ----A---- C:\windows\SYSWOW64\tdh.dll
2015-05-13 12:22:40 ----A---- C:\windows\system32\tdh.dll
2015-05-13 12:22:40 ----A---- C:\windows\system32\advapi32.dll
2015-05-13 12:22:39 ----A---- C:\windows\system32\kernel32.dll
2015-05-13 12:22:38 ----A---- C:\windows\SYSWOW64\ntdll.dll
2015-05-13 12:22:37 ----A---- C:\windows\SYSWOW64\tracerpt.exe
2015-05-13 12:22:37 ----A---- C:\windows\SYSWOW64\sechost.dll
2015-05-13 12:22:37 ----A---- C:\windows\SYSWOW64\kernel32.dll
2015-05-13 12:22:37 ----A---- C:\windows\SYSWOW64\kerberos.dll
2015-05-13 12:22:37 ----A---- C:\windows\SYSWOW64\advapi32.dll
2015-05-13 12:22:37 ----A---- C:\windows\system32\wow64.dll
2015-05-13 12:22:37 ----A---- C:\windows\system32\winsrv.dll
2015-05-13 12:22:37 ----A---- C:\windows\system32\tracerpt.exe
2015-05-13 12:22:37 ----A---- C:\windows\system32\srcore.dll
2015-05-13 12:22:37 ----A---- C:\windows\system32\sechost.dll
2015-05-13 12:22:37 ----A---- C:\windows\system32\msv1_0.dll
2015-05-13 12:22:37 ----A---- C:\windows\system32\lsasrv.dll
2015-05-13 12:22:37 ----A---- C:\windows\system32\logman.exe
2015-05-13 12:22:37 ----A---- C:\windows\system32\KernelBase.dll
2015-05-13 12:22:37 ----A---- C:\windows\system32\kerberos.dll
2015-05-13 12:22:37 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2015-05-13 12:22:37 ----A---- C:\windows\system32\drivers\ksecdd.sys
2015-05-13 12:22:37 ----A---- C:\windows\system32\conhost.exe
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 12:22:36 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\wow32.dll
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\wdigest.dll
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\typeperf.exe
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\sspicli.dll
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\srclient.dll
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\setup16.exe
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\secur32.dll
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\relog.exe
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\logman.exe
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\diskperf.exe
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\credssp.dll
2015-05-13 12:22:36 ----A---- C:\windows\SYSWOW64\auditpol.exe
2015-05-13 12:22:36 ----A---- C:\windows\system32\wow64win.dll
2015-05-13 12:22:36 ----A---- C:\windows\system32\wow64cpu.dll
2015-05-13 12:22:36 ----A---- C:\windows\system32\wdigest.dll
2015-05-13 12:22:36 ----A---- C:\windows\system32\typeperf.exe
2015-05-13 12:22:36 ----A---- C:\windows\system32\TSpkg.dll
2015-05-13 12:22:36 ----A---- C:\windows\system32\sspisrv.dll
2015-05-13 12:22:36 ----A---- C:\windows\system32\sspicli.dll
2015-05-13 12:22:36 ----A---- C:\windows\system32\srclient.dll
2015-05-13 12:22:36 ----A---- C:\windows\system32\smss.exe
2015-05-13 12:22:36 ----A---- C:\windows\system32\secur32.dll
2015-05-13 12:22:36 ----A---- C:\windows\system32\rstrui.exe
2015-05-13 12:22:36 ----A---- C:\windows\system32\relog.exe
2015-05-13 12:22:36 ----A---- C:\windows\system32\ntvdm64.dll
2015-05-13 12:22:36 ----A---- C:\windows\system32\ncrypt.dll
2015-05-13 12:22:36 ----A---- C:\windows\system32\lsass.exe
2015-05-13 12:22:36 ----A---- C:\windows\system32\diskperf.exe
2015-05-13 12:22:36 ----A---- C:\windows\system32\csrsrv.dll
2015-05-13 12:22:36 ----A---- C:\windows\system32\credssp.dll
2015-05-13 12:22:36 ----A---- C:\windows\system32\auditpol.exe
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 12:22:35 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 12:22:35 ----A---- C:\windows\SYSWOW64\user.exe
2015-05-13 12:22:35 ----A---- C:\windows\SYSWOW64\msobjs.dll
2015-05-13 12:22:35 ----A---- C:\windows\SYSWOW64\msaudite.dll
2015-05-13 12:22:35 ----A---- C:\windows\SYSWOW64\instnm.exe
2015-05-13 12:22:35 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2015-05-13 12:22:35 ----A---- C:\windows\SYSWOW64\adtschema.dll
2015-05-13 12:22:35 ----A---- C:\windows\system32\msobjs.dll
2015-05-13 12:22:35 ----A---- C:\windows\system32\msaudite.dll
2015-05-13 12:22:35 ----A---- C:\windows\system32\apisetschema.dll
2015-05-13 12:22:35 ----A---- C:\windows\system32\adtschema.dll
2015-05-13 12:22:21 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2015-05-13 12:22:21 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2015-05-13 12:22:21 ----A---- C:\windows\SYSWOW64\iernonce.dll
2015-05-13 12:22:21 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2015-05-13 12:22:21 ----A---- C:\windows\system32\ieetwproxystub.dll
2015-05-13 12:22:21 ----A---- C:\windows\system32\ieetwcollector.exe
2015-05-13 12:22:20 ----A---- C:\windows\SYSWOW64\vbscript.dll
2015-05-13 12:22:20 ----A---- C:\windows\SYSWOW64\urlmon.dll
2015-05-13 12:22:20 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-05-13 12:22:20 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2015-05-13 12:22:20 ----A---- C:\windows\system32\iernonce.dll
2015-05-13 12:22:20 ----A---- C:\windows\system32\ie4uinit.exe
2015-05-13 12:22:19 ----A---- C:\windows\SYSWOW64\mshtml.dll
2015-05-13 12:22:19 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2015-05-13 12:22:19 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2015-05-13 12:22:19 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 12:22:17 ----A---- C:\windows\SYSWOW64\iesetup.dll
2015-05-13 12:22:17 ----A---- C:\windows\SYSWOW64\iertutil.dll
2015-05-13 12:22:17 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2015-05-13 12:22:17 ----A---- C:\windows\system32\urlmon.dll
2015-05-13 12:22:17 ----A---- C:\windows\system32\ieetwcollectorres.dll
2015-05-13 12:22:17 ----A---- C:\windows\system32\iedkcs32.dll
2015-05-13 12:22:16 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2015-05-13 12:22:16 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2015-05-13 12:22:16 ----A---- C:\windows\SYSWOW64\jscript.dll
2015-05-13 12:22:16 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2015-05-13 12:22:16 ----A---- C:\windows\SYSWOW64\ieui.dll
2015-05-13 12:22:16 ----A---- C:\windows\SYSWOW64\ieframe.dll
2015-05-13 12:22:16 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2015-05-13 12:22:16 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-13 12:22:16 ----A---- C:\windows\system32\msfeeds.dll
2015-05-13 12:22:16 ----A---- C:\windows\system32\dxtrans.dll
2015-05-13 12:22:15 ----A---- C:\windows\system32\iesetup.dll
2015-05-13 12:22:15 ----A---- C:\windows\system32\ieapfltr.dll
2015-05-13 12:22:14 ----A---- C:\windows\system32\iertutil.dll
2015-05-13 12:22:13 ----A---- C:\windows\SYSWOW64\wininet.dll
2015-05-13 12:22:13 ----A---- C:\windows\SYSWOW64\msrating.dll
2015-05-13 12:22:13 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2015-05-13 12:22:13 ----A---- C:\windows\SYSWOW64\jscript9.dll
2015-05-13 12:22:13 ----A---- C:\windows\system32\vbscript.dll
2015-05-13 12:22:13 ----A---- C:\windows\system32\jsproxy.dll
2015-05-13 12:22:13 ----A---- C:\windows\system32\ieUnatt.exe
2015-05-13 12:22:12 ----A---- C:\windows\system32\ieui.dll
2015-05-13 12:22:12 ----A---- C:\windows\system32\ieframe.dll
2015-05-13 12:22:12 ----A---- C:\windows\system32\dxtmsft.dll
2015-05-13 12:22:11 ----A---- C:\windows\system32\mshtmlmedia.dll
2015-05-13 12:22:11 ----A---- C:\windows\system32\mshtmled.dll
2015-05-13 12:22:10 ----A---- C:\windows\system32\jscript9diag.dll
2015-05-13 12:22:10 ----A---- C:\windows\system32\jscript9.dll
2015-05-13 12:22:10 ----A---- C:\windows\system32\jscript.dll
2015-05-13 12:22:09 ----A---- C:\windows\system32\wininet.dll
2015-05-13 12:22:08 ----A---- C:\windows\system32\msrating.dll
2015-05-13 12:22:08 ----A---- C:\windows\system32\MshtmlDac.dll
2015-05-13 12:22:07 ----A---- C:\windows\system32\mshtml.dll
2015-05-13 12:22:03 ----A---- C:\windows\system32\services.exe
2015-05-13 12:22:00 ----A---- C:\windows\SYSWOW64\shimeng.dll
2015-05-13 12:22:00 ----A---- C:\windows\SYSWOW64\sdbinst.exe
2015-05-13 12:22:00 ----A---- C:\windows\SYSWOW64\apphelp.dll
2015-05-13 12:22:00 ----A---- C:\windows\system32\shimeng.dll
2015-05-13 12:22:00 ----A---- C:\windows\system32\sdbinst.exe
2015-05-13 12:22:00 ----A---- C:\windows\system32\apphelp.dll
2015-05-13 12:22:00 ----A---- C:\windows\system32\aelupsvc.dll
2015-05-13 12:21:59 ----A---- C:\windows\system32\wpdshext.dll
2015-05-13 12:21:58 ----A---- C:\windows\SYSWOW64\wpdshext.dll
2015-05-13 12:21:30 ----A---- C:\windows\SYSWOW64\poqexec.exe
2015-05-13 12:21:30 ----A---- C:\windows\system32\poqexec.exe
2015-05-13 12:21:30 ----A---- C:\windows\system32\FntCache.dll
2015-05-13 12:21:30 ----A---- C:\windows\system32\DWrite.dll
2015-05-13 12:21:29 ----A---- C:\windows\SYSWOW64\DWrite.dll
2015-05-13 12:21:29 ----A---- C:\windows\system32\win32k.sys
2015-05-13 12:21:23 ----A---- C:\windows\SYSWOW64\InkEd.dll
2015-05-13 12:21:23 ----A---- C:\windows\system32\InkEd.dll
2015-05-13 12:21:22 ----A---- C:\windows\system32\jnwmon.dll
2015-05-03 17:25:05 ----D---- C:\Users\Tomi\AppData\Roaming\DarkSoulsII

======List of files/folders modified in the last 1 months======

2015-06-01 17:43:28 ----D---- C:\windows\Prefetch
2015-06-01 17:43:26 ----D---- C:\windows\Temp
2015-06-01 17:43:26 ----D---- C:\Program Files\trend micro
2015-06-01 15:48:02 ----A---- C:\windows\SYSWOW64\log.txt
2015-06-01 15:46:26 ----D---- C:\windows\system32\config
2015-06-01 15:42:29 ----D---- C:\Users\Tomi\AppData\Roaming\Skype
2015-06-01 09:38:29 ----D---- C:\Users\Tomi\AppData\Roaming\Mp3tag
2015-05-31 11:39:29 ----D---- C:\Users\Tomi\AppData\Roaming\AIMP3
2015-05-31 07:42:57 ----D---- C:\The KMPlayer
2015-05-31 07:40:53 ----D---- C:\Users\Tomi\AppData\Roaming\vlc
2015-05-30 20:44:16 ----D---- C:\windows\System32
2015-05-30 20:44:16 ----D---- C:\windows\inf
2015-05-30 20:44:16 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-05-29 13:11:17 ----D---- C:\Users\Tomi\AppData\Roaming\uTorrent
2015-05-26 12:13:28 ----SHD---- C:\System Volume Information
2015-05-25 11:17:57 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-24 20:35:44 ----SHD---- C:\windows\Installer
2015-05-24 20:35:44 ----D---- C:\ProgramData\Skype
2015-05-21 16:25:16 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-05-20 13:14:35 ----D---- C:\windows\winsxs
2015-05-20 13:14:16 ----SD---- C:\windows\SYSWOW64\GWX
2015-05-20 13:14:16 ----SD---- C:\windows\system32\GWX
2015-05-18 11:03:02 ----RD---- C:\Program Files (x86)
2015-05-18 11:02:10 ----D---- C:\windows\Tasks
2015-05-16 14:47:37 ----HD---- C:\ProgramData
2015-05-16 14:47:36 ----RD---- C:\Program Files
2015-05-13 14:30:45 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-05-13 13:51:18 ----D---- C:\windows\rescache
2015-05-13 13:23:56 ----D---- C:\windows\Microsoft.NET
2015-05-13 13:21:33 ----RSD---- C:\windows\assembly
2015-05-13 13:01:15 ----D---- C:\windows\SysWOW64
2015-05-13 12:59:01 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-13 12:59:00 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 12:56:12 ----D---- C:\windows\SYSWOW64\en-US
2015-05-13 12:56:11 ----D---- C:\windows\system32\en-US
2015-05-13 12:56:11 ----D---- C:\Program Files\Internet Explorer
2015-05-13 12:56:07 ----D---- C:\Program Files (x86)\Internet Explorer
2015-05-13 12:56:00 ----D---- C:\windows\AppPatch
2015-05-13 12:55:59 ----D---- C:\windows\system32\drivers
2015-05-13 12:55:57 ----D---- C:\Program Files\Windows Journal
2015-05-13 12:55:56 ----D---- C:\windows\system32\AdvancedInstallers
2015-05-13 12:55:42 ----D---- C:\windows\system32\DriverStore
2015-05-13 12:55:41 ----D---- C:\windows\system32\drivers\UMDF
2015-05-13 12:43:59 ----D---- C:\ProgramData\Microsoft Help
2015-05-13 12:43:24 ----D---- C:\windows\system32\MRT
2015-05-13 12:32:22 ----D---- C:\windows\debug
2015-05-13 12:32:20 ----A---- C:\windows\system32\MRT.exe
2015-05-13 12:28:00 ----D---- C:\windows\system32\catroot2
2015-05-08 11:08:43 ----D---- C:\Windows
2015-05-06 16:55:39 ----D---- C:\Program Files (x86)\Steam
2015-05-06 13:46:55 ----D---- C:\windows\system32\Tasks
2015-05-06 13:46:31 ----D---- C:\Program Files (x86)\Origin Games
2015-05-06 13:43:23 ----D---- C:\windows\Logs
2015-05-03 23:22:46 ----D---- C:\ProgramData\Origin
2015-05-02 21:58:28 ----D---- C:\Program Files (x86)\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2014-11-13 31560]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 avipbb;avipbb; C:\windows\system32\DRIVERS\avipbb.sys [2015-05-05 132120]
R1 avkmgr;avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [2014-06-24 28600]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-07-07 283200]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-30 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 avgntflt;avgntflt; C:\windows\system32\DRIVERS\avgntflt.sys [2015-05-05 152744]
R2 avnetflt;avnetflt; C:\windows\system32\DRIVERS\avnetflt.sys [2015-03-10 44088]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 BthEnum;Bluetooth Request Block Driver; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btmaux;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys [2011-08-17 31216]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2011-06-17 186152]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 iBtFltCoex;iBtFltCoex; C:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-22 59904]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-12-16 12256512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-05-01 8593920]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-11-17 20800]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\windows\system32\drivers\nvvad64v.sys [2014-10-03 38216]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]
S3 BTHPORT;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 ggflt;SOMC USB Flash Driver Filter; C:\windows\system32\DRIVERS\ggflt.sys [2014-12-02 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\windows\system32\DRIVERS\ggsomc.sys [2014-12-02 30424]
S3 PcaSp60;Rawether NDIS 6.X SPR Protocol Driver; C:\windows\system32\DRIVERS\PcaSp60.sys [2010-09-07 38912]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys [2014-06-10 54784]
S3 WinUsb;WinUsb; C:\windows\system32\drivers\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2015-05-05 434424]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2015-05-05 434424]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Avira.OE.ServiceHost;Avira Service Host; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [2015-03-16 201008]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2011-03-01 27648]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2015-05-11 244392]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-17 1149760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-05-05 326424]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-17 1796928]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-11-17 19821376]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2014-11-12 934032]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2014-08-04 75136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-05-05 2656536]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
S2 AntiVirMailService;Avira Mail Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [2015-05-05 827640]
S2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [2015-05-05 1185584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-13 268464]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\WildGames\Game Console - WildGames\GameConsoleService.exe [2010-06-03 246520]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-27 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-04-21 114688]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-21 148080]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-05-02 1931632]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2014-07-06 1255736]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Re: Prosím o kontrolu

Napsal: 02 čer 2015 09:28
od vyosek
Zdravim :)

:arrow: Aplikujte MBAM dle tohoto http://forum.viry.cz/viewtopic.php?f=29&t=137928

Re: Prosím o kontrolu

Napsal: 02 čer 2015 18:10
od wedders
Malwarebytes Anti-Malware
www.malwarebytes.org

Dátum skenovania: 2. 6. 2015
Scan ??as: 14:28:12
Logfile: log.txt
Správca: áno

Verzia: 2.01.6.1022
Malware databázy: v2015.06.02.03
Rootkit databázy: v2015.06.02.01
Licencia: Zadarmo
Ochrana pred škodlivým softvérom: Telesne
Škodlivých webových stránok Ochrana: Telesne
Sebaobrany: Telesne

OS: Windows 7 Service Pack 1
CPU: x64
Systém súborov: NTFS
Používateľ: Tomi

Typ skenu: Prispôsobená kontrola
Výsledok: Dokon??ené
Objekty naskenované: 658673
Uplynulý ??as: 2 hr, 54 min 8 sekúnd

Pamäť: Povolené
Pri spustení: Povolené
Súborový systém: Povolené
Archív: Povolené
Rootkity: Telesne
Heuristiky: Povolené
ŠTEŇA: Povolené
VYKUROVAC: Povolené

Procesy: 0
(Žiadne zákernej položky neboli zistené)

Moduly: 0
(Žiadne zákernej položky neboli zistené)

Kľú??e databázy Registry: 1
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, , [2dbe872efb8fa096197d9f441de6bc44],

Hodnoty databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Údaje databázy Registry: 0
(Žiadne zákernej položky neboli zistené)

Prie??inky: 0
(Žiadne zákernej položky neboli zistené)

Súbory: 3
PUP.Optional.APNToolBar.A, C:\Users\Tomi\Downloads\aTubeCatcher.exe, , [dc0fedc87b0f85b1534a2e3553afdd23],
PUP.Optional.AZLyrics.A, C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage, , [31ba30858802a492739416e4b44f03fd],
PUP.Optional.AZLyrics.A, C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal, , [8e5dc2f3c9c18ea8947308f29b68bf41],

Fyzický sektory: 0
(Žiadne zákernej položky neboli zistené)


(end)

Re: Prosím o kontrolu

Napsal: 02 čer 2015 18:34
od vyosek
:arrow: Nalezy smazte

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Po spusteni probehne stazeni databaze
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

Re: Prosím o kontrolu

Napsal: 02 čer 2015 21:47
od wedders
# AdwCleaner v4.206 - Log vytvorený 02/06/2015 at 22:22:24
# Aktualizované 01/06/2015 by Xplode
# Databáza : 2015-06-01.1 [Server]
# Operačný systém : Windows 7 Home Premium Service Pack 1 (x64)
# Uživateľské meno : Tomi - TOMI-PC
# Spustené z : C:\Users\Tomi\Desktop\adwcleaner_4.206.exe
# Nastavenia : Čistenie

***** [ Služby ] *****


***** [ Súbory / Priečinky ] *****


***** [ Naplánované úlohy ] *****


***** [ Zástupcovia ] *****


***** [ Registre ] *****


***** [ Webové prehliadače ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v38.0.1 (x86 sk)


-\\ Google Chrome v43.0.2357.81

[C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://www.aartemis.com/web/?type=dspp&ts=1398 ... earchTerms}
[C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=AVR-3&o=APN10401&locale=en_SK&apn_uid=2b2a0d97-51c4-4f10-b13b-0a95633cb59c&apn_ptnrs=%5EABZ&apn_sauid=6F256DAC-5A60-43DC-8BBD-AF888BD722F0&apn_dtid=%5EYYYYYY%5EYY%5ESK&q={searchTerms}
[C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=EN&q={searchTerms}&gu=4933cb967155421483f671c24f556b1d&tu=10G9y00E22D13P0&sku=&tstsId=&ver=&
[C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://www.search.ask.com/web?tpid=KMPV7-SP&o= ... earchTerms}
[C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Zmazané [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

*************************

AdwCleaner[R2].txt - [2724 bajtov] - [23/03/2015 12:03:57]
AdwCleaner[R3].txt - [2288 bajtov] - [02/06/2015 22:10:10]
AdwCleaner[S2].txt - [2808 bajtov] - [23/03/2015 12:06:59]
AdwCleaner[S3].txt - [2208 bajtov] - [02/06/2015 22:22:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2268 bajtov] ##########

Re: Prosím o kontrolu

Napsal: 03 čer 2015 12:22
od vyosek
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: Prosím o kontrolu

Napsal: 03 čer 2015 14:56
od wedders
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Tomi on st 03. 06. 2015 at 15:18:21,86.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Tomi\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

3. 6. 2015 15:21:29 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 deleted successfully
C:\Users\Tomi\AppData\Roaming\Corel deleted successfully
C:\Users\Tomi\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Tomi\AppData\Roaming\Publish Providers deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Tomi\AppData\Roaming\Mozilla\Firefox\Profiles\6nxbds5h.default\prefs.js:

Added to C:\Users\Tomi\AppData\Roaming\Mozilla\Firefox\Profiles\6nxbds5h.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~3\CorelDRAW Graphics Suite X7 x64 not found
C:\Users\Tomi\AppData\Roaming\burnaware.ini deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysWow64\AI_RecycleBin deleted
"C:\windows\Installer\1c7c2a9f.msi" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Tomi\AppData\Roaming\Mozilla\Firefox\Profiles\6nxbds5h.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Tomi\AppData\Roaming\Mozilla\Firefox\Profiles\6nxbds5h.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Tomi\AppData\Roaming\Mozilla\Firefox\Profiles\6nxbds5h.default
2E661988463BCFA1B95D4DAAB9B0B6FA - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll - Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.81


Tampermonkey - Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
AdBlock - Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Bookmark Manager - Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik

==== Chromium Startpages ======================

C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Preferences
46DD86229488DF409E6F3FF"}},"homepage":"4AB04F372C9C6777D070A7D4DD9355895C15383562CDD000B062684DD8E21445","homepage_is_newtabpage":"274480B3F49AF542B8ACF393D50F47E6C0861374144F4076886BB6EC25E84A47","pinned_tabs":"8D987F4EB1CB389127B13DFC754ACD0B61E3EAD37832CD12A4ACDB8BD0C387F8","prefs":{"preference_reset_time":"64A6BD2F61525B457C0DE00F0B7358C3E2914CC0718B28FA179AC114A9E82A3D"},"profile":{"reset_prompt_memento":"640ADC43953A17C873037C3260BEDA2A4A2C4488B4339A9F3D2DE949A8BC69B0"},"safebrowsing":{"incidents_sent":"78965B5D836455ABAAC6ABEA7694ABFF45F347D8EB6AF9E6BB8E4C84CBAFC2C7"},"search_provider_overrides":"170B267AEE7A670F537415955E187A3872390F30815E4314724EBE1D40D9F5CF","session":{"restore_on_startup":"22D669B8427E1208EBEB17A4C352C0470DFC7DB44961180137F6AE92CA2AB3F8","startup_urls":"5FC2A785E5207E109D00E2B264FE80F0D500FB6C630E82164B79217A847820D3"},"software_reporter":{"prompt_reason":"75567AC6D1E80A87D324ACBCA54AFE9E26D72E0AC1A308107F0FDE6E7EF6D2CD","prompt_seed":"44A28BAD5E78F681DB298EFD348BC2DFB9FEF119B8B057727CA5BD55DB6AF129","prompt_version":"BD6FEC77060B346F99D3236EED6A5901DDFD2C352FB0B17853F93F4525498C5E"},"sync":{"remaining_rollback_tries":"F475ADC1C9D123CCF05676AA97980F0E9984C01FC8096B22C3264FFCD1981E5B"}},"super_mac":"4F53512754BD8DF6ED78F8963B68F0D55F0B1B7B37CAE467D4F1B67CD09A1A43"},"session":{"restore_on_startup":4,"startup_urls":["http://google.sk/"]},"sync":{"remaining_rollback_tries":0}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Tomi\AppData\Local\Vivaldi\User Data\Default\Preferences was reset successfully
C:\Users\Tomi\AppData\Local\Vivaldi\User Data\Default\Secure Preferences was reset successfully
C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Tomi\AppData\Local\Vivaldi\User Data\Default\Web Data was reset successfully
C:\Users\Tomi\AppData\Local\Vivaldi\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\6505D4B4D2730535007A7A857BC02100 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4B4D5056-372D-5350-00A7-A758B70C1200} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\6505D4B4D2730535007A7A857BC02100 deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tomi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tomi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Tomi\AppData\Local\Mozilla\Firefox\Profiles\6nxbds5h.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Tomi\AppData\Local\Vivaldi\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=75 folders=86 17818770 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Tomi\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Reset Hosts File ======================

Hosts File Reset Successfully

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Tomi\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on st 03. 06. 2015 at 15:51:56,26 ======================

Re: Prosím o kontrolu

Napsal: 05 čer 2015 21:58
od vyosek
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=30&t=133101

Re: Prosím o kontrolu

Napsal: 06 čer 2015 11:53
od wedders
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015
Ran by Tomi (administrator) on TOMI-PC on 06-06-2015 12:48:57
Running from C:\Users\Tomi\Desktop
Loaded Profiles: Tomi (Available Profiles: Tomi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12558440 2011-07-12] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2721576 2011-06-17] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1571869238-3936240484-2151935606-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-1571869238-3936240484-2151935606-1002\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [174856 2014-11-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [156840 2014-11-13] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1571869238-3936240484-2151935606-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-29] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-29] (Oracle Corporation)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF ProfilePath: C:\Users\Tomi\AppData\Roaming\Mozilla\Firefox\Profiles\6nxbds5h.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-13] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-09] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1571869238-3936240484-2151935606-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-07-02] ()
FF Extension: Adblock Plus - C:\Users\Tomi\AppData\Roaming\Mozilla\Firefox\Profiles\6nxbds5h.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-07]

Chrome:
=======
CHR Profile: C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-03]
CHR Extension: (Google Docs) - C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-06]
CHR Extension: (Google Drive) - C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-06]
CHR Extension: (YouTube) - C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-06]
CHR Extension: (Google Search) - C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-06]
CHR Extension: (Google Sheets) - C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-03]
CHR Extension: (AdBlock) - C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-03]
CHR Extension: (Bookmark Manager) - C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Google Wallet) - C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-06]
CHR Extension: (Gmail) - C:\Users\Tomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-05-11] (Foxit Software Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-02] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75136 2014-08-04] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-06-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-07-07] (DT Soft Ltd)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-12-02] (Sony Mobile Communications)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-06 12:48 - 2015-06-06 12:49 - 00018077 _____ C:\Users\Tomi\Desktop\FRST.txt
2015-06-06 12:48 - 2015-06-06 12:49 - 00000000 ____D C:\FRST
2015-06-06 12:47 - 2015-06-06 12:47 - 02108928 _____ (Farbar) C:\Users\Tomi\Desktop\FRST64.exe
2015-06-05 12:43 - 2015-06-06 08:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-05 09:54 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-06-05 09:54 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-06-05 09:54 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-06-05 09:54 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-06-05 09:54 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-06-05 09:54 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-06-05 09:54 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-06-05 09:54 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-06-05 01:34 - 2015-06-05 01:34 - 00000000 ____D C:\Users\Tomi\Downloads\Plexo a Mugis - Kopanec Múzy 2 - kópia
2015-06-05 01:33 - 2015-06-05 01:34 - 102999188 _____ C:\Users\Tomi\Downloads\(mino_dnb) Plexo-a-Mugis---Kopanec-Múzy-2.rar
2015-06-03 17:36 - 2015-06-03 17:36 - 00155296 _____ (Spotify Ltd) C:\Users\Tomi\Downloads\SpotifySetup.exe
2015-06-03 15:51 - 2015-06-06 08:27 - 00000433 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-06-03 15:47 - 2015-06-03 15:18 - 00024064 _____ C:\windows\zoek-delete.exe
2015-06-03 15:20 - 2015-06-03 15:51 - 00008840 _____ C:\zoek-results.log
2015-06-03 15:18 - 2015-06-03 15:40 - 00000000 ____D C:\zoek_backup
2015-06-03 14:53 - 2015-06-03 14:53 - 01308672 _____ C:\Users\Tomi\Desktop\zoek.exe
2015-06-03 00:31 - 2015-06-03 00:31 - 113776535 _____ C:\Users\Tomi\Downloads\md_for.www.warxtreme.com_by_wedders.rar
2015-06-02 23:11 - 2015-06-03 00:35 - 00000000 ____D C:\Users\Tomi\Downloads\Muse - Drones (2015)
2015-06-02 23:10 - 2015-06-02 23:10 - 113558799 _____ C:\Users\Tomi\Downloads\SVscCoL7PFghrc1y3IfaDkl7Uwxbetpk.zip
2015-06-02 22:09 - 2015-06-02 22:09 - 02231296 _____ C:\Users\Tomi\Desktop\adwcleaner_4.206.exe
2015-06-02 14:24 - 2015-06-02 14:24 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-02 14:24 - 2015-06-02 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-02 14:24 - 2015-06-02 14:24 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-02 14:24 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-06-02 14:24 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-06-02 14:21 - 2015-06-02 14:24 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-02 14:21 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-06-02 14:20 - 2015-06-02 14:20 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\Tomi\Downloads\mbam-setup-1.75.0.1300.exe
2015-06-02 12:03 - 2015-06-02 10:09 - 00000000 ____D C:\Users\Tomi\Downloads\(mino_dnb) KRYSTOF - Srdcebeat (2015)
2015-06-02 12:02 - 2015-06-02 12:02 - 98923379 _____ C:\Users\Tomi\Downloads\(mino_dnb) KRYSTOF.rar
2015-06-02 00:01 - 2015-06-01 04:42 - 470162556 _____ C:\Users\Tomi\Downloads\Game.of.Thrones.S05E08.HDTV.x264-KILLERS.mp4
2015-06-01 23:28 - 2015-06-01 23:28 - 00045617 _____ C:\Users\Tomi\Downloads\Game.of.Thrones.S05E08.HDTV.x264-KILLERS.srt
2015-06-01 23:27 - 2015-06-01 23:28 - 209715200 _____ C:\Users\Tomi\Downloads\gogt508kl.part2.rar
2015-06-01 23:27 - 2015-06-01 23:27 - 50732426 _____ C:\Users\Tomi\Downloads\gogt508kl.part3.rar
2015-06-01 23:26 - 2015-06-01 23:30 - 209715200 _____ C:\Users\Tomi\Downloads\gogt508kl.part1.rar
2015-06-01 18:36 - 2015-06-01 18:36 - 81257622 _____ C:\Users\Tomi\Downloads\stanko.rar
2015-06-01 17:43 - 2015-06-01 17:43 - 00000000 ____D C:\rsit
2015-06-01 13:14 - 2015-06-01 13:14 - 00000000 ____D C:\Users\Tomi\AppData\Local\GWX
2015-06-01 09:37 - 2015-06-01 09:38 - 00000000 ____D C:\Users\Tomi\Downloads\Some Kind of Heaven - Single
2015-06-01 09:36 - 2015-06-01 09:37 - 07075765 _____ C:\Users\Tomi\Downloads\THSKOHS.rar
2015-05-29 18:10 - 2015-05-29 18:10 - 56821097 _____ C:\Users\Tomi\Downloads\Lady Gaga - Applause (Soufjan) _ The Voice Kids 2014 _ Blind Audition _ SAT.1 (1080p).mp4
2015-05-29 16:16 - 2015-05-29 16:16 - 271837707 _____ C:\Users\Tomi\Downloads\es5_for.www.warxtreme.com_by_wedders.rar
2015-05-29 16:15 - 2015-05-29 16:15 - 142520982 _____ C:\Users\Tomi\Downloads\fatmhbhbhbdie_for.www.warxtreme.com_by_wedders.rar
2015-05-29 16:13 - 2015-05-29 16:13 - 85545500 _____ C:\Users\Tomi\Downloads\jxxic_for.www.warxtreme.com_by_wedders.rar
2015-05-29 16:12 - 2015-05-29 16:12 - 105011685 _____ C:\Users\Tomi\Downloads\lcs_for.www.warxtreme.com_by_wedders.rar
2015-05-29 16:10 - 2015-05-29 16:11 - 116405903 _____ C:\Users\Tomi\Downloads\pwlsfr_for.www.warxtreme.com_by_wedders.rar
2015-05-29 15:46 - 2015-05-29 15:46 - 00000000 ____D C:\Users\Tomi\Downloads\Kabát - do pekla do nebe (2015)
2015-05-29 15:35 - 2015-05-29 17:08 - 00000000 ____D C:\Users\Tomi\Downloads\Jamie XX - In Colour (2015)
2015-05-29 15:35 - 2015-05-29 17:05 - 00000000 ____D C:\Users\Tomi\Downloads\Flarance + The Machine - How Big, How Blue, How Beautiful (Deluxe Edition) (2015)
2015-05-29 15:28 - 2015-05-29 15:29 - 149275641 _____ C:\Users\Tomi\Downloads\How_Big_How_Blue_How_Beautiful_Deluxe.rar
2015-05-29 15:27 - 2015-05-29 15:27 - 91508952 _____ C:\Users\Tomi\Downloads\In Colour.rar
2015-05-27 17:59 - 2015-05-29 16:54 - 00000000 ____D C:\Users\Tomi\Downloads\Patrick Watson - Love Songs For Robots (2015)
2015-05-27 17:58 - 2015-05-27 17:58 - 00020745 _____ C:\Users\Tomi\Downloads\israbox.org_6148818.torrent
2015-05-27 17:57 - 2015-05-27 17:57 - 00020315 _____ C:\Users\Tomi\Downloads\israbox.org_6147610.torrent
2015-05-27 16:41 - 2015-05-27 16:48 - 133185902 _____ C:\Users\Tomi\Downloads\Keith-Urban---Fuse-(Deluxe-Edition)-(2013).rar
2015-05-27 00:24 - 2015-05-27 00:24 - 00028133 _____ C:\Users\Tomi\Downloads\The.Big.Bang.Theory.S08E24.HDTV.x264-LOL.srt
2015-05-27 00:23 - 2015-05-08 05:55 - 122169180 _____ C:\Users\Tomi\Downloads\The.Big.Bang.Theory.S08E24.HDTV.x264-LOL.mp4
2015-05-26 00:18 - 2015-05-26 00:18 - 00049786 _____ C:\Users\Tomi\Downloads\Game.of.Thrones.S05E07.HDTV.x264-ASAP.srt
2015-05-26 00:18 - 2015-05-25 04:59 - 367646960 _____ C:\Users\Tomi\Downloads\Game.of.Thrones.S05E07.HDTV.x264-ASAP.mp4
2015-05-25 20:56 - 2015-05-25 21:03 - 73269248 _____ C:\Users\Tomi\Downloads\G2120_V02.part01.rar.part
2015-05-21 18:00 - 2015-05-29 17:02 - 00000000 ____D C:\Users\Tomi\Downloads\Ed Sheeran - 5 (2015)
2015-05-21 17:58 - 2015-05-21 17:59 - 288194267 _____ C:\Users\Tomi\Downloads\5.rar
2015-05-19 11:50 - 2015-05-19 11:50 - 00046564 _____ C:\Users\Tomi\Downloads\Game.of.Thrones.S05E06.1080p.HDTV.x264-BATV.srt
2015-05-19 11:50 - 2015-05-18 15:53 - 379518951 _____ C:\Users\Tomi\Downloads\Game.of.Thrones.S05E06.1080p.HDTV.x264-BATV.mp4
2015-05-18 20:13 - 2015-05-18 20:13 - 00114419 _____ C:\Users\Tomi\Downloads\Chappie.srt
2015-05-18 20:13 - 2015-05-14 05:38 - 1517262210 _____ C:\Users\Tomi\Downloads\Chappie.avi
2015-05-18 12:02 - 2015-05-18 12:03 - 41990583 _____ C:\Users\Tomi\Downloads\btcrl111hd.part2.rar
2015-05-18 12:02 - 2015-05-18 12:03 - 209715200 _____ C:\Users\Tomi\Downloads\btcrl111hd.part1.rar
2015-05-18 11:02 - 2015-06-06 12:07 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-18 11:02 - 2015-06-06 11:07 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-16 18:51 - 2015-05-29 16:59 - 00000000 ____D C:\Users\Tomi\Downloads\Lena - Crystal Sky (2015)
2015-05-16 18:51 - 2015-05-16 18:51 - 00000000 ____D C:\Users\Tomi\Downloads\Zedd - True Colors (2015)
2015-05-16 18:49 - 2015-05-16 18:49 - 00000000 ____D C:\Users\Tomi\Downloads\Sóley - Ask the Deep (2015)
2015-05-16 18:47 - 2015-05-16 18:47 - 109937306 _____ C:\Users\Tomi\Downloads\Crystal Sky.zip
2015-05-16 18:47 - 2015-05-16 18:47 - 101320232 _____ C:\Users\Tomi\Downloads\True Colors.zip
2015-05-16 18:43 - 2015-05-16 18:44 - 77103946 _____ C:\Users\Tomi\Downloads\Ask the Deep.zip
2015-05-16 18:40 - 2015-05-16 19:04 - 00000000 ____D C:\Users\Tomi\Downloads\Sin Fang - Flowers [2013]
2015-05-16 18:40 - 2015-05-16 18:40 - 00021338 _____ C:\Users\Tomi\Downloads\[emiz.biz].t329388.torrent
2015-05-16 18:06 - 2015-05-16 18:21 - 00000000 ____D C:\Users\Tomi\Downloads\Sin Fang - 2011 - Summer Echoes
2015-05-14 13:19 - 2015-05-14 10:02 - 00053289 _____ C:\Users\Tomi\Downloads\Arrow.S03E23.HDTV.x264-LOL.srt
2015-05-14 13:19 - 2015-05-14 06:55 - 283428232 _____ C:\Users\Tomi\Downloads\Arrow.S03E23.HDTV.x264-LOL.mp4
2015-05-13 14:30 - 2015-05-13 14:30 - 00000000 ____D C:\ProgramData\McAfee
2015-05-13 12:27 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:27 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 12:22 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-05-13 12:22 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-05-13 12:22 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-05-13 12:22 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-05-13 12:22 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-05-13 12:22 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\windows\system32\sechost.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-05-13 12:22 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-05-13 12:22 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\windows\system32\tracerpt.exe
2015-05-13 12:22 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-05-13 12:22 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-05-13 12:22 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-05-13 12:22 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
2015-05-13 12:22 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\typeperf.exe
2015-05-13 12:22 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
2015-05-13 12:22 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-05-13 12:22 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\windows\system32\diskperf.exe
2015-05-13 12:22 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-05-13 12:22 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-05-13 12:22 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-05-13 12:22 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-05-13 12:22 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-05-13 12:22 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdh.dll
2015-05-13 12:22 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-05-13 12:22 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-05-13 12:22 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-05-13 12:22 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\windows\SysWOW64\sechost.dll
2015-05-13 12:22 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-05-13 12:22 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-05-13 12:22 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-05-13 12:22 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-05-13 12:22 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2015-05-13 12:22 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-05-13 12:22 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\windows\SysWOW64\tracerpt.exe
2015-05-13 12:22 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
2015-05-13 12:22 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\typeperf.exe
2015-05-13 12:22 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
2015-05-13 12:22 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-05-13 12:22 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-05-13 12:22 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-05-13 12:22 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-05-13 12:22 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-05-13 12:22 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-05-13 12:22 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskperf.exe
2015-05-13 12:22 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-05-13 12:22 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-05-13 12:22 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2015-05-13 12:22 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-05-13 12:22 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-05-13 12:22 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 12:22 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 12:22 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-05-13 12:22 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-05-13 12:22 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-05-13 12:22 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-05-13 12:22 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-05-13 12:22 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-05-13 12:22 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-05-13 12:22 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-05-13 12:22 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-05-13 12:22 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-05-13 12:22 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-05-13 12:22 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-05-13 12:22 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-05-13 12:22 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-05-13 12:22 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2015-05-13 12:22 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-05-13 12:22 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-05-13 12:22 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-05-13 12:22 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-05-13 12:22 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-05-13 12:22 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-05-13 12:22 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-05-13 12:22 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-05-13 12:22 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 12:22 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-05-13 12:22 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-05-13 12:22 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-05-13 12:22 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-05-13 12:22 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-05-13 12:22 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-05-13 12:22 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-05-13 12:22 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-05-13 12:22 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-05-13 12:22 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-05-13 12:22 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-05-13 12:22 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-05-13 12:22 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2015-05-13 12:22 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-05-13 12:22 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-05-13 12:22 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-05-13 12:22 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-05-13 12:22 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-05-13 12:22 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-05-13 12:22 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-05-13 12:22 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 12:22 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-05-13 12:22 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-05-13 12:22 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-05-13 12:22 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-05-13 12:22 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-05-13 12:22 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-05-13 12:22 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-05-13 12:22 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-05-13 12:22 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-05-13 12:22 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-05-13 12:22 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-05-13 12:22 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-05-13 12:22 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-05-13 12:22 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-05-13 12:22 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-05-13 12:22 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2015-05-13 12:22 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2015-05-13 12:22 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\windows\system32\services.exe
2015-05-13 12:22 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
2015-05-13 12:22 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\aelupsvc.dll
2015-05-13 12:22 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\windows\system32\sdbinst.exe
2015-05-13 12:22 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\shimeng.dll
2015-05-13 12:22 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimeng.dll
2015-05-13 12:22 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
2015-05-13 12:22 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\sdbinst.exe
2015-05-13 12:21 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2015-05-13 12:21 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2015-05-13 12:21 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2015-05-13 12:21 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-05-13 12:21 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2015-05-13 12:21 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2015-05-13 12:21 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2015-05-13 12:21 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2015-05-13 12:21 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2015-05-13 12:21 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
2015-05-13 12:21 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
2015-05-12 09:00 - 2015-05-12 09:00 - 00046271 _____ C:\Users\Tomi\Downloads\Game.of.Thrones.S05E05.HDTV.x264-ASAP.srt
2015-05-12 08:58 - 2015-05-12 08:58 - 00043889 _____ C:\Users\Tomi\Downloads\Game.Of.Thrones.S05E05.720p.HDTV.x264-0SEC.srt
2015-05-12 08:57 - 2015-05-11 04:24 - 313857759 _____ C:\Users\Tomi\Downloads\Game.Of.Thrones.S05E05.720p.HDTV.x264-0SEC.mp4
2015-05-08 11:20 - 2015-05-08 11:20 - 128860330 _____ C:\Users\Tomi\Downloads\msyw_for.www.warxtreme.com_by_wedders.rar
2015-05-08 11:08 - 2015-06-06 08:26 - 00008334 _____ C:\windows\PFRO.log
2015-05-08 10:57 - 2015-05-08 11:18 - 00000000 ____D C:\Users\Tomi\Downloads\Majk Spirit - Y (White) (2015)
2015-05-08 10:48 - 2015-05-08 10:56 - 128486487 _____ C:\Users\Tomi\Downloads\Majk-Spirit---Y-(White)-(320-kbps)---otagované.rar
2015-05-07 23:59 - 2015-05-07 23:59 - 00041496 _____ C:\Users\Tomi\Downloads\arrow.s03e22.hdtv.x264-lol.srt
2015-05-07 23:59 - 2015-05-07 05:53 - 298840167 _____ C:\Users\Tomi\Downloads\arrow.s03e22.hdtv.x264-lol.mp4
2015-05-07 01:45 - 2015-04-15 03:41 - 251981688 _____ C:\Users\Tomi\Downloads\The-Flash-S01E18.mp4
2015-05-07 01:44 - 2015-05-07 01:44 - 00040078 _____ C:\Users\Tomi\Downloads\The-Flash-S01E17.srt
2015-05-07 01:44 - 2015-04-01 05:14 - 224957176 _____ C:\Users\Tomi\Downloads\The-Flash-S01E17.mp4
2015-05-07 01:43 - 2015-05-07 01:43 - 00043536 _____ C:\Users\Tomi\Downloads\The-Flash-S01E18.srt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-06 12:08 - 2015-01-14 01:08 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-06-06 08:35 - 2009-07-14 06:45 - 00028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-06 08:35 - 2009-07-14 06:45 - 00028848 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-06 08:34 - 2014-07-06 20:20 - 00000000 ____D C:\Users\Tomi\AppData\Local\CrashDumps
2015-06-06 08:34 - 2011-09-07 02:18 - 02053534 _____ C:\windows\WindowsUpdate.log
2015-06-06 08:27 - 2015-05-06 22:46 - 00006669 _____ C:\windows\setupact.log
2015-06-06 08:27 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-06-06 08:26 - 2014-07-07 09:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-06 08:25 - 2014-12-11 05:31 - 00000000 ____D C:\windows\system32\appraiser
2015-06-06 08:25 - 2014-07-06 23:05 - 00000000 ___SD C:\windows\system32\CompatTel
2015-06-05 12:42 - 2014-07-10 00:52 - 00000000 ____D C:\Users\Tomi\AppData\Local\JDownloader v2.0
2015-06-05 09:37 - 2014-12-20 01:24 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-05 02:00 - 2014-10-23 12:18 - 00000000 ____D C:\Users\Tomi\AppData\Local\Adobe
2015-06-05 01:35 - 2014-07-10 23:41 - 00000000 ____D C:\Users\Tomi\AppData\Roaming\AIMP3
2015-06-05 01:26 - 2014-12-20 01:35 - 00000000 ____D C:\Users\Tomi\Documents\Euro Truck Simulator 2
2015-06-03 22:53 - 2014-07-07 19:09 - 00000000 ____D C:\Users\Tomi\AppData\Roaming\Skype
2015-06-03 00:29 - 2014-07-11 13:08 - 00000000 ____D C:\Users\Tomi\AppData\Roaming\Mp3tag
2015-06-02 22:22 - 2015-03-23 12:03 - 00000000 ____D C:\AdwCleaner
2015-06-02 22:04 - 2009-07-14 05:20 - 00000000 ____D C:\windows\Registration
2015-06-02 14:21 - 2014-10-23 21:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-02 01:01 - 2014-07-07 10:49 - 00000000 ____D C:\The KMPlayer
2015-06-01 17:43 - 2014-10-22 12:25 - 00000000 ____D C:\Program Files\trend micro
2015-05-31 07:40 - 2015-04-15 14:08 - 00000000 ____D C:\Users\Tomi\AppData\Roaming\vlc
2015-05-30 20:44 - 2009-07-14 07:13 - 00781782 _____ C:\windows\system32\PerfStringBackup.INI
2015-05-29 13:11 - 2014-07-11 13:01 - 00000000 ____D C:\Users\Tomi\AppData\Roaming\uTorrent
2015-05-26 01:10 - 2014-08-27 12:14 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-24 20:35 - 2014-07-06 19:56 - 00000000 ____D C:\ProgramData\Skype
2015-05-20 13:14 - 2015-04-04 11:33 - 00000000 ___SD C:\windows\SysWOW64\GWX
2015-05-20 13:14 - 2015-04-04 11:33 - 00000000 ___SD C:\windows\system32\GWX
2015-05-18 11:02 - 2014-08-27 12:13 - 00003932 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-18 11:02 - 2014-08-27 12:13 - 00003680 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-13 14:30 - 2014-07-06 20:58 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-05-13 14:30 - 2014-07-06 20:58 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-13 14:30 - 2014-07-06 20:58 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-05-13 13:51 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2015-05-13 12:59 - 2014-07-19 16:59 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 12:59 - 2014-07-19 16:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 12:59 - 2009-07-14 06:45 - 05126600 _____ C:\windows\system32\FNTCACHE.DAT
2015-05-13 12:55 - 2011-09-07 01:52 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-13 12:55 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\AdvancedInstallers
2015-05-13 12:43 - 2014-07-19 19:10 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-13 12:43 - 2014-07-06 22:41 - 00000000 ____D C:\windows\system32\MRT
2015-05-13 12:32 - 2014-07-06 22:41 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-05-13 12:27 - 2014-07-19 16:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

==================== Files in the root of some directories =======

2011-09-06 11:39 - 2011-09-06 11:40 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-09-06 11:33 - 2011-09-06 11:34 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-09-06 11:37 - 2011-09-06 11:38 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-09-06 11:34 - 2011-09-06 11:37 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-09-06 11:38 - 2011-09-06 11:39 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Some files in TEMP:
====================
C:\Users\Tomi\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-04 09:43

==================== End of log ============================

Re: Prosím o kontrolu

Napsal: 07 čer 2015 08:38
od vyosek
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKU\S-1-5-21-1571869238-3936240484-2151935606-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-1571869238-3936240484-2151935606-1002\...\Run: [AdobeBridge] => [X]

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

DisableService: RichVideo

2015-06-06 12:48 - 2015-06-06 12:49 - 00018077 _____ C:\Users\Tomi\Desktop\FRST.txt
2015-06-03 17:36 - 2015-06-03 17:36 - 00155296 _____ (Spotify Ltd) C:\Users\Tomi\Downloads\SpotifySetup.exe
2015-06-03 15:51 - 2015-06-06 08:27 - 00000433 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-06-03 15:47 - 2015-06-03 15:18 - 00024064 _____ C:\windows\zoek-delete.exe
2015-06-03 15:20 - 2015-06-03 15:51 - 00008840 _____ C:\zoek-results.log
2015-06-03 15:18 - 2015-06-03 15:40 - 00000000 ____D C:\zoek_backup
2015-06-03 14:53 - 2015-06-03 14:53 - 01308672 _____ C:\Users\Tomi\Desktop\zoek.exe
2015-06-02 22:09 - 2015-06-02 22:09 - 02231296 _____ C:\Users\Tomi\Desktop\adwcleaner_4.206.exe
2015-06-02 14:20 - 2015-06-02 14:20 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\Tomi\Downloads\mbam-setup-1.75.0.1300.exe
2011-09-06 11:39 - 2011-09-06 11:40 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-09-06 11:33 - 2011-09-06 11:34 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-09-06 11:37 - 2011-09-06 11:38 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-09-06 11:34 - 2011-09-06 11:37 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-09-06 11:38 - 2011-09-06 11:39 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2015-05-13 14:30 - 2015-05-13 14:30 - 00000000 ____D C:\ProgramData\McAfee

2015-06-06 12:08 - 2015-01-14 01:08 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-18 11:02 - 2015-06-06 12:07 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-18 11:02 - 2015-06-06 11:07 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt

Re: Prosím o kontrolu

Napsal: 07 čer 2015 15:01
od wedders
Fix result of Farbar Recovery Scan Tool (x64) Version:06-06-2015
Ran by Tomi at 2015-06-07 15:53:05 Run:1
Running from C:\Users\Tomi\Desktop
Loaded Profiles: Tomi (Available Profiles: Tomi)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKU\S-1-5-21-1571869238-3936240484-2151935606-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-1571869238-3936240484-2151935606-1002\...\Run: [AdobeBridge] => [X]

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

DisableService: RichVideo

2015-06-06 12:48 - 2015-06-06 12:49 - 00018077 _____ C:\Users\Tomi\Desktop\FRST.txt
2015-06-03 17:36 - 2015-06-03 17:36 - 00155296 _____ (Spotify Ltd) C:\Users\Tomi\Downloads\SpotifySetup.exe
2015-06-03 15:51 - 2015-06-06 08:27 - 00000433 _____ C:\windows\system32\Drivers\etc\hosts.ics
2015-06-03 15:47 - 2015-06-03 15:18 - 00024064 _____ C:\windows\zoek-delete.exe
2015-06-03 15:20 - 2015-06-03 15:51 - 00008840 _____ C:\zoek-results.log
2015-06-03 15:18 - 2015-06-03 15:40 - 00000000 ____D C:\zoek_backup
2015-06-03 14:53 - 2015-06-03 14:53 - 01308672 _____ C:\Users\Tomi\Desktop\zoek.exe
2015-06-02 22:09 - 2015-06-02 22:09 - 02231296 _____ C:\Users\Tomi\Desktop\adwcleaner_4.206.exe
2015-06-02 14:20 - 2015-06-02 14:20 - 10284816 _____ (Malwarebytes Corporation ) C:\Users\Tomi\Downloads\mbam-setup-1.75.0.1300.exe
2011-09-06 11:39 - 2011-09-06 11:40 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2011-09-06 11:33 - 2011-09-06 11:34 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2011-09-06 11:37 - 2011-09-06 11:38 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2011-09-06 11:34 - 2011-09-06 11:37 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2011-09-06 11:38 - 2011-09-06 11:39 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
2015-05-13 14:30 - 2015-05-13 14:30 - 00000000 ____D C:\ProgramData\McAfee

2015-06-06 12:08 - 2015-01-14 01:08 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-18 11:02 - 2015-06-06 12:07 - 00000936 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-18 11:02 - 2015-06-06 11:07 - 00000932 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-1571869238-3936240484-2151935606-1002\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-1571869238-3936240484-2151935606-1002\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
RichVideo service was disabled
C:\Users\Tomi\Desktop\FRST.txt => moved successfully.
C:\Users\Tomi\Downloads\SpotifySetup.exe => moved successfully.
C:\windows\system32\Drivers\etc\hosts.ics => moved successfully.
C:\windows\zoek-delete.exe => moved successfully.
C:\zoek-results.log => moved successfully.
C:\zoek_backup => moved successfully.
C:\Users\Tomi\Desktop\zoek.exe => moved successfully.
C:\Users\Tomi\Desktop\adwcleaner_4.206.exe => moved successfully.
C:\Users\Tomi\Downloads\mbam-setup-1.75.0.1300.exe => moved successfully.
C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log => moved successfully.
C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log => moved successfully.
C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log => moved successfully.
C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log => moved successfully.
C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log => moved successfully.
C:\ProgramData\McAfee => moved successfully.
C:\windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
Could not restore Hosts.
EmptyTemp: => 943.6 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 15:54:12 ====

Re: Prosím o kontrolu

Napsal: 07 čer 2015 19:10
od vyosek
Jak se chova PC??

Re: Prosím o kontrolu

Napsal: 08 čer 2015 08:01
od wedders
myslím, že oveľa lepšie...akurát po tom Zoek a restarte mi avira stále hlási toto
Obrázek

Re: Prosím o kontrolu

Napsal: 09 čer 2015 15:27
od vyosek
Odinstalujte Chrome, smazte tu jeho celou slozku a pak nainstalujte znovu

Re: Prosím o kontrolu

Napsal: 11 čer 2015 12:03
od wedders
poriešil som vyzerá to už fajn... Ďakujem zas raz :thumbsup:
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz