Dobrý den, dneska mi antivir odhalil dva Win32:Malware.gen, které nešlo vůbec odstranit. Můžu tedy poprosit o kontrolu logu.
Moc děkuju.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:18:03, on 18. 6. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Kteřina\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=HPNTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Power2GoExpress8] "C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Monitor Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
O23 - Service: CyberLink PowerDVD 12 Media Server Service - CyberLink - C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @oem31.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10461 bytes
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
Vir se nacházel ve složce C:/Users/Kteřina/VIDEOS/Pinnacle Studio
Nechápu to, jelikož Pinnacle bylo bez viru, každopádně jsem ho odinstalovala a smazala všechny jeho pozůstatky. A po další kontrole bez viru, ale zarazilo mě, že pomocí av nešel vir přesunout ani do truhly ani smazat, prostě se bránil a jakou dobbu.
FRST64.exe stažeo bez problémů
Launcher bohužel nejde, zkoušela jsem udělit i vyjímku, ale můj PC se chová, jakoby stránka: http://vyosek.ic.cz/pro_usery/FRSTLauncher.exe vůbec neexistovala.
Nechápu to, jelikož Pinnacle bylo bez viru, každopádně jsem ho odinstalovala a smazala všechny jeho pozůstatky. A po další kontrole bez viru, ale zarazilo mě, že pomocí av nešel vir přesunout ani do truhly ani smazat, prostě se bránil a jakou dobbu.
FRST64.exe stažeo bez problémů
Launcher bohužel nejde, zkoušela jsem udělit i vyjímku, ale můj PC se chová, jakoby stránka: http://vyosek.ic.cz/pro_usery/FRSTLauncher.exe vůbec neexistovala.
Re: Prosím o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Kteřina (administrator) on KAČENKA on 18-06-2015 17:48:39
Running from C:\Users\Kteřina\Downloads
Loaded Profiles: Kteřina (Available Profiles: Kteřina & Administrator)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-18] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-10-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-15] (Avast Software s.r.o.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKU\S-1-5-21-4003116313-1731313166-230184120-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-4003116313-1731313166-230184120-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4003116313-1731313166-230184120-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1718536 2014-07-24] (CyberLink Corp.)
HKU\S-1-5-21-4003116313-1731313166-230184120-1002\...\MountPoints2: {7a579707-c6ef-11e3-be7b-485ab633d19c} - "G:\setup.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-15] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-4003116313-1731313166-230184120-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-4003116313-1731313166-230184120-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\S-1-5-21-4003116313-1731313166-230184120-1002 -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-15] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-15] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-4003116313-1731313166-230184120-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.252
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-15]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-21]
CHR Extension: (Google Drive) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-21]
CHR Extension: (YouTube) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-21]
CHR Extension: (Google Search) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-21]
CHR Extension: (AdBlock) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-10]
CHR Extension: (Google Wallet) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-21]
CHR Extension: (Instagram) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacfdfgmgfbpgjgpgghdcjfaajdiggho [2014-12-06]
CHR Extension: (Gmail) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-04-17] () [File not signed]
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-15] (Avast Software s.r.o.)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [569608 2014-10-09] (Hewlett-Packard Development Company, L.P.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-24] (Electronic Arts)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-06-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-08] (Advanced Micro Devices, INC.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-02-14] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-15] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-15] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-24] (Advanced Micro Devices)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
U3 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U3 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-30] (Disc Soft Ltd)
S3 MarvinBus; C:\Windows\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2014-06-29] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-06-05] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-06-05] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X]
S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X]
S3 rtbth; \SystemRoot\System32\drivers\rtbth.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 17:48 - 2015-06-18 17:49 - 00017112 _____ C:\Users\Kteřina\Downloads\FRST.txt
2015-06-18 17:48 - 2015-06-18 17:48 - 00000000 ____D C:\FRST
2015-06-18 17:47 - 2015-06-18 17:47 - 02109952 _____ (Farbar) C:\Users\Kteřina\Downloads\FRST64.exe
2015-06-18 17:18 - 2015-06-18 17:18 - 02109952 _____ (Farbar) C:\Users\Kteřina\Desktop\FRST64.exe
2015-06-18 16:18 - 2015-06-18 16:18 - 00010463 _____ C:\Users\Kteřina\Downloads\hijackthis.log
2015-06-18 14:08 - 2015-06-18 14:08 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2015-06-18 14:07 - 2015-06-18 14:07 - 00937208 _____ (Crawler.com ) C:\Users\Kteřina\Downloads\SpywareTerminatorSetup.exe
2015-06-18 04:03 - 2015-06-18 04:03 - 00007598 _____ C:\Users\Kteřina\AppData\Local\Resmon.ResmonCfg
2015-06-17 20:45 - 2015-06-17 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-06-17 20:45 - 2015-06-17 20:45 - 00000000 ____D C:\Program Files\7-Zip
2015-06-16 20:26 - 2015-06-16 20:26 - 00000000 ____D C:\Users\Kteřina\Tracing
2015-06-15 12:45 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-06-15 09:22 - 2015-06-15 09:22 - 00000000 ____D C:\Users\Kteřina\AppData\Roaming\AVAST Software
2015-06-15 09:21 - 2015-06-18 13:26 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-15 09:21 - 2015-06-15 09:21 - 00272248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-06-15 09:21 - 2015-06-15 09:21 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-06-15 09:21 - 2015-06-15 09:21 - 00001945 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-15 09:21 - 2015-06-15 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-15 09:21 - 2015-06-15 09:20 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-06-15 09:21 - 2015-06-15 09:20 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-06-15 09:21 - 2015-06-15 09:20 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-06-15 09:21 - 2015-06-15 09:20 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-06-15 09:21 - 2015-06-15 09:20 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-06-15 09:21 - 2015-06-15 09:20 - 00065736 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-06-15 09:21 - 2015-06-15 09:20 - 00029168 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-06-15 09:20 - 2015-06-15 09:20 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-06-15 09:16 - 2015-06-15 09:16 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-15 09:15 - 2015-06-15 09:15 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-14 13:39 - 2013-11-12 14:25 - 00091912 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys
2015-06-14 13:24 - 2015-06-14 13:24 - 00003152 _____ C:\WINDOWS\System32\Tasks\{0F3D0A3A-3530-44BE-BA2E-500851E9F810}
2015-06-14 13:04 - 2015-06-14 13:04 - 00000000 ____D C:\Users\Kteřina\AppData\Local\Avg
2015-06-13 08:43 - 2015-06-13 08:43 - 00281456 _____ C:\WINDOWS\Minidump\061315-58515-01.dmp
2015-06-12 06:50 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-12 06:50 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-12 06:50 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-12 06:50 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-12 06:50 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-12 06:50 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-12 06:50 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-12 06:50 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-11 07:38 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-11 07:38 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-11 07:38 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-11 07:38 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-11 07:38 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-11 07:38 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-11 07:38 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-11 07:38 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-11 07:38 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-11 07:38 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-11 07:38 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-11 07:38 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-11 07:38 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-11 07:38 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-11 07:38 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-11 07:38 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-11 07:38 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-11 07:38 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-11 07:38 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-11 07:38 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-11 07:38 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-11 07:38 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-11 07:38 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-11 07:38 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-11 07:38 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-11 07:38 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-11 07:38 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-11 07:38 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-11 07:37 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-11 07:37 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 04:35 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 04:35 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 04:35 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 04:35 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 04:35 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 04:35 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 04:35 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 04:35 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 04:35 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 04:35 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 04:35 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 04:35 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 04:35 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 04:35 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 04:35 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 04:35 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 04:35 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 04:35 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 04:35 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 04:35 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 04:35 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 04:35 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 04:35 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 04:35 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 04:35 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 04:35 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 04:35 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 04:35 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 04:35 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 04:35 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 04:35 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 04:35 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 04:35 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 04:35 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 04:35 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 04:35 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 04:35 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 04:35 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 04:35 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 04:35 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 04:35 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 04:35 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 04:34 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-09 08:24 - 2015-06-09 21:21 - 00023552 ____H C:\Users\Kteřina\Desktop\photothumb.db
2015-06-08 12:22 - 2015-06-08 12:22 - 00000000 ____D C:\Users\Kteřina\AppData\Local\GWX
2015-05-24 21:35 - 2015-05-24 21:35 - 00000990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 - Get to Work.lnk
2015-05-24 21:35 - 2015-05-24 21:35 - 00000978 _____ C:\Users\Public\Desktop\The Sims 4 - Get to Work.lnk
2015-05-21 18:19 - 2015-05-21 18:19 - 00167336 _____ C:\Users\Kteřina\AppData\Local\GDIPFONTCACHEV1.DAT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 17:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-18 17:28 - 2014-12-18 10:11 - 00000000 __SHD C:\Users\Kteřina\AppData\Local\EmieUserList
2015-06-18 17:28 - 2014-12-18 10:11 - 00000000 __SHD C:\Users\Kteřina\AppData\Local\EmieSiteList
2015-06-18 17:28 - 2014-12-18 10:11 - 00000000 __SHD C:\Users\Kteřina\AppData\Local\EmieBrowserModeList
2015-06-18 17:19 - 2015-01-11 08:37 - 00000000 ____D C:\KMPlayer
2015-06-18 17:09 - 2014-06-22 04:29 - 01733058 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-18 17:05 - 2014-06-21 08:04 - 00000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-18 17:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-18 16:40 - 2014-06-21 07:48 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4003116313-1731313166-230184120-1002
2015-06-18 16:15 - 2014-06-21 07:38 - 00000000 ____D C:\Users\Kteřina\AppData\Local\VirtualStore
2015-06-18 15:32 - 2014-06-21 08:04 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-18 15:31 - 2014-06-22 06:17 - 00000000 __RDO C:\Users\Kteřina\OneDrive
2015-06-18 15:31 - 2014-06-22 04:12 - 00000000 ____D C:\Users\Kteřina
2015-06-18 15:31 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-18 15:30 - 2013-08-22 16:46 - 00388575 _____ C:\WINDOWS\setupact.log
2015-06-18 15:02 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-18 14:58 - 2014-07-08 20:56 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForKteřina.job
2015-06-18 14:50 - 2014-07-08 20:56 - 00003174 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForKteřina
2015-06-18 14:23 - 2014-03-18 09:20 - 00025108 _____ C:\WINDOWS\PFRO.log
2015-06-18 13:31 - 2014-12-18 10:11 - 00003974 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{63D3EF3C-3513-4656-A94C-DE915358EE2C}
2015-06-18 08:59 - 2014-12-29 22:57 - 00000000 ____D C:\Program Files (x86)\unaisales
2015-06-18 08:18 - 2014-12-30 20:41 - 00000000 ____D C:\Users\Public\Documents\My Projects
2015-06-18 08:18 - 2014-12-29 15:34 - 00000000 ____D C:\ProgramData\Pinnacle
2015-06-18 08:16 - 2014-12-30 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14
2015-06-18 04:27 - 2014-07-10 22:01 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-18 04:27 - 2014-06-20 23:21 - 591039149 _____ C:\WINDOWS\MEMORY.DMP
2015-06-18 04:19 - 2014-12-25 23:04 - 00000000 ____D C:\Users\Kteřina\AppData\Roaming\Skype
2015-06-16 18:24 - 2014-11-11 18:13 - 00000000 ____D C:\Program Files (x86)\The Sims 4
2015-06-16 17:30 - 2014-03-18 17:33 - 01961772 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-16 17:30 - 2014-03-18 16:54 - 00815678 _____ C:\WINDOWS\system32\perfh005.dat
2015-06-16 17:30 - 2014-03-18 16:54 - 00187920 _____ C:\WINDOWS\system32\perfc005.dat
2015-06-16 13:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-15 10:31 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-15 10:28 - 2014-12-25 23:04 - 00000000 ____D C:\ProgramData\Skype
2015-06-15 09:04 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-06-15 08:59 - 2014-06-29 20:43 - 00000000 ____D C:\Users\Kteřina\AppData\Roaming\CyberLink
2015-06-15 08:56 - 2013-08-22 16:44 - 00581072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-14 13:52 - 2013-07-22 19:01 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-06-14 13:52 - 2012-08-04 02:02 - 00000000 ____D C:\SWSetup
2015-06-14 13:51 - 2013-11-27 13:54 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-06-14 13:49 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-14 13:47 - 2013-11-27 13:42 - 00000032 _____ C:\WINDOWS\0
2015-06-14 13:39 - 2013-07-22 19:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-06-14 13:10 - 2014-06-21 08:12 - 00000000 ____D C:\Users\Kteřina\AppData\Roaming\BitTorrent
2015-06-13 08:30 - 2014-12-14 21:21 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-13 08:30 - 2014-07-09 17:36 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-13 08:30 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-13 08:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-13 08:29 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-11 09:02 - 2014-06-21 09:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-11 08:56 - 2014-06-21 09:11 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-11 08:55 - 2014-06-29 21:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 21:07 - 2014-06-21 08:08 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-03 18:18 - 2013-08-22 17:38 - 00792568 ____N (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2013-08-22 17:38 - 00178168 ____N (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-28 12:16 - 2014-12-25 23:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-28 08:49 - 2015-04-20 19:55 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-28 08:49 - 2015-04-20 19:55 - 00000000 ____D C:\WINDOWS\SysWOW64\GWX
2015-05-24 21:53 - 2014-10-25 09:06 - 00000000 ____D C:\ProgramData\Origin
2015-05-24 21:52 - 2014-10-25 09:06 - 00000000 ____D C:\Program Files (x86)\Origin
2015-05-24 21:35 - 2013-11-27 13:45 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-19 19:00 - 2014-06-21 08:04 - 00003948 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 19:00 - 2014-06-21 08:04 - 00003712 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 12:10 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
==================== Files in the root of some directories =======
2014-12-29 17:17 - 2014-12-29 17:17 - 0000209 _____ () C:\Users\Kteřina\AppData\Roaming\KAČENKA.MTBF.txt
2014-12-29 17:17 - 2014-12-30 00:05 - 0000682 _____ () C:\Users\Kteřina\AppData\Roaming\__AvidCloudManager.log
2014-12-29 17:17 - 2014-12-29 23:40 - 0000682 _____ () C:\Users\Kteřina\AppData\Roaming\__AvidCloudManagerPrevious.log
2014-12-29 17:19 - 2015-03-11 18:35 - 0011264 _____ () C:\Users\Kteřina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-18 04:03 - 2015-06-18 04:03 - 0007598 _____ () C:\Users\Kteřina\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Kteřina\AppData\Local\Temp\341E256698.exe
C:\Users\Kteřina\AppData\Local\Temp\4d81D.exe
C:\Users\Kteřina\AppData\Local\Temp\bitool.dll
C:\Users\Kteřina\AppData\Local\Temp\COMAP.EXE
C:\Users\Kteřina\AppData\Local\Temp\Extract.exe
C:\Users\Kteřina\AppData\Local\Temp\g2d_ltma.dll
C:\Users\Kteřina\AppData\Local\Temp\ochelper.dll
C:\Users\Kteřina\AppData\Local\Temp\ochelper.exe
C:\Users\Kteřina\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kteřina\AppData\Local\Temp\SP63285.exe
C:\Users\Kteřina\AppData\Local\Temp\SP63341.exe
C:\Users\Kteřina\AppData\Local\Temp\SP63599.exe
C:\Users\Kteřina\AppData\Local\Temp\SP63752.exe
C:\Users\Kteřina\AppData\Local\Temp\SP64109.exe
C:\Users\Kteřina\AppData\Local\Temp\sp64126.exe
C:\Users\Kteřina\AppData\Local\Temp\SP64223.exe
C:\Users\Kteřina\AppData\Local\Temp\SP64225.exe
C:\Users\Kteřina\AppData\Local\Temp\SP64226.exe
C:\Users\Kteřina\AppData\Local\Temp\SP65782.exe
C:\Users\Kteřina\AppData\Local\Temp\SP65793.exe
C:\Users\Kteřina\AppData\Local\Temp\SP66078.exe
C:\Users\Kteřina\AppData\Local\Temp\SP66088.exe
C:\Users\Kteřina\AppData\Local\Temp\SP66604.exe
C:\Users\Kteřina\AppData\Local\Temp\SP66866.exe
C:\Users\Kteřina\AppData\Local\Temp\SP67280.exe
C:\Users\Kteřina\AppData\Local\Temp\SP69229.exe
C:\Users\Kteřina\AppData\Local\Temp\SP69393.exe
C:\Users\Kteřina\AppData\Local\Temp\SP69401.exe
C:\Users\Kteřina\AppData\Local\Temp\SP69545.exe
C:\Users\Kteřina\AppData\Local\Temp\UninstallHPSA.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-10 19:47
==================== End of log ============================
Ran by Kteřina (administrator) on KAČENKA on 18-06-2015 17:48:39
Running from C:\Users\Kteřina\Downloads
Loaded Profiles: Kteřina (Available Profiles: Kteřina & Administrator)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7191768 2013-06-18] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192 2014-10-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-15] (Avast Software s.r.o.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
HKU\S-1-5-21-4003116313-1731313166-230184120-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-4003116313-1731313166-230184120-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-4003116313-1731313166-230184120-1002\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1718536 2014-07-24] (CyberLink Corp.)
HKU\S-1-5-21-4003116313-1731313166-230184120-1002\...\MountPoints2: {7a579707-c6ef-11e3-be7b-485ab633d19c} - "G:\setup.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-15] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-4003116313-1731313166-230184120-1002\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-4003116313-1731313166-230184120-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDFJS
SearchScopes: HKLM -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKLM-x32 -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
SearchScopes: HKU\S-1-5-21-4003116313-1731313166-230184120-1002 -> {6911C177-B3CD-4D6E-A045-B77C8A2BF5FC} URL = http://www.amazon.co.uk/s/ref=azs_osd_i ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-15] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-15] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-4003116313-1731313166-230184120-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.252
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-15]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-21]
CHR Extension: (Google Drive) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-21]
CHR Extension: (YouTube) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-21]
CHR Extension: (Google Search) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-21]
CHR Extension: (AdBlock) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-10]
CHR Extension: (Google Wallet) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-21]
CHR Extension: (Instagram) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\oacfdfgmgfbpgjgpgghdcjfaajdiggho [2014-12-06]
CHR Extension: (Gmail) - C:\Users\Kteřina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [103424 2013-04-17] () [File not signed]
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-15] (Avast Software s.r.o.)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [569608 2014-10-09] (Hewlett-Packard Development Company, L.P.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-24] (Electronic Arts)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-06-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17504 2013-02-08] (Advanced Micro Devices, INC.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-02-14] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-15] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-15] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-24] (Advanced Micro Devices)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
U3 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
U3 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-30] (Disc Soft Ltd)
S3 MarvinBus; C:\Windows\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2014-06-29] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29424 2013-06-05] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33008 2013-06-05] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 BtAudioBusSrv; \SystemRoot\System32\Drivers\BtAudioBus.sys [X]
S3 BthL2caScoIfSrv; \SystemRoot\System32\Drivers\BtL2caScoIf.sys [X]
S3 btUrbFilterDrv; \SystemRoot\System32\Drivers\IvtUrbBtFlt.sys [X]
S3 rtbth; \SystemRoot\System32\drivers\rtbth.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 17:48 - 2015-06-18 17:49 - 00017112 _____ C:\Users\Kteřina\Downloads\FRST.txt
2015-06-18 17:48 - 2015-06-18 17:48 - 00000000 ____D C:\FRST
2015-06-18 17:47 - 2015-06-18 17:47 - 02109952 _____ (Farbar) C:\Users\Kteřina\Downloads\FRST64.exe
2015-06-18 17:18 - 2015-06-18 17:18 - 02109952 _____ (Farbar) C:\Users\Kteřina\Desktop\FRST64.exe
2015-06-18 16:18 - 2015-06-18 16:18 - 00010463 _____ C:\Users\Kteřina\Downloads\hijackthis.log
2015-06-18 14:08 - 2015-06-18 14:08 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2015-06-18 14:07 - 2015-06-18 14:07 - 00937208 _____ (Crawler.com ) C:\Users\Kteřina\Downloads\SpywareTerminatorSetup.exe
2015-06-18 04:03 - 2015-06-18 04:03 - 00007598 _____ C:\Users\Kteřina\AppData\Local\Resmon.ResmonCfg
2015-06-17 20:45 - 2015-06-17 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-06-17 20:45 - 2015-06-17 20:45 - 00000000 ____D C:\Program Files\7-Zip
2015-06-16 20:26 - 2015-06-16 20:26 - 00000000 ____D C:\Users\Kteřina\Tracing
2015-06-15 12:45 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-06-15 09:22 - 2015-06-15 09:22 - 00000000 ____D C:\Users\Kteřina\AppData\Roaming\AVAST Software
2015-06-15 09:21 - 2015-06-18 13:26 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-06-15 09:21 - 2015-06-15 09:21 - 00272248 _____ C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-06-15 09:21 - 2015-06-15 09:21 - 00137288 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-06-15 09:21 - 2015-06-15 09:21 - 00001945 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-15 09:21 - 2015-06-15 09:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-15 09:21 - 2015-06-15 09:20 - 01047320 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-06-15 09:21 - 2015-06-15 09:20 - 00442264 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-06-15 09:21 - 2015-06-15 09:20 - 00364472 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\aswBoot.exe
2015-06-15 09:21 - 2015-06-15 09:20 - 00093528 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-06-15 09:21 - 2015-06-15 09:20 - 00089944 _____ (Avast Software s.r.o.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-06-15 09:21 - 2015-06-15 09:20 - 00065736 _____ C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-06-15 09:21 - 2015-06-15 09:20 - 00029168 _____ C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-06-15 09:20 - 2015-06-15 09:20 - 00043112 _____ (Avast Software s.r.o.) C:\WINDOWS\avastSS.scr
2015-06-15 09:16 - 2015-06-15 09:16 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-15 09:15 - 2015-06-15 09:15 - 00000000 ____D C:\ProgramData\AVAST Software
2015-06-14 13:39 - 2013-11-12 14:25 - 00091912 _____ (CyberLink) C:\WINDOWS\system32\Drivers\CLVirtualDrive.sys
2015-06-14 13:24 - 2015-06-14 13:24 - 00003152 _____ C:\WINDOWS\System32\Tasks\{0F3D0A3A-3530-44BE-BA2E-500851E9F810}
2015-06-14 13:04 - 2015-06-14 13:04 - 00000000 ____D C:\Users\Kteřina\AppData\Local\Avg
2015-06-13 08:43 - 2015-06-13 08:43 - 00281456 _____ C:\WINDOWS\Minidump\061315-58515-01.dmp
2015-06-12 06:50 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-12 06:50 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-12 06:50 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-12 06:50 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-12 06:50 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-12 06:50 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-12 06:50 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-12 06:50 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-11 07:38 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-11 07:38 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-11 07:38 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-11 07:38 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-11 07:38 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-11 07:38 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-11 07:38 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-11 07:38 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-11 07:38 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-11 07:38 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-11 07:38 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-11 07:38 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-11 07:38 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-11 07:38 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-11 07:38 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-11 07:38 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-11 07:38 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-11 07:38 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-11 07:38 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-11 07:38 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-11 07:38 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-11 07:38 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-11 07:38 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-11 07:38 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-11 07:38 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-11 07:38 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-11 07:38 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-11 07:38 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-11 07:37 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-11 07:37 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 04:35 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 04:35 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 04:35 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 04:35 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 04:35 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 04:35 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 04:35 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 04:35 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 04:35 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 04:35 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 04:35 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 04:35 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 04:35 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 04:35 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 04:35 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 04:35 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 04:35 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 04:35 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 04:35 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 04:35 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 04:35 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 04:35 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 04:35 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 04:35 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 04:35 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 04:35 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 04:35 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 04:35 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 04:35 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 04:35 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 04:35 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 04:35 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 04:35 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 04:35 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 04:35 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 04:35 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 04:35 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 04:35 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 04:35 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 04:35 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 04:35 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 04:35 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 04:34 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-09 08:24 - 2015-06-09 21:21 - 00023552 ____H C:\Users\Kteřina\Desktop\photothumb.db
2015-06-08 12:22 - 2015-06-08 12:22 - 00000000 ____D C:\Users\Kteřina\AppData\Local\GWX
2015-05-24 21:35 - 2015-05-24 21:35 - 00000990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4 - Get to Work.lnk
2015-05-24 21:35 - 2015-05-24 21:35 - 00000978 _____ C:\Users\Public\Desktop\The Sims 4 - Get to Work.lnk
2015-05-21 18:19 - 2015-05-21 18:19 - 00167336 _____ C:\Users\Kteřina\AppData\Local\GDIPFONTCACHEV1.DAT
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 17:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-18 17:28 - 2014-12-18 10:11 - 00000000 __SHD C:\Users\Kteřina\AppData\Local\EmieUserList
2015-06-18 17:28 - 2014-12-18 10:11 - 00000000 __SHD C:\Users\Kteřina\AppData\Local\EmieSiteList
2015-06-18 17:28 - 2014-12-18 10:11 - 00000000 __SHD C:\Users\Kteřina\AppData\Local\EmieBrowserModeList
2015-06-18 17:19 - 2015-01-11 08:37 - 00000000 ____D C:\KMPlayer
2015-06-18 17:09 - 2014-06-22 04:29 - 01733058 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-18 17:05 - 2014-06-21 08:04 - 00000976 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-18 17:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-18 16:40 - 2014-06-21 07:48 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4003116313-1731313166-230184120-1002
2015-06-18 16:15 - 2014-06-21 07:38 - 00000000 ____D C:\Users\Kteřina\AppData\Local\VirtualStore
2015-06-18 15:32 - 2014-06-21 08:04 - 00000972 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-18 15:31 - 2014-06-22 06:17 - 00000000 __RDO C:\Users\Kteřina\OneDrive
2015-06-18 15:31 - 2014-06-22 04:12 - 00000000 ____D C:\Users\Kteřina
2015-06-18 15:31 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-18 15:30 - 2013-08-22 16:46 - 00388575 _____ C:\WINDOWS\setupact.log
2015-06-18 15:02 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-18 14:58 - 2014-07-08 20:56 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForKteřina.job
2015-06-18 14:50 - 2014-07-08 20:56 - 00003174 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForKteřina
2015-06-18 14:23 - 2014-03-18 09:20 - 00025108 _____ C:\WINDOWS\PFRO.log
2015-06-18 13:31 - 2014-12-18 10:11 - 00003974 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{63D3EF3C-3513-4656-A94C-DE915358EE2C}
2015-06-18 08:59 - 2014-12-29 22:57 - 00000000 ____D C:\Program Files (x86)\unaisales
2015-06-18 08:18 - 2014-12-30 20:41 - 00000000 ____D C:\Users\Public\Documents\My Projects
2015-06-18 08:18 - 2014-12-29 15:34 - 00000000 ____D C:\ProgramData\Pinnacle
2015-06-18 08:16 - 2014-12-30 20:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 14
2015-06-18 04:27 - 2014-07-10 22:01 - 00000000 ____D C:\WINDOWS\Minidump
2015-06-18 04:27 - 2014-06-20 23:21 - 591039149 _____ C:\WINDOWS\MEMORY.DMP
2015-06-18 04:19 - 2014-12-25 23:04 - 00000000 ____D C:\Users\Kteřina\AppData\Roaming\Skype
2015-06-16 18:24 - 2014-11-11 18:13 - 00000000 ____D C:\Program Files (x86)\The Sims 4
2015-06-16 17:30 - 2014-03-18 17:33 - 01961772 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-16 17:30 - 2014-03-18 16:54 - 00815678 _____ C:\WINDOWS\system32\perfh005.dat
2015-06-16 17:30 - 2014-03-18 16:54 - 00187920 _____ C:\WINDOWS\system32\perfc005.dat
2015-06-16 13:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-15 10:31 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-06-15 10:28 - 2014-12-25 23:04 - 00000000 ____D C:\ProgramData\Skype
2015-06-15 09:04 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-06-15 08:59 - 2014-06-29 20:43 - 00000000 ____D C:\Users\Kteřina\AppData\Roaming\CyberLink
2015-06-15 08:56 - 2013-08-22 16:44 - 00581072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-14 13:52 - 2013-07-22 19:01 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-06-14 13:52 - 2012-08-04 02:02 - 00000000 ____D C:\SWSetup
2015-06-14 13:51 - 2013-11-27 13:54 - 00000000 ____D C:\Program Files (x86)\CyberLink
2015-06-14 13:49 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-14 13:47 - 2013-11-27 13:42 - 00000032 _____ C:\WINDOWS\0
2015-06-14 13:39 - 2013-07-22 19:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-06-14 13:10 - 2014-06-21 08:12 - 00000000 ____D C:\Users\Kteřina\AppData\Roaming\BitTorrent
2015-06-13 08:30 - 2014-12-14 21:21 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-13 08:30 - 2014-07-09 17:36 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-13 08:30 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-13 08:30 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-13 08:29 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-11 09:02 - 2014-06-21 09:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-11 08:56 - 2014-06-21 09:11 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-11 08:55 - 2014-06-29 21:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 21:07 - 2014-06-21 08:08 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-03 18:18 - 2013-08-22 17:38 - 00792568 ____N (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2013-08-22 17:38 - 00178168 ____N (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-28 12:16 - 2014-12-25 23:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-28 08:49 - 2015-04-20 19:55 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-28 08:49 - 2015-04-20 19:55 - 00000000 ____D C:\WINDOWS\SysWOW64\GWX
2015-05-24 21:53 - 2014-10-25 09:06 - 00000000 ____D C:\ProgramData\Origin
2015-05-24 21:52 - 2014-10-25 09:06 - 00000000 ____D C:\Program Files (x86)\Origin
2015-05-24 21:35 - 2013-11-27 13:45 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-19 19:00 - 2014-06-21 08:04 - 00003948 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 19:00 - 2014-06-21 08:04 - 00003712 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 12:10 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
==================== Files in the root of some directories =======
2014-12-29 17:17 - 2014-12-29 17:17 - 0000209 _____ () C:\Users\Kteřina\AppData\Roaming\KAČENKA.MTBF.txt
2014-12-29 17:17 - 2014-12-30 00:05 - 0000682 _____ () C:\Users\Kteřina\AppData\Roaming\__AvidCloudManager.log
2014-12-29 17:17 - 2014-12-29 23:40 - 0000682 _____ () C:\Users\Kteřina\AppData\Roaming\__AvidCloudManagerPrevious.log
2014-12-29 17:19 - 2015-03-11 18:35 - 0011264 _____ () C:\Users\Kteřina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-18 04:03 - 2015-06-18 04:03 - 0007598 _____ () C:\Users\Kteřina\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Kteřina\AppData\Local\Temp\341E256698.exe
C:\Users\Kteřina\AppData\Local\Temp\4d81D.exe
C:\Users\Kteřina\AppData\Local\Temp\bitool.dll
C:\Users\Kteřina\AppData\Local\Temp\COMAP.EXE
C:\Users\Kteřina\AppData\Local\Temp\Extract.exe
C:\Users\Kteřina\AppData\Local\Temp\g2d_ltma.dll
C:\Users\Kteřina\AppData\Local\Temp\ochelper.dll
C:\Users\Kteřina\AppData\Local\Temp\ochelper.exe
C:\Users\Kteřina\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kteřina\AppData\Local\Temp\SP63285.exe
C:\Users\Kteřina\AppData\Local\Temp\SP63341.exe
C:\Users\Kteřina\AppData\Local\Temp\SP63599.exe
C:\Users\Kteřina\AppData\Local\Temp\SP63752.exe
C:\Users\Kteřina\AppData\Local\Temp\SP64109.exe
C:\Users\Kteřina\AppData\Local\Temp\sp64126.exe
C:\Users\Kteřina\AppData\Local\Temp\SP64223.exe
C:\Users\Kteřina\AppData\Local\Temp\SP64225.exe
C:\Users\Kteřina\AppData\Local\Temp\SP64226.exe
C:\Users\Kteřina\AppData\Local\Temp\SP65782.exe
C:\Users\Kteřina\AppData\Local\Temp\SP65793.exe
C:\Users\Kteřina\AppData\Local\Temp\SP66078.exe
C:\Users\Kteřina\AppData\Local\Temp\SP66088.exe
C:\Users\Kteřina\AppData\Local\Temp\SP66604.exe
C:\Users\Kteřina\AppData\Local\Temp\SP66866.exe
C:\Users\Kteřina\AppData\Local\Temp\SP67280.exe
C:\Users\Kteřina\AppData\Local\Temp\SP69229.exe
C:\Users\Kteřina\AppData\Local\Temp\SP69393.exe
C:\Users\Kteřina\AppData\Local\Temp\SP69401.exe
C:\Users\Kteřina\AppData\Local\Temp\SP69545.exe
C:\Users\Kteřina\AppData\Local\Temp\UninstallHPSA.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-10 19:47
==================== End of log ============================
Re: Prosím o kontrolu
Ok. Moc děkuju. 
Přispějete na provoz fóra?