VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=145096

Stránka 1 z 2

Prosím o kontrolu

Napsal: 06 črc 2015 08:27
od celeston
Zdravím poprosím o kontrolu esli tam nenní nějakej vir. Při prohlížení konkretně facebooku mi vedle kurosru myši furt běží ty přesýpací hodiny.Jako že furt načítá. A je to jen u Fb tak elsi tam není nějakej vejr.
Předem díky.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Ondra at 2015-07-06 09:24:36
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 67 GB (65%) free of 103 GB
Total RAM: 8169 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:24:38, on 6.7.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\vsnpstd3.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\tsnpstd3.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Ondra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Steam] "D:\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://apps.driversupport.com
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9080 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\vsnpstd3.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE"
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Windows\tsnpstd3.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 5d4182fc-c3ac-4295-ae0b-c3d98555ca83 1
\??\C:\Windows\system32\conhost.exe "-1137419850117362650-9058032951587465305-1786559615-1423952322-1576870752909222279
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1948874915-7741937331782765515-777594179-233762279-1169299121335442675-1964699528
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Ondra\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\3ik8yj4h.default-1428859787136

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.190 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.190 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled


C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\3ik8yj4h.default-1428859787136\searchplugins\
ask-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12 662672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-02 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-02 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-03-28 2673296]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-03-28 1570672]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-11-19 11613288]
"snpstd3"=C:\Windows\vsnpstd3.exe [2006-09-18 843776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-02-19 7416088]
"Steam"=D:\Steam\steam.exe [2015-04-14 2889408]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2015-05-31 7799576]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-04-12 5512912]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"tsnpstd3"=C:\Windows\tsnpstd3.exe [2007-06-15 368640]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10 335232]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-06 09:24:36 ----D---- C:\rsit
2015-07-04 10:31:24 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-06-24 16:38:52 ----A---- C:\Windows\system32\aswBoot.exe
2015-06-10 13:56:11 ----A---- C:\Windows\system32\diagtrack.dll
2015-06-10 13:56:10 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-06-10 13:56:10 ----A---- C:\Windows\system32\KernelBase.dll
2015-06-10 13:56:10 ----A---- C:\Windows\system32\kerberos.dll
2015-06-10 13:56:09 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2015-06-10 13:56:09 ----A---- C:\Windows\system32\lsasrv.dll
2015-06-10 13:56:09 ----A---- C:\Windows\system32\kernel32.dll
2015-06-10 13:56:09 ----A---- C:\Windows\system32\advapi32.dll
2015-06-10 13:56:08 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-06-10 13:56:08 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-06-10 13:56:08 ----A---- C:\Windows\system32\ntdll.dll
2015-06-10 13:56:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-06-10 13:56:07 ----A---- C:\Windows\SYSWOW64\tracerpt.exe
2015-06-10 13:56:07 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-06-10 13:56:07 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-06-10 13:56:07 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-06-10 13:56:07 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-06-10 13:56:07 ----A---- C:\Windows\system32\wow64.dll
2015-06-10 13:56:07 ----A---- C:\Windows\system32\winsrv.dll
2015-06-10 13:56:07 ----A---- C:\Windows\system32\wdigest.dll
2015-06-10 13:56:07 ----A---- C:\Windows\system32\tracerpt.exe
2015-06-10 13:56:07 ----A---- C:\Windows\system32\tdh.dll
2015-06-10 13:56:07 ----A---- C:\Windows\system32\srcore.dll
2015-06-10 13:56:07 ----A---- C:\Windows\system32\schannel.dll
2015-06-10 13:56:07 ----A---- C:\Windows\system32\sechost.dll
2015-06-10 13:56:07 ----A---- C:\Windows\system32\rstrui.exe
2015-06-10 13:56:07 ----A---- C:\Windows\system32\msv1_0.dll
2015-06-10 13:56:07 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-06-10 13:56:07 ----A---- C:\Windows\system32\conhost.exe
2015-06-10 13:56:06 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-06-10 13:56:06 ----A---- C:\Windows\SYSWOW64\typeperf.exe
2015-06-10 13:56:06 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-06-10 13:56:06 ----A---- C:\Windows\SYSWOW64\tdh.dll
2015-06-10 13:56:06 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-06-10 13:56:06 ----A---- C:\Windows\SYSWOW64\sechost.dll
2015-06-10 13:56:06 ----A---- C:\Windows\SYSWOW64\relog.exe
2015-06-10 13:56:06 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-06-10 13:56:06 ----A---- C:\Windows\SYSWOW64\logman.exe
2015-06-10 13:56:06 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-06-10 13:56:06 ----A---- C:\Windows\system32\typeperf.exe
2015-06-10 13:56:06 ----A---- C:\Windows\system32\TSpkg.dll
2015-06-10 13:56:06 ----A---- C:\Windows\system32\sspicli.dll
2015-06-10 13:56:06 ----A---- C:\Windows\system32\smss.exe
2015-06-10 13:56:06 ----A---- C:\Windows\system32\relog.exe
2015-06-10 13:56:06 ----A---- C:\Windows\system32\ncrypt.dll
2015-06-10 13:56:06 ----A---- C:\Windows\system32\lsass.exe
2015-06-10 13:56:06 ----A---- C:\Windows\system32\logman.exe
2015-06-10 13:56:06 ----A---- C:\Windows\system32\auditpol.exe
2015-06-10 13:56:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 13:56:05 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 13:56:05 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-06-10 13:56:05 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-06-10 13:56:05 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-06-10 13:56:05 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-06-10 13:56:05 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-06-10 13:56:05 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-06-10 13:56:05 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-06-10 13:56:05 ----A---- C:\Windows\SYSWOW64\diskperf.exe
2015-06-10 13:56:05 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-06-10 13:56:05 ----A---- C:\Windows\system32\wow64win.dll
2015-06-10 13:56:05 ----A---- C:\Windows\system32\wow64cpu.dll
2015-06-10 13:56:05 ----A---- C:\Windows\system32\sspisrv.dll
2015-06-10 13:56:05 ----A---- C:\Windows\system32\srclient.dll
2015-06-10 13:56:05 ----A---- C:\Windows\system32\secur32.dll
2015-06-10 13:56:05 ----A---- C:\Windows\system32\ntvdm64.dll
2015-06-10 13:56:05 ----A---- C:\Windows\system32\diskperf.exe
2015-06-10 13:56:05 ----A---- C:\Windows\system32\csrsrv.dll
2015-06-10 13:56:05 ----A---- C:\Windows\system32\credssp.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 13:56:04 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 13:56:04 ----A---- C:\Windows\SYSWOW64\user.exe
2015-06-10 13:56:04 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-06-10 13:56:04 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-06-10 13:56:04 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-06-10 13:56:04 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-06-10 13:56:04 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-06-10 13:56:04 ----A---- C:\Windows\system32\UtcResources.dll
2015-06-10 13:56:04 ----A---- C:\Windows\system32\msobjs.dll
2015-06-10 13:56:04 ----A---- C:\Windows\system32\msaudite.dll
2015-06-10 13:56:04 ----A---- C:\Windows\system32\apisetschema.dll
2015-06-10 13:56:04 ----A---- C:\Windows\system32\adtschema.dll
2015-06-10 13:55:41 ----A---- C:\Windows\system32\wmp.dll
2015-06-10 13:55:40 ----A---- C:\Windows\SYSWOW64\wmp.dll
2015-06-10 13:55:39 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2015-06-10 13:55:39 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2015-06-10 13:55:39 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2015-06-10 13:55:39 ----A---- C:\Windows\system32\spwmp.dll
2015-06-10 13:55:39 ----A---- C:\Windows\system32\dxmasf.dll
2015-06-10 13:55:38 ----A---- C:\Windows\system32\wmploc.DLL
2015-06-10 13:55:35 ----A---- C:\Windows\system32\invagent.dll
2015-06-10 13:55:35 ----A---- C:\Windows\system32\generaltel.dll
2015-06-10 13:55:35 ----A---- C:\Windows\system32\devinv.dll
2015-06-10 13:55:35 ----A---- C:\Windows\system32\appraiser.dll
2015-06-10 13:55:35 ----A---- C:\Windows\system32\aepic.dll
2015-06-10 13:55:35 ----A---- C:\Windows\system32\aeinv.dll
2015-06-10 13:55:34 ----A---- C:\Windows\system32\aepdu.dll
2015-06-10 13:55:34 ----A---- C:\Windows\system32\acmigration.dll
2015-06-10 13:54:55 ----A---- C:\Windows\system32\win32k.sys
2015-06-10 13:54:51 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2015-06-10 13:54:51 ----A---- C:\Windows\system32\comctl32.dll
2015-06-10 13:54:50 ----A---- C:\Windows\system32\drivers\stream.sys
2015-06-10 13:54:45 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-06-10 13:54:45 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-06-10 13:54:45 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-06-10 13:54:45 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-06-10 13:54:45 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-06-10 13:54:45 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-06-10 13:54:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-06-10 13:54:44 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-06-10 13:54:44 ----A---- C:\Windows\system32\iernonce.dll
2015-06-10 13:54:44 ----A---- C:\Windows\system32\ie4uinit.exe
2015-06-10 13:54:43 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-06-10 13:54:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-06-10 13:54:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-06-10 13:54:43 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-06-10 13:54:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-06-10 13:54:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 13:54:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-06-10 13:54:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-06-10 13:54:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-06-10 13:54:41 ----A---- C:\Windows\system32\urlmon.dll
2015-06-10 13:54:41 ----A---- C:\Windows\system32\iedkcs32.dll
2015-06-10 13:54:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-06-10 13:54:40 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-06-10 13:54:40 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-06-10 13:54:40 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-06-10 13:54:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-06-10 13:54:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-06-10 13:54:40 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-06-10 13:54:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 13:54:40 ----A---- C:\Windows\system32\msfeeds.dll
2015-06-10 13:54:40 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 13:54:40 ----A---- C:\Windows\system32\dxtrans.dll
2015-06-10 13:54:39 ----A---- C:\Windows\system32\iesetup.dll
2015-06-10 13:54:39 ----A---- C:\Windows\system32\ieapfltr.dll
2015-06-10 13:54:38 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-06-10 13:54:38 ----A---- C:\Windows\system32\vbscript.dll
2015-06-10 13:54:38 ----A---- C:\Windows\system32\iertutil.dll
2015-06-10 13:54:37 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-06-10 13:54:37 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-06-10 13:54:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-06-10 13:54:37 ----A---- C:\Windows\system32\jsproxy.dll
2015-06-10 13:54:37 ----A---- C:\Windows\system32\ieUnatt.exe
2015-06-10 13:54:36 ----A---- C:\Windows\system32\ieui.dll
2015-06-10 13:54:36 ----A---- C:\Windows\system32\dxtmsft.dll
2015-06-10 13:54:35 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-06-10 13:54:35 ----A---- C:\Windows\system32\mshtmled.dll
2015-06-10 13:54:35 ----A---- C:\Windows\system32\jscript9diag.dll
2015-06-10 13:54:35 ----A---- C:\Windows\system32\jscript.dll
2015-06-10 13:54:35 ----A---- C:\Windows\system32\ieframe.dll
2015-06-10 13:54:34 ----A---- C:\Windows\system32\wininet.dll
2015-06-10 13:54:34 ----A---- C:\Windows\system32\jscript9.dll
2015-06-10 13:54:33 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-06-10 13:54:32 ----A---- C:\Windows\system32\msrating.dll
2015-06-10 13:54:32 ----A---- C:\Windows\system32\mshtml.dll

======List of files/folders modified in the last 1 month======

2015-07-06 09:24:38 ----D---- C:\Windows\Prefetch
2015-07-06 09:24:37 ----D---- C:\Windows\Temp
2015-07-06 09:24:37 ----D---- C:\Program Files\trend micro
2015-07-06 09:15:13 ----D---- C:\Windows\System32
2015-07-06 09:15:13 ----D---- C:\Windows\inf
2015-07-06 09:15:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-06 09:11:34 ----D---- C:\Windows\system32\config
2015-07-06 09:08:18 ----D---- C:\ProgramData\NVIDIA
2015-07-05 08:42:56 ----D---- C:\Windows
2015-07-05 08:42:50 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-04 16:42:11 ----RD---- C:\Program Files (x86)
2015-07-02 19:13:20 ----D---- C:\Users\Ondra\AppData\Roaming\Skype
2015-07-01 17:25:29 ----D---- C:\Windows\system32\wdi
2015-06-30 20:44:27 ----D---- C:\Windows\system32\NDF
2015-06-30 18:41:15 ----SHD---- C:\System Volume Information
2015-06-28 16:36:52 ----D---- C:\Windows\system32\drivers
2015-06-24 17:35:32 ----D---- C:\Windows\Tasks
2015-06-24 17:35:32 ----D---- C:\Windows\system32\wfp
2015-06-24 17:35:32 ----D---- C:\Windows\system32\wbem
2015-06-24 17:35:32 ----D---- C:\Windows\system32\DriverStore
2015-06-24 17:35:31 ----SD---- C:\Windows\system32\GWX
2015-06-24 17:35:31 ----D---- C:\Windows\system32\catroot2
2015-06-24 17:35:31 ----D---- C:\Users\Ondra\AppData\Roaming\TP-LINK
2015-06-24 17:35:29 ----D---- C:\Windows\registration
2015-06-24 17:30:13 ----D---- C:\Windows\SysWOW64
2015-06-24 17:30:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-06-24 16:56:22 ----D---- C:\Windows\system32\LogFiles
2015-06-24 16:39:13 ----D---- C:\Windows\system32\Tasks
2015-06-22 22:26:49 ----D---- C:\ProgramData\Origin
2015-06-15 19:05:08 ----A---- C:\Windows\system32\MetaViewer64.dll
2015-06-12 17:56:47 ----D---- C:\Windows\rescache
2015-06-11 20:06:08 ----D---- C:\Windows\debug
2015-06-10 19:14:46 ----D---- C:\Windows\winsxs
2015-06-10 19:12:19 ----SD---- C:\Windows\system32\CompatTel
2015-06-10 19:12:19 ----D---- C:\Windows\system32\appraiser
2015-06-10 19:12:19 ----D---- C:\Windows\AppPatch
2015-06-10 19:12:19 ----D---- C:\Program Files\Windows Media Player
2015-06-10 19:12:19 ----D---- C:\Program Files (x86)\Windows Media Player
2015-06-10 19:12:17 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-06-10 19:12:17 ----D---- C:\Windows\system32\cs-CZ
2015-06-10 19:12:14 ----D---- C:\Program Files\Internet Explorer
2015-06-10 19:12:13 ----D---- C:\Windows\SYSWOW64\en-US
2015-06-10 19:12:13 ----D---- C:\Windows\PolicyDefinitions
2015-06-10 19:12:12 ----D---- C:\Windows\system32\en-US
2015-06-10 19:12:12 ----D---- C:\Program Files (x86)\Internet Explorer
2015-06-10 18:47:41 ----D---- C:\Windows\system32\MRT
2015-06-10 18:46:04 ----A---- C:\Windows\system32\MRT.exe
2015-06-07 08:47:46 ----D---- C:\Users\Ondra\AppData\Roaming\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-12 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-12 271200]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-12 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-12 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-12 442264]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-12 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-12 88408]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-12 136752]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2010-12-08 122856]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2010-12-08 369640]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2012-10-18 1930240]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-11-23 2565736]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-03-13 195728]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-03-28 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 SNPSTD3;USB PC Camera (SNPSTD3); C:\Windows\system32\DRIVERS\snpstd3.sys [2007-05-02 10503168]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-03-11 14464]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-07-23 172344]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-12 343336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-03-28 1152144]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2010-08-12 133800]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-03-28 1878672]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-03-28 22995600]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-03-13 935056]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-03-13 410768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24 268464]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-05-22 114688]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-07-04 148136]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 Origin Client Service;Origin Client Service; D:\Origin\OriginClientService.exe [2015-06-07 1997168]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-04-14 836288]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-04-13 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Re: Prosím o kontrolu

Napsal: 06 črc 2015 09:07
od Márty84
Zdravim :)

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

Re: Prosím o kontrolu

Napsal: 06 črc 2015 09:49
od celeston
# AdwCleaner v4.207 - Log vytvořen 06/07/2015 v 10:45:57
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-07-05.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Ondra - ONDRA-PC
# Spuštěno z : C:\Users\Ondra\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****

Soubor Smazáno : C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\3ik8yj4h.default-1428859787136\searchplugins\ask-search.xml

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v39.0 (x86 cs)


-\\ Google Chrome v43.0.2357.130


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [1420 bytů] - [06/07/2015 10:45:27]
AdwCleaner[S0].txt - [1290 bytů] - [06/07/2015 10:45:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1348 bytů] ##########

Re: Prosím o kontrolu

Napsal: 06 črc 2015 09:50
od Márty84
:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: Prosím o kontrolu

Napsal: 06 črc 2015 10:49
od celeston
Tak jsem skcen dokončil ,ale žadný vysledky mi nevyběhly..

Re: Prosím o kontrolu

Napsal: 06 črc 2015 11:00
od celeston
Každopádně to načítání u kurzoru myši stále trvá.

Re: Prosím o kontrolu

Napsal: 06 črc 2015 11:14
od Márty84
A nasel neco?
Po dokončení skenu klikneme na "Uložit výsledky", poté na "Textový soubor (*.txt)" a následně log uložíme - ideálně na plochu, ať jej pak nemusíte hledat. Obsah tohoto logu vložte do svého tématu na fóru.

Re: Prosím o kontrolu

Napsal: 06 črc 2015 17:05
od celeston
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 6.7.2015
Čas skenování: 12:19
Protokol: vys.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.07.06.02
Databáze rootkitů: v2015.07.05.03
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Ondra

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 461090
Uplynulý čas: 5 hod, 40 min, 44 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 0
(Nenalezeny žádné škodlivé položky)

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: Prosím o kontrolu

Napsal: 06 črc 2015 17:33
od Márty84
:arrow: MBAM muzete odinstalovat.

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)

Re: Prosím o kontrolu

Napsal: 06 črc 2015 17:41
od celeston
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Ondra (administrator) on ONDRA-PC on 06-07-2015 18:40:08
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\vsnpstd3.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Windows\tsnpstd3.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_d17c28e532189242\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_d17c28e532189242\SearchFilterHost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [843776 2006-09-18] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe [368640 2007-06-15] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\Run: [Steam] => D:\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7799576 2015-05-31] (SUPERAntiSpyware)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-04-12]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2015-04-24]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-12] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-12] (Avast Software s.r.o.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-02] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-12] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-02] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2078E4FA-22DE-4606-B482-6CA5CDC75248}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{237937ED-BEB0-4264-A31D-432BCEC35727}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Ondra\AppData\Roaming\Mozilla\Firefox\Profiles\3ik8yj4h.default-1428859787136
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-24] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-12]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-12]
CHR Extension: (Google Docs) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-12]
CHR Extension: (Google Drive) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-12]
CHR Extension: (YouTube) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-12]
CHR Extension: (Google Search) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-12]
CHR Extension: (Google Sheets) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-12]
CHR Extension: (Avast Online Security) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-12]
CHR Extension: (Google Wallet) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-12]
CHR Extension: (Gmail) - C:\Users\Ondra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-12]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-12] (Avast Software s.r.o.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [1997168 2015-06-07] (Electronic Arts)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-12] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-12] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10503168 2007-05-02] (Sonix Co. Ltd.)
R3 SNPSTD3; C:\Windows\SysWOW64\DRIVERS\snpstd3.sys [10222720 2007-05-02] (Sonix Co. Ltd.)
R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 18:40 - 2015-07-06 18:40 - 00013139 _____ C:\Users\Ondra\Desktop\FRST.txt
2015-07-06 18:39 - 2015-07-06 18:40 - 00000000 ____D C:\FRST
2015-07-06 18:38 - 2015-07-06 18:38 - 02112512 _____ (Farbar) C:\Users\Ondra\Desktop\FRST64(1).exe
2015-07-06 18:37 - 2015-07-06 18:37 - 02112512 _____ (Farbar) C:\Users\Ondra\Desktop\FRST64.exe
2015-07-06 11:10 - 2015-07-06 11:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-06 10:45 - 2015-07-06 10:45 - 00000000 ____D C:\AdwCleaner
2015-07-06 10:42 - 2015-07-06 10:43 - 02244096 _____ C:\Users\Ondra\Desktop\adwcleaner_4.207.exe
2015-07-06 09:24 - 2015-07-06 09:24 - 00000000 ____D C:\rsit
2015-07-06 09:18 - 2015-07-06 09:18 - 01222144 _____ C:\Users\Ondra\Desktop\RSITx64.exe
2015-07-05 08:42 - 2015-07-06 10:47 - 00000672 _____ C:\Windows\setupact.log
2015-07-05 08:42 - 2015-07-05 08:42 - 00000364 _____ C:\Windows\PFRO.log
2015-07-05 08:42 - 2015-07-05 08:42 - 00000000 _____ C:\Windows\setuperr.log
2015-07-04 10:31 - 2015-07-05 08:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-24 16:38 - 2015-04-12 19:03 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-06-10 13:56 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 13:56 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 13:56 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 13:56 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 13:56 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 13:56 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 13:56 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 13:56 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 13:56 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 13:56 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 13:56 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 13:56 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 13:56 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 13:56 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 13:56 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 13:56 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 13:56 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 13:56 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 13:56 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 13:56 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 13:56 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 13:56 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 13:56 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 13:56 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 13:56 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 13:56 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 13:56 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 13:56 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 13:56 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 13:56 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 13:56 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 13:56 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 13:56 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 13:56 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 13:56 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 13:56 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 13:56 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 13:56 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 13:56 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 13:56 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 13:55 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 13:55 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 13:55 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 13:55 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 13:55 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 13:55 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 13:55 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 13:55 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 13:55 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 13:55 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 13:55 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 13:55 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 13:55 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 13:55 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 13:55 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 13:55 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 13:55 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 13:55 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 13:54 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 13:54 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 13:54 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 13:54 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 13:54 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 13:54 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 13:54 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 13:54 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 13:54 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 13:54 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 13:54 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 13:54 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 13:54 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 13:54 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 13:54 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 13:54 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 13:54 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 13:54 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 13:54 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 13:54 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 13:54 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 13:54 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 13:54 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 13:54 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 13:54 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 13:54 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 13:54 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 13:54 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 13:54 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 13:54 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 13:54 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 13:54 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 13:54 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 13:54 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 13:54 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 13:54 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 13:54 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 13:54 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 13:54 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 13:54 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 13:54 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 13:54 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 13:54 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 13:54 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 13:54 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 13:54 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 13:54 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 13:54 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 13:54 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 13:54 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 13:54 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 13:54 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 13:54 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 13:54 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 13:54 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 13:54 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 13:54 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 13:54 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 13:54 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 13:54 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 13:54 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 13:54 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 13:54 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 13:54 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-06 07:21 - 2015-06-06 07:21 - 00000000 ____D C:\Users\Ondra\AppData\Local\GWX

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 18:30 - 2015-04-13 12:51 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-06 18:28 - 2015-05-23 14:46 - 01153926 _____ C:\Windows\WindowsUpdate.log
2015-07-06 17:55 - 2015-04-12 19:40 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-06 10:55 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-06 10:55 - 2009-07-14 06:45 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-06 10:53 - 2011-04-12 10:34 - 00666194 _____ C:\Windows\system32\perfh005.dat
2015-07-06 10:53 - 2011-04-12 10:34 - 00139890 _____ C:\Windows\system32\perfc005.dat
2015-07-06 10:53 - 2009-07-14 07:13 - 01576554 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-06 10:47 - 2015-05-01 11:37 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-06 10:47 - 2015-04-12 19:40 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-06 10:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-06 09:24 - 2015-04-12 19:43 - 00000000 ____D C:\Program Files\trend micro
2015-07-05 17:55 - 2015-04-12 19:03 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-05 08:42 - 2015-04-23 17:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-02 19:13 - 2015-04-13 13:02 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Skype
2015-06-30 20:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-24 17:35 - 2015-04-13 10:47 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-24 17:35 - 2015-04-12 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-24 17:35 - 2015-04-12 18:42 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\TP-LINK
2015-06-24 17:35 - 2011-04-12 10:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-06-24 17:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-06-24 17:30 - 2015-04-13 12:51 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-24 17:30 - 2015-04-13 12:51 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-24 17:30 - 2015-04-13 12:51 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-24 16:39 - 2015-04-12 19:03 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-24 16:36 - 2015-04-12 17:09 - 00000000 ____D C:\Users\Ondra
2015-06-22 22:26 - 2015-04-19 14:38 - 00000000 ____D C:\ProgramData\Origin
2015-06-20 09:54 - 2015-04-15 20:02 - 00000080 _____ C:\Users\Ondra\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-06-15 19:05 - 2015-04-12 19:35 - 06076080 _____ (MetaQuotes Software Corp.) C:\Windows\system32\MetaViewer64.dll
2015-06-15 16:37 - 2015-05-31 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-06-15 09:10 - 2009-07-14 07:08 - 00032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-14 00:10 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-06-12 17:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-10 19:14 - 2009-07-14 06:45 - 00413168 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 19:12 - 2015-04-15 10:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 19:12 - 2015-04-15 10:13 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 19:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 18:47 - 2015-04-13 08:46 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 18:46 - 2015-04-13 08:46 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-07 08:48 - 2015-04-19 15:01 - 00000832 _____ C:\Users\Public\Desktop\FIFA 15.lnk
2015-06-07 08:47 - 2015-04-19 14:38 - 00000000 ____D C:\Users\Ondra\AppData\Roaming\Origin

==================== Files in the root of some directories =======

2008-02-05 13:28 - 2008-02-05 13:28 - 0000051 _____ () C:\Users\Ondra\AppData\Local\setup.txt

Some files in TEMP:
====================
C:\Users\Ondra\AppData\Local\Temp\Quarantine.exe
C:\Users\Ondra\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 19:52

==================== End of log ============================

Re: Prosím o kontrolu

Napsal: 06 črc 2015 17:42
od celeston
A tady z toho Addition.

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Ondra at 2015-07-06 18:40:35
Running from C:\Users\Ondra\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3907576443-798730336-3158376024-500 - Administrator - Disabled)
Guest (S-1-5-21-3907576443-798730336-3158376024-501 - Limited - Disabled)
Ondra (S-1-5-21-3907576443-798730336-3158376024-1000 - Administrator - Enabled) => C:\Users\Ondra

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 cs)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 347.88 (Version: 347.88 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
StarCam Genie (HKLM-x32\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.20.0.302 - Micro-Star Int'l Co.,Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1168 - SUPERAntiSpyware.com)
TeleTRADE MT4 (HKLM-x32\...\TeleTRADE MT4) (Version: 4.00 - MetaQuotes Software Corp.)
TP-LINK 150Mbps Wireless N USB Adapter Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

23-06-2015 15:14:58 Windows Update
24-06-2015 16:36:44 avast! antivirus system restore point
24-06-2015 16:39:46 Windows Update
30-06-2015 18:34:29 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {007EFB0B-491A-4141-B82D-7A802F1A6DA4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {84C92F08-BABE-42F6-8C85-C1587A10EAEF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated)
Task: {CF8D212A-2465-4FA4-85A2-741E81C8A816} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12] (Google Inc.)
Task: {D55D885E-CDED-4B62-8D01-AFDDE1B23C4A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12] (Google Inc.)
Task: {E0A9D1C3-A5DE-4F2B-A3B4-BD3D17F9D15A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-24] (Avast Software s.r.o.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-01 11:37 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-25 22:11 - 2006-09-18 14:12 - 00843776 _____ () C:\Windows\vsnpstd3.exe
2015-04-25 22:11 - 2007-06-15 15:00 - 00368640 _____ () C:\Windows\tsnpstd3.exe
2015-02-19 23:40 - 2015-02-19 23:40 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-04-12 19:03 - 2015-04-12 19:03 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-12 19:03 - 2015-04-12 19:03 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-05 17:55 - 2015-07-05 17:55 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070501\algo.dll
2015-07-06 14:47 - 2015-07-06 14:47 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15070601\algo.dll
2015-04-12 17:23 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-12 19:03 - 2015-04-12 19:03 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\driversupport.com -> hxxps://apps.driversupport.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3907576443-798730336-3158376024-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ondra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8ACA1179-7A70-446D-90B3-5E80FDED67AF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AD4FBE49-2E0D-4005-95FE-86D5F6E7405A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{282F5622-A15F-4AED-8A0A-38374B040191}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0F990809-4581-49B4-B02B-E3113A74A78E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{84AADBA8-E292-4D2B-AA6C-BA852EA78236}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{38F8004D-0766-4990-96DF-823384281444}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B91518BD-4AC7-4D89-BFBE-B3BE0F9B1886}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3C55F24B-82E8-4BE8-8FBA-0E92DB429159}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{B1A73264-87C3-4A04-8706-DCAE91EE8CC6}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{87596A96-F233-4A2E-9C00-F9FADA07851C}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{463F07D3-D27B-437F-A1C1-BD39D725DD76}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{1F04F2CB-E5A9-4ABC-AD0A-EC569E1C056D}D:\gta v\gta5.exe] => (Allow) D:\gta v\gta5.exe
FirewallRules: [UDP Query User{0D762EB8-5F79-4415-9B68-9390F1B85EF4}D:\gta v\gta5.exe] => (Allow) D:\gta v\gta5.exe
FirewallRules: [TCP Query User{6F625D6A-9B91-49C4-9AAB-D09FE1E77F90}D:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [UDP Query User{A2402C93-B517-4168-9D46-549B547E917E}D:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{A2E59A6F-5B54-4A80-B692-CAD9B249CDA1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9066C1AE-9781-46A8-A55C-639E9E08CF47}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7621E7D3-B516-4738-B932-6FC7353055AC}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{D945FBB2-F851-4806-8739-C906A276514D}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{E4DA0DA0-2650-40DD-B49F-C8B177BCDC8B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/06/2015 10:47:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/06/2015 09:08:46 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2015 05:55:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2015 08:43:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2015 04:39:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2015 08:53:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2015 03:58:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2015 05:50:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2015 04:57:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2015 07:30:28 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0]


System errors:
=============
Error: (07/06/2015 10:45:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (07/06/2015 10:45:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (07/06/2015 10:45:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Streamer Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/06/2015 10:45:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/06/2015 10:45:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel® PROSet Monitoring Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/06/2015 10:45:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA GeForce Experience Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/06/2015 10:45:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SAS Core Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (07/06/2015 10:45:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba zařazování tisku byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (07/06/2015 10:45:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Stereoscopic 3D Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/06/2015 10:45:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Display Driver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Microsoft Office:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2500 CPU @ 3.30GHz
Percentage of memory in use: 31%
Total physical RAM: 8168.63 MB
Available physical RAM: 5632.4 MB
Total Virtual: 16335.46 MB
Available Virtual: 13331.4 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100.59 GB) (Free:65.37 GB) NTFS
Drive d: () (Fixed) (Total:365.07 GB) (Free:282.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DC15DC15)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=365.1 GB) - (Type=07 NTFS)

==================== End of log ============================

Re: Prosím o kontrolu

Napsal: 06 črc 2015 19:59
od Márty84
:arrow: Vypnete trvale Windows Defender.



:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\Run: [Steam] => D:\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7799576 2015-05-31] (SUPERAntiSpyware)

R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

2015-07-06 11:10 - 2015-07-06 11:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-20 09:54 - 2015-04-15 20:02 - 00000080 _____ C:\Users\Ondra\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

IE trusted site: HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\driversupport.com -> hxxps://apps.driversupport.com

S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12 116648]

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

Re: Prosím o kontrolu

Napsal: 07 črc 2015 19:17
od celeston
Kde vypnu ten win defender?

Re: Prosím o kontrolu

Napsal: 07 črc 2015 19:24
od celeston
Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Ondra at 2015-07-07 20:19:22 Run:1
Running from C:\Users\Ondra\Desktop
Loaded Profiles: Ondra (Available Profiles: Ondra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\Run: [Steam] => D:\Steam\steam.exe [2889408 2015-04-14] (Valve Corporation)
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7799576 2015-05-31] (SUPERAntiSpyware)

R3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

2015-07-06 11:10 - 2015-07-06 11:10 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-20 09:54 - 2015-04-15 20:02 - 00000080 _____ C:\Users\Ondra\AppData\Local???????????????????

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

IE trusted site: HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-3907576443-798730336-3158376024-1000\...\driversupport.com -> hxxps://apps.driversupport.com

S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-12 116648]

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware => value removed successfully
MBAMSwissArmy => Service removed successfully
C:\ProgramData\Malwarebytes => moved successfully.

"C:\Users\Ondra\AppData\Local???????????????????" folder move:

Could not move "C:\Users\Ondra\AppData\Local???????????????????" folder => Scheduled to move on reboot.

C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
"HKU\S-1-5-21-3907576443-798730336-3158376024-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\driversupport.com" => key removed successfully
HKU\S-1-5-21-3907576443-798730336-3158376024-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\driversupport.com => key not found.
gupdate => Service removed successfully
SkypeUpdate => Service removed successfully
AdobeFlashPlayerUpdateSvc => Service removed successfully
gupdatem => Service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 216.4 MB temporary data Removed.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-07-07 20:22:55)<=

"C:\Users\Ondra\AppData\Local???????????????????" => Could not move

==== End of Fixlog 20:22:55 ====

Re: Prosím o kontrolu

Napsal: 07 črc 2015 22:27
od Márty84
celeston píše:Kde vypnu ten win defender?
http://windows.microsoft.com/cs-cz/wind ... =windows-7



:!: Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

:arrow:
vyosek píše: :arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

:arrow: Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




:arrow: Pak napiste, jak je na tom pc.
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz