VIRY.CZ

Dobrý den, omlouvám se, že otravuju, ale Antivir mi vyhodnotil dva infikované soubory, které jsem dala do truhly, kde jsem našla celkem 4 soubory: snímek je v příloze ... moc doufám, že to nebude nic vážného taky mi NTB občas zahlásí, že načítání trvá příliš dlouho, možná je to tochu pomalejší mno. Jen doufám, že to nebudě žádný závažný vir nebo tak něco. Děkuju za pomoc


Logfile of random's system information tool 1.10 (written by random/random)
Run by KoulovaA at 2015-08-19 18:15:22
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 128 GB (28%) free of 459 GB
Total RAM: 3984 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:15:27, on 19. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\LibreOffice 4\program\soffice.exe
C:\Program Files (x86)\LibreOffice 4\program\soffice.bin
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\KoulovaA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-21-2592885859-3292131433-3858698835-1002\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Kotyna\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q (User 'Kotyna')
O4 - HKUS\S-1-5-21-2592885859-3292131433-3858698835-1002\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Kotyna\AppData\Roaming\Seznam.cz\szninstall.exe" -c (User 'Kotyna')
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9922 bytes

======Listing Processes======





wininit.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 505154140688
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {e6b61e2d-3bd4-46fe-a5d66f420fba5767}
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\SysWOW64\ssins.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
taskhost.exe $(Arg0)
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\Explorer.EXE
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe"
"C:\Windows\system32\GWX\GWX.exe"
szndesktop.exe default start
"C:\Users\Kotyna\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="832.5.35075001\105486582" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 832 "\\.\pipe\gecko-crash-server-pipe.832" plugin
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --proxy-stub-channel=Flash584.678434F0.30889 --host-broker-channel=Flash584.678434F0.28134 --host-pid=584 --host-npapi-version=28 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_232.dll"
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --channel=2132.0122F6C0.758361266 --proxy-stub-channel=Flash584.678434F0.30889 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_232.dll" --host-npapi-version=28 --type=renderer

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5472.0.2099680595\1324016190" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,22,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0f31 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3408 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group2 pct:10b stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledMin1/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/OneWeek/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_27/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5472.6.262634832\1185125280" --font-cache-shared-handle=2188 /prefetch:673131151
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=renderer --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --log-file="C:\Users\Kotyna\AppData\Roaming\AVAST Software\Avast\log\avastium.log" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 Avastium (10.3.2225)" --proxy-auto-detect --disable-webaudio --mute-audio --force-wave-audio --disable-gpu --disable-software-rasterizer --no-sandbox --disable-webgl --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --pack_loading_disabled=1 --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --disable-gpu-compositing --channel="5276.1.1742244641\415576413" /prefetch:673131151

winlogon.exe
"dwm.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\Explorer.EXE
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
taskhost.exe
"C:\Program Files (x86)\LibreOffice 4\program\swriter.exe" -o "C:\Users\Kotyna\Desktop\Headway.odt"
"C:\Program Files (x86)\LibreOffice 4\program\swriter.exe" -o "C:\Users\Kotyna\Desktop\Headway.odt" --writer
"C:\Program Files (x86)\LibreOffice 4\program\swriter.exe" "-o" "C:\Users\Kotyna\Desktop\Headway.odt" "--writer" "-env:OOO_CWD=2C:\\Users\\Kotyna\\Desktop"
C:\Windows\splwow64.exe 8192
C:\Windows\system32\svchost.exe -k WbioSvcGroup
"C:\Program Files (x86)\LibreOffice 4\program\soffice.exe"
"C:\Program Files (x86)\LibreOffice 4\program\soffice.exe" "-env:OOO_CWD=2C:\\Program Files (x86)\\LibreOffice 4"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="4940.4.483152558\818722488" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 4940 "\\.\pipe\gecko-crash-server-pipe.4940" tab
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe79_ Global\UsGthrCtrlFltPipeMssGthrPipe79 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
"C:\Users\KoulovaA\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\KoulovaA\AppData\Roaming\Mozilla\Firefox\Profiles\j0b6p7mp.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll


C:\Users\KoulovaA\AppData\Roaming\Mozilla\Firefox\Profiles\j0b6p7mp.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-14 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-19 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-14 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-19 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-19 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-19 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-02-18 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-02-18 771568]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-02-18 770544]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-01-14 7510896]
"SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-03-28 3962936]
"OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-03-28 415288]
"OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-03-28 415288]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-13 2803440]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-10-08 1045304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-14 6109776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-02-18 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-19 18:06:45 ----D---- C:\Users\KoulovaA\AppData\Roaming\LibreOffice
2015-08-19 17:43:41 ----D---- C:\Program Files\trend micro
2015-08-19 17:43:40 ----D---- C:\rsit
2015-08-16 19:22:21 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 19:22:21 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 20:32:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-14 19:27:13 ----A---- C:\Windows\system32\aswBoot.exe
2015-08-14 19:27:05 ----A---- C:\Windows\avastSS.scr
2015-08-12 20:09:21 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 20:09:19 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2015-08-12 20:09:12 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2015-08-12 20:09:09 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2015-08-12 20:09:09 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2015-08-12 20:09:04 ----A---- C:\Windows\system32\invagent.dll
2015-08-12 20:09:04 ----A---- C:\Windows\system32\generaltel.dll
2015-08-12 20:09:04 ----A---- C:\Windows\system32\appraiser.dll
2015-08-12 20:09:03 ----A---- C:\Windows\system32\devinv.dll
2015-08-12 20:09:03 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-12 20:09:03 ----A---- C:\Windows\system32\aeinv.dll
2015-08-12 20:09:03 ----A---- C:\Windows\system32\acmigration.dll
2015-08-12 20:09:01 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2015-08-12 20:09:01 ----A---- C:\Windows\system32\netcfgx.dll
2015-08-12 20:09:01 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-08-12 20:08:50 ----A---- C:\Windows\system32\drivers\tcpip.sys
2015-08-12 20:08:50 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2015-08-12 19:45:27 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-12 19:45:26 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-08-12 19:45:26 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-08-12 19:45:26 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-12 19:45:26 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 19:45:26 ----A---- C:\Windows\system32\wudriver.dll
2015-08-12 19:45:26 ----A---- C:\Windows\system32\wucltux.dll
2015-08-12 19:45:26 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-12 19:45:26 ----A---- C:\Windows\system32\wuapi.dll
2015-08-12 19:45:25 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-08-12 19:45:25 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-08-12 19:45:25 ----A---- C:\Windows\system32\wuapp.exe
2015-08-12 19:44:36 ----A---- C:\Windows\system32\mshtml.dll
2015-08-12 19:44:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-08-12 19:44:32 ----A---- C:\Windows\system32\ieframe.dll
2015-08-12 19:44:31 ----A---- C:\Windows\system32\jscript9.dll
2015-08-12 19:44:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-08-12 19:44:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-08-12 19:44:28 ----A---- C:\Windows\system32\wininet.dll
2015-08-12 19:44:28 ----A---- C:\Windows\system32\ieui.dll
2015-08-12 19:44:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-08-12 19:44:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-08-12 19:44:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-08-12 19:44:26 ----A---- C:\Windows\system32\urlmon.dll
2015-08-12 19:44:26 ----A---- C:\Windows\system32\actxprxy.dll
2015-08-12 19:44:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-08-12 19:44:25 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-12 19:44:25 ----A---- C:\Windows\system32\iertutil.dll
2015-08-12 19:44:24 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-08-12 19:44:24 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-08-12 19:44:24 ----A---- C:\Windows\system32\webcheck.dll
2015-08-12 19:44:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-08-12 19:44:23 ----A---- C:\Windows\system32\vbscript.dll
2015-08-12 19:44:23 ----A---- C:\Windows\system32\jscript.dll
2015-08-12 19:44:23 ----A---- C:\Windows\system32\inetcomm.dll
2015-08-12 19:44:23 ----A---- C:\Windows\system32\iepeers.dll
2015-08-12 19:44:23 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-12 19:44:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-08-12 19:44:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-08-12 19:44:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-08-12 19:43:16 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-08-12 19:43:16 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-08-12 19:43:16 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-12 19:43:16 ----A---- C:\Windows\system32\davclnt.dll
2015-08-12 19:43:11 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-08-12 19:43:11 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-12 19:43:11 ----A---- C:\Windows\system32\ntdll.dll
2015-08-12 19:43:11 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-12 19:43:10 ----A---- C:\Windows\system32\sysmain.dll
2015-08-12 19:42:45 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-12 19:42:44 ----A---- C:\Windows\system32\basesrv.dll
2015-08-12 19:42:42 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-08-12 19:42:42 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-08-12 19:42:42 ----A---- C:\Windows\system32\notepad.exe
2015-08-12 19:42:42 ----A---- C:\Windows\system32\msxml6.dll
2015-08-12 19:42:42 ----A---- C:\Windows\system32\msxml3.dll
2015-08-12 19:42:42 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 19:42:42 ----A---- C:\Windows\notepad.exe
2015-08-12 19:42:41 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-08-12 19:42:41 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-08-12 19:42:41 ----A---- C:\Windows\system32\mstscax.dll
2015-08-12 19:42:40 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-08-12 19:42:40 ----A---- C:\Windows\system32\win32k.sys
2015-08-12 19:42:40 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-12 19:42:39 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-08-12 19:42:39 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-08-12 19:42:39 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-08-12 19:42:39 ----A---- C:\Windows\system32\FntCache.dll
2015-08-12 19:42:39 ----A---- C:\Windows\system32\DWrite.dll
2015-08-12 19:42:39 ----A---- C:\Windows\system32\atmlib.dll
2015-08-12 19:42:39 ----A---- C:\Windows\system32\atmfd.dll

======List of files/folders modified in the last 1 month======

2015-08-19 18:11:17 ----D---- C:\Windows\Prefetch
2015-08-19 18:09:26 ----D---- C:\Windows\Temp
2015-08-19 18:05:14 ----HD---- C:\Program Files\WindowsApps
2015-08-19 18:02:03 ----D---- C:\Windows\system32\sru
2015-08-19 17:43:41 ----RD---- C:\Program Files
2015-08-19 12:44:32 ----SHD---- C:\Windows\Installer
2015-08-19 12:33:45 ----D---- C:\Windows\system32\config
2015-08-19 11:15:01 ----D---- C:\Windows\AppReadiness
2015-08-19 11:14:51 ----D---- C:\Windows\CbsTemp
2015-08-19 11:14:48 ----D---- C:\Windows\WinSxS
2015-08-18 23:16:17 ----D---- C:\Windows\rescache
2015-08-18 23:15:51 ----D---- C:\Windows\Microsoft.NET
2015-08-18 23:13:01 ----RSD---- C:\Windows\assembly
2015-08-18 23:00:35 ----D---- C:\Windows\system32\DriverStore
2015-08-18 22:54:00 ----SHD---- C:\System Volume Information
2015-08-17 09:40:59 ----D---- C:\Windows\system32\drivers
2015-08-17 09:40:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-17 00:32:03 ----RD---- C:\Windows\System32
2015-08-17 00:32:03 ----D---- C:\Windows\SysWOW64
2015-08-16 20:04:36 ----D---- C:\Windows\Inf
2015-08-16 09:11:25 ----RD---- C:\Program Files (x86)
2015-08-14 19:27:28 ----D---- C:\Windows\system32\Tasks
2015-08-14 19:27:12 ----D---- C:\Windows
2015-08-13 21:07:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-13 20:56:50 ----D---- C:\Program Files\Internet Explorer
2015-08-13 20:56:50 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-13 20:56:49 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-13 20:56:49 ----D---- C:\Program Files\Windows Defender
2015-08-13 20:56:48 ----SD---- C:\Windows\system32\CompatTel
2015-08-13 20:56:48 ----D---- C:\Windows\system32\appraiser
2015-08-13 20:56:48 ----D---- C:\Windows\apppatch
2015-08-13 20:56:48 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-13 20:56:40 ----D---- C:\Windows\system32\MRT
2015-08-13 20:48:39 ----A---- C:\Windows\system32\MRT.exe
2015-08-12 19:42:17 ----D---- C:\Windows\system32\catroot2
2015-08-08 15:55:07 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-08-02 01:55:08 ----D---- C:\Windows\system32\catroot
2015-08-01 17:26:07 ----D---- C:\Windows\Panther
2015-08-01 17:16:45 ----HD---- C:\$Windows.~BT
2015-07-25 12:10:36 ----SD---- C:\Windows\system32\GWX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-08-14 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-08-14 274808]
R0 MBI;@oem12.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2014-01-23 29464]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-08-14 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-08-14 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-08-14 447944]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-08-14 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-08-14 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-08-14 150672]
R3 clwvd;@oem21.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 GPIO;@oem14.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-02-18 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-01-15 3837144]
R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-02-18 450520]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 RSP2STOR;@oem16.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2014-01-04 291544]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-01-28 839896]
R3 RTWlanE;@oem6.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-03-22 3379416]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-13 31472]
R3 SynTP;@oem18.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 542448]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-11-06 632168]
S3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
S3 dg_ssudbus;@oem22.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-12-13 29936]
S3 ssudmdm;@oem24.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 WDC_SAM;@oem40.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-04-30 23200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-08-14 146600]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-05-27 2139328]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2014-01-13 92160]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-10-08 1039160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-07-15 786256]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-03-28 88064]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-12-23 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2015-01-02 107832]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-09 290520]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2015-04-08 2324216]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-18 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11 269000]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-02-18 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-18 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-12-18 194032]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-14 149160]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-07-07 2004488]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------

Zdravim

Co se tyka tech nalezu, ty byly neskodne. Uz byly v karantene FRST.

Na to zpomaleni se koukneme...


Stahnete crystal disk info http://sourceforge.jp/projects/crystald ... 5_0_0.zip/
Spustte jako spravce. Za chvili se zobrazi vysledek.
Kliknete nahore na napis Úpravy a pak na napis Kopírovat. To co se zkopiruje (ulozi se to do pameti) mi sem vlozte (ctrl + V)

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Tupý dotaz ... co z toho zipu mám otevřít jako správce?? Nějak tápu bohužel (

aha, už jsem na to přišla, tady to je:
----------------------------------------------------------------------------
CrystalDiskInfo 5.0.0 (C) 2008-2012 hiyohiyo
Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8 [6.2 Build 9200] (x64)
Date : 2015/08/19 19:48:33

-- Controller Map ----------------------------------------------------------
+ Intel(R) Pentium(R) processor N- and J-series / Intel(R) Celeron(R) processor N- and J-series AHCI - 0F23 [ATA]
- ST500LT012-1DG142
- hp DVD RAM UJ8E2
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST500LT012-1DG142 : 500,1 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST500LT012-1DG142
----------------------------------------------------------------------------
Model : ST500LT012-1DG142
Firmware : 1003YAM1
Serial Number : S3PCQPKS
Disk Size : 500,1 GB (8,4/137,4/500,1)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/600
Power On Hours : 1253 hod.
Power On Count : 612 krát
Temparature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 114 _99 __6 000004C04C70 Počet chyb čtení
03 _99 _99 __0 000000000000 Čas na roztočení ploten
04 100 100 __0 000000000266 Počet spuštění/zastavení
05 100 100 _36 000000000000 Počet přemapovaných sektorů
07 _76 _60 _30 000002A295B0 Počet chybných hledání
09 _99 _99 __0 0000000004E5 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C 100 100 __0 000000000264 Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Neznámý
B8 100 100 _97 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _65 _48 _45 0000271C0023 Teplota toku vzduchu
BF 100 100 __0 000000000034 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 000000000002 Počet vypnutí disku
C1 _86 _86 __0 000000006E43 Počet cyklů načítání/vymazání
C2 _35 _52 __0 000E00000023 Teplota
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 003F 003F 0000 0000 0000
010: 5333 5043 5150 4B53 2020 2020 2020 2020 2020 2020
020: 0000 0000 0004 3130 3033 4D31 4D31 5354 3530 304C
030: 5430 3132 2D31 4447 3134 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 003F 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0407 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 8D0E 8D0E 0004 004C 0048
080: 01F8 0029 306B 7C69 6123 BC49 BC49 6123 007F 002E
090: 002E 8080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 6003 6003 0000 5000 C500
110: 756B A18D 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0108 0108 5000 3C06 3C0A
140: 0000 0078 0000 0008 0000 7CFF 7CFF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 7500 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 103D 103D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0000 0000 0000 0000 0000
240: 0000 0000 0000 1000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 9FA5

Sikulka

Disk hlasi chyby, i to muze byt pricina zpomaleni. Uvidime po uplnem vycisteni.

Alice píše:01 114 _99 __6 000004C04C70 Počet chyb čtení
07 _76 _60 _30 000002A295B0 Počet chybných hledání
BF 100 100 __0 000000000034 Počet udalostí zaznamenaných otřesovým senzorem

Pokracujte ADWCleanerem.

# AdwCleaner v5.002 - Logfile created 19/08/2015 at 19:56:04
# Updated 18/08/2015 by Xplode
# Database : 2015-08-18.2 [Server]
# Operating system : Windows 8.1 Connected (x64)
# Username : KoulovaA - PC-AJANEK
# Running from : C:\Users\KoulovaA\Desktop\adwcleaner_5.002.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Users\Kotyna\AppData\Roaming\Mozilla\Firefox\Profiles\yxz9ma7o.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[!] Folder Not Deleted : C:\Users\Kotyna\AppData\Roaming\Mozilla\Firefox\Profiles\yxz9ma7o.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahaeginbdcckocjkhbciadcafnep
[-] Folder Deleted : C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg
[-] Folder Deleted : C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaejaghnbcjilindpkgmcmdflpgjf
[-] Folder Deleted : C:\Users\KoulovaA\AppData\Roaming\Mozilla\Firefox\Profiles\j0b6p7mp.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[!] Folder Not Deleted : C:\Users\KoulovaA\AppData\Roaming\Mozilla\Firefox\Profiles\j0b6p7mp.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider

***** [ Web browsers ] *****

[-] [C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaaahaeginbdcckocjkhbciadcafnep
[-] [C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaaadgepjkdffhjbkfjgnnffnfcffbg
[-] [C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaaaejaghnbcjilindpkgmcmdflpgjf

*************************

:: Proxy settings cleared
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [2092 bytes] ##########

# AdwCleaner v5.002 - Logfile created 19/08/2015 at 20:05:10
# Updated 18/08/2015 by Xplode
# Database : 2015-08-18.2 [Server]
# Operating system : Windows 8.1 Connected (x64)
# Username : KoulovaA - PC-AJANEK
# Running from : C:\Users\KoulovaA\Desktop\adwcleaner_5.002.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\Kotyna\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : uk.ask.com

*************************

:: Proxy settings cleared
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [724 bytes] ##########

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 19. 8. 2015
Čas skenování: 20:45
Protokol: Textový soubor.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.19.05
Databáze rootkitů: v2015.08.16.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: KoulovaA

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 723662
Uplynulý čas: 5 hod, 9 min, 3 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 3
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-2592885859-3292131433-3858698835-1002\SOFTWARE\AskPartnerNetwork, , [5958e921ec9fec4a53e66fb010f3728e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2592885859-3292131433-3858698835-1002\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [f1c07298266545f1e74b7d0fa46039c7],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-2592885859-3292131433-3858698835-1003\SOFTWARE\AskPartnerNetwork, , [c9e843c72b603ff70534958a19ea14ec],

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 1
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Super Radio, , [9e13907a6c1f1b1bcf216eb110f3fe02],

Soubory: 9
PUP.Optional.InstallCore.C, C:\Program Files (x86)\Super Radio\7eca1cd8-2a95-4759-9c0f-ae713062040a-11.exe, , [e4cda1695338bb7bde979feaa65faa56],
PUP.Optional.InstallCore.C, C:\Program Files (x86)\Super Radio\Uninstall.exe, , [585947c33c4fef47294c29604fb6e020],
PUP.Optional.APNToolBar.A, C:\Users\KoulovaA\Documents\APNSetup.exe, , [d4dd7d8d6823181e65ef6740e61be719],
PUP.Optional.APNToolBar.A, C:\Users\KoulovaA\Documents\APNSetup1.exe, , [9e13a862414aa195bd976f381ce528d8],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Super Radio\bgNova.html, , [9e13907a6c1f1b1bcf216eb110f3fe02],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Super Radio\1293297481.mxaddon, , [9e13907a6c1f1b1bcf216eb110f3fe02],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Super Radio\7eca1cd8-2a95-4759-9c0f-ae713062040a-6.exe, , [9e13907a6c1f1b1bcf216eb110f3fe02],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Super Radio\7eca1cd8-2a95-4759-9c0f-ae713062040a.crx, , [9e13907a6c1f1b1bcf216eb110f3fe02],
PUP.Optional.CrossRider.A, C:\Program Files (x86)\Super Radio\acbf0574-8b6e-4e94-81fb-ae24acc3cba6.crx, , [9e13907a6c1f1b1bcf216eb110f3fe02],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Vsechny nalezy nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (tentokrat uz staci jen Sken hrozeb - bude rychlejsi), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.

Ufff, díkybohu že to nebylo tak dlouhý jako to minule ... našlo to 0 hrozeb

Vyborne. MBAM muzete odinstalovat.


Dejte novy log z RSIT

a k tomu

Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

Nový RSIT

Logfile of random's system information tool 1.10 (written by random/random)
Run by KoulovaA at 2015-08-20 14:47:13
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 127 GB (28%) free of 459 GB
Total RAM: 3984 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:47:16, on 20. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
C:\Program Files\trend micro\KoulovaA.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-21-2592885859-3292131433-3858698835-1002\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Kotyna\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q (User 'Kotyna')
O4 - HKUS\S-1-5-21-2592885859-3292131433-3858698835-1002\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Kotyna\AppData\Roaming\Seznam.cz\szninstall.exe" -c (User 'Kotyna')
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Comodo Security Solutions, Inc. - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: HP SimplePass Service (omniserv) - Softex Inc. - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\Windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10065 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 669933027440
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {73aee080-7531-4e8a-85136a34cd8c2669}
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Windows\SysWOW64\ssins.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Explorer.EXE
taskhostex.exe
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

C:\Windows\system32\rundll32.exe invagent.dll,RunUpdate -noappraiser
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="728.1.1103677730\284472323" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 728 "\\.\pipe\gecko-crash-server-pipe.728" plugin
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --proxy-stub-channel=Flash392.683F34F0.18392 --host-broker-channel=Flash392.683F34F0.13767 --host-pid=392 --host-npapi-version=28 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_232.dll"
"C:\Windows\SYSTEM32\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe" --channel=1944.0036F36C.670887674 --proxy-stub-channel=Flash392.683F34F0.18392 --plugin-path="C:\Windows\SYSTEM32\Macromed\Flash\NPSWF32_18_0_0_232.dll" --host-npapi-version=28 --type=renderer

winlogon.exe
"dwm.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
C:\Windows\Explorer.EXE
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
taskhostex.exe
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe"
"C:\Windows\system32\igfxsrvc.exe" -Embedding
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe" /hideui
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe"
"C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe"
szndesktop.exe default start
"C:\Users\Kotyna\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Users\KoulovaA\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\KoulovaA\AppData\Roaming\Mozilla\Firefox\Profiles\j0b6p7mp.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.0]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-14 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-19 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-14 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-19 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-19 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-19 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-02-18 391152]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-02-18 771568]
"Persistence"=C:\Windows\system32\igfxpers.exe [2014-02-18 770544]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-01-14 7510896]
"SimplePass"=C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-03-28 3962936]
"OPBHOBroker"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-03-28 415288]
"OPBHOBrokerDesktop"=C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-03-28 415288]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-13 2803440]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HPMessageService"=C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [2013-10-08 1045304]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-08-14 6109776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2014-02-18 624640]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-19 20:43:26 ----D---- C:\ProgramData\Malwarebytes
2015-08-19 20:34:15 ----A---- C:\Windows\system32\mshtml.dll
2015-08-19 20:34:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-08-19 19:51:24 ----D---- C:\AdwCleaner
2015-08-19 18:06:45 ----D---- C:\Users\KoulovaA\AppData\Roaming\LibreOffice
2015-08-19 17:43:41 ----D---- C:\Program Files\trend micro
2015-08-19 17:43:40 ----D---- C:\rsit
2015-08-16 19:22:21 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 19:22:21 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 20:32:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-14 19:27:13 ----A---- C:\Windows\system32\aswBoot.exe
2015-08-14 19:27:05 ----A---- C:\Windows\avastSS.scr
2015-08-12 20:09:21 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 20:09:19 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2015-08-12 20:09:12 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2015-08-12 20:09:09 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2015-08-12 20:09:09 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2015-08-12 20:09:04 ----A---- C:\Windows\system32\invagent.dll
2015-08-12 20:09:04 ----A---- C:\Windows\system32\generaltel.dll
2015-08-12 20:09:04 ----A---- C:\Windows\system32\appraiser.dll
2015-08-12 20:09:03 ----A---- C:\Windows\system32\devinv.dll
2015-08-12 20:09:03 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-12 20:09:03 ----A---- C:\Windows\system32\aeinv.dll
2015-08-12 20:09:03 ----A---- C:\Windows\system32\acmigration.dll
2015-08-12 20:09:01 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2015-08-12 20:09:01 ----A---- C:\Windows\system32\netcfgx.dll
2015-08-12 20:09:01 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-08-12 20:08:50 ----A---- C:\Windows\system32\drivers\tcpip.sys
2015-08-12 20:08:50 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2015-08-12 19:45:27 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-12 19:45:26 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-08-12 19:45:26 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-08-12 19:45:26 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-12 19:45:26 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 19:45:26 ----A---- C:\Windows\system32\wudriver.dll
2015-08-12 19:45:26 ----A---- C:\Windows\system32\wucltux.dll
2015-08-12 19:45:26 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-12 19:45:26 ----A---- C:\Windows\system32\wuapi.dll
2015-08-12 19:45:25 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-08-12 19:45:25 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-08-12 19:45:25 ----A---- C:\Windows\system32\wuapp.exe
2015-08-12 19:44:32 ----A---- C:\Windows\system32\ieframe.dll
2015-08-12 19:44:31 ----A---- C:\Windows\system32\jscript9.dll
2015-08-12 19:44:30 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-08-12 19:44:29 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-08-12 19:44:28 ----A---- C:\Windows\system32\wininet.dll
2015-08-12 19:44:28 ----A---- C:\Windows\system32\ieui.dll
2015-08-12 19:44:27 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-08-12 19:44:27 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-08-12 19:44:26 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-08-12 19:44:26 ----A---- C:\Windows\system32\urlmon.dll
2015-08-12 19:44:26 ----A---- C:\Windows\system32\actxprxy.dll
2015-08-12 19:44:25 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-08-12 19:44:25 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-12 19:44:25 ----A---- C:\Windows\system32\iertutil.dll
2015-08-12 19:44:24 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-08-12 19:44:24 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-08-12 19:44:24 ----A---- C:\Windows\system32\webcheck.dll
2015-08-12 19:44:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-08-12 19:44:23 ----A---- C:\Windows\system32\vbscript.dll
2015-08-12 19:44:23 ----A---- C:\Windows\system32\jscript.dll
2015-08-12 19:44:23 ----A---- C:\Windows\system32\inetcomm.dll
2015-08-12 19:44:23 ----A---- C:\Windows\system32\iepeers.dll
2015-08-12 19:44:23 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-12 19:44:22 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-08-12 19:44:22 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-08-12 19:44:22 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-08-12 19:43:16 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-08-12 19:43:16 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-08-12 19:43:16 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-12 19:43:16 ----A---- C:\Windows\system32\davclnt.dll
2015-08-12 19:43:11 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-08-12 19:43:11 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-12 19:43:11 ----A---- C:\Windows\system32\ntdll.dll
2015-08-12 19:43:11 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-12 19:43:10 ----A---- C:\Windows\system32\sysmain.dll
2015-08-12 19:42:45 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-12 19:42:44 ----A---- C:\Windows\system32\basesrv.dll
2015-08-12 19:42:42 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-08-12 19:42:42 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-08-12 19:42:42 ----A---- C:\Windows\system32\notepad.exe
2015-08-12 19:42:42 ----A---- C:\Windows\system32\msxml6.dll
2015-08-12 19:42:42 ----A---- C:\Windows\system32\msxml3.dll
2015-08-12 19:42:42 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 19:42:42 ----A---- C:\Windows\notepad.exe
2015-08-12 19:42:41 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-08-12 19:42:41 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-08-12 19:42:41 ----A---- C:\Windows\system32\mstscax.dll
2015-08-12 19:42:40 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-08-12 19:42:40 ----A---- C:\Windows\system32\win32k.sys
2015-08-12 19:42:40 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-12 19:42:39 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-08-12 19:42:39 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-08-12 19:42:39 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-08-12 19:42:39 ----A---- C:\Windows\system32\FntCache.dll
2015-08-12 19:42:39 ----A---- C:\Windows\system32\DWrite.dll
2015-08-12 19:42:39 ----A---- C:\Windows\system32\atmlib.dll
2015-08-12 19:42:39 ----A---- C:\Windows\system32\atmfd.dll

======List of files/folders modified in the last 1 month======

2015-08-20 14:47:04 ----D---- C:\Windows\Prefetch
2015-08-20 14:45:43 ----RD---- C:\Program Files (x86)
2015-08-20 14:45:43 ----D---- C:\Windows\system32\drivers
2015-08-20 14:02:01 ----D---- C:\Windows\system32\sru
2015-08-20 13:42:03 ----D---- C:\Windows\Temp
2015-08-20 13:40:11 ----SHD---- C:\Windows\Installer
2015-08-20 12:18:52 ----D---- C:\Windows\AppReadiness
2015-08-20 12:00:42 ----HD---- C:\Windows\ELAMBKUP
2015-08-19 20:43:26 ----HD---- C:\ProgramData
2015-08-19 20:42:59 ----D---- C:\Windows\system32\config
2015-08-19 20:34:47 ----D---- C:\Windows\WinSxS
2015-08-19 20:34:46 ----D---- C:\Windows\SysWOW64
2015-08-19 20:34:42 ----D---- C:\Windows\CbsTemp
2015-08-19 20:34:33 ----RD---- C:\Windows\System32
2015-08-19 20:34:03 ----SHD---- C:\System Volume Information
2015-08-19 18:05:14 ----HD---- C:\Program Files\WindowsApps
2015-08-19 17:43:41 ----RD---- C:\Program Files
2015-08-18 23:16:17 ----D---- C:\Windows\rescache
2015-08-18 23:15:51 ----D---- C:\Windows\Microsoft.NET
2015-08-18 23:13:01 ----RSD---- C:\Windows\assembly
2015-08-18 23:00:35 ----D---- C:\Windows\system32\DriverStore
2015-08-17 09:40:04 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-16 20:04:36 ----D---- C:\Windows\Inf
2015-08-14 19:27:28 ----D---- C:\Windows\system32\Tasks
2015-08-14 19:27:12 ----D---- C:\Windows
2015-08-13 21:07:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-13 20:56:50 ----D---- C:\Program Files\Internet Explorer
2015-08-13 20:56:50 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-13 20:56:49 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-13 20:56:49 ----D---- C:\Program Files\Windows Defender
2015-08-13 20:56:48 ----SD---- C:\Windows\system32\CompatTel
2015-08-13 20:56:48 ----D---- C:\Windows\system32\appraiser
2015-08-13 20:56:48 ----D---- C:\Windows\apppatch
2015-08-13 20:56:48 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-13 20:56:40 ----D---- C:\Windows\system32\MRT
2015-08-13 20:48:39 ----A---- C:\Windows\system32\MRT.exe
2015-08-12 19:42:17 ----D---- C:\Windows\system32\catroot2
2015-08-08 15:55:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-08-02 01:55:08 ----D---- C:\Windows\system32\catroot
2015-08-01 17:26:07 ----D---- C:\Windows\Panther
2015-08-01 17:16:45 ----HD---- C:\$Windows.~BT
2015-07-25 12:10:36 ----SD---- C:\Windows\system32\GWX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-08-14 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-08-14 274808]
R0 MBI;@oem12.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\Windows\System32\drivers\MBI.sys [2014-01-23 29464]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-08-14 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-08-14 1048344]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-08-14 447944]
R1 CLVirtualDrive;CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [2013-03-05 91712]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-08-14 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-08-14 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-08-14 150672]
R3 clwvd;@oem21.inf,%clwvd.DeviceDesc%;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2014-01-28 41704]
R3 GPIO;@oem14.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\Windows\System32\drivers\iaiogpioe.sys [2013-11-11 31232]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-02-18 4222976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-01-15 3837144]
R3 IntcDAud;@oem7.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-02-18 450520]
R3 iwdbus;@oem10.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2013-12-27 27032]
R3 RSP2STOR;@oem16.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [2014-01-04 291544]
R3 RTL8168;@oem15.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-01-28 839896]
R3 RTWlanE;@oem6.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\Windows\system32\DRIVERS\rtwlane.sys [2014-03-22 3379416]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-13 31472]
R3 SynTP;@oem18.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-12-13 542448]
R3 TXEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2013-11-06 632168]
S3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
S3 dg_ssudbus;@oem22.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 intaud_WaveExtensible;@oem9.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2013-12-27 38296]
S3 SmbDrv;SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2013-12-13 29936]
S3 ssudmdm;@oem24.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 WDC_SAM;@oem40.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-04-30 23200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [2009-11-18 98208]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2014-10-29 38792]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-08-14 146600]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-05-27 2139328]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2014-01-13 92160]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2013-10-08 1039160]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-01 733696]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-07-15 786256]
R2 omniserv; HP SimplePass Service; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [2014-03-28 88064]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-12-23 66872]
R2 PnkBstrB;PnkBstrB; C:\Windows\syswow64\PnkBstrB.exe [2015-01-02 107832]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2014-01-09 290520]
R2 ssinstall;SInstalátor; C:\Windows\SysWOW64\ssins.exe [2015-04-08 2324216]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-18 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11 269000]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-08-10 50784]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-02-18 279024]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-18 116648]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-12-18 194032]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-01 822232]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-14 149160]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-07-07 2004488]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 w3logsvc;@%windir%\system32\inetsrv\iisres.dll,-30014; C:\Windows\system32\svchost.exe [2014-10-29 38792]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2014-10-29 38792]

-----------------EOF-----------------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015
Ran by KoulovaA (administrator) on PC-AJANEK (20-08-2015 14:52:56)
Running from C:\Users\KoulovaA\Desktop
Loaded Profiles: KoulovaA & Kotyna & ajajan (Available Profiles: KoulovaA & Kotyna & ajajan)
Platform: Windows 8.1 Connected (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
() C:\Users\Kotyna\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
() C:\Users\Kotyna\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(forum.viry.cz) C:\Users\KoulovaA\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510896 2014-01-14] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2803440 2013-12-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-14] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2592885859-3292131433-3858698835-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Kotyna\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-2592885859-3292131433-3858698835-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Kotyna\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kotyna\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kotyna\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kotyna\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kotyna\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kotyna\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kotyna\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kotyna\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kotyna\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-04-02] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-14] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2592885859-3292131433-3858698835-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-2592885859-3292131433-3858698835-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
HKU\S-1-5-21-2592885859-3292131433-3858698835-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.search.ask.com/?tpid=ATUSP-SAT&o=AP ... psv=&pt=tb
HKU\S-1-5-21-2592885859-3292131433-3858698835-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HPNTDFJS
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1002 -> DefaultScope {A16B8375-A194-430F-AC0E-03F7EE72D9A8} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1002 -> {097A9339-E635-4D1D-91B9-53C1D2B63A87} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1002 -> {19B9F848-0C34-4607-BDD9-739F047362D8} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1002 -> {1B3DBC27-D6A1-45EF-A14F-C6D88E109C3B} URL = hxxp://www.search.ask.com/web?tpid=ATUSP-SAT&o ... psv=&pt=tb
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1002 -> {540A0B5D-36A8-4F66-9331-37E2CAFAB0A8} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1002 -> {67ADAF9F-78F2-42D8-AF6C-07286CF2D405} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1002 -> {9BFC5A1E-A56F-403A-956C-899DC51419CF} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1002 -> {9F07A403-F77C-4DE0-BD87-F87ECA833576} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1002 -> {A16B8375-A194-430F-AC0E-03F7EE72D9A8} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=Searchmodule_1
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1002 -> {C099FCD3-A8D7-4F40-9E08-BF226956BFCE} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1002 -> {C4339E82-3611-415D-86F8-1FF202B5397F} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1003 -> {8C16AC4B-A796-4017-80E9-727BFC95156B} URL = hxxp://www.search.ask.com/web?tpid=ATUSP-SAT&o ... psv=&pt=tb
SearchScopes: HKU\S-1-5-21-2592885859-3292131433-3858698835-1003 -> {BAAFB6D0-C20B-4FF6-A710-7CCF9E42134D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-14] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-19] (Google Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-14] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-19] (Google Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-19] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-19] (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{30E1B1AE-59C3-4294-937C-04EAAACFA530}: [DhcpNameServer] 10.98.231.66 10.98.0.227
Tcpip\..\Interfaces\{D134968B-B3C4-4016-8BA4-C5BFB74013D3}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\KoulovaA\AppData\Roaming\Mozilla\Firefox\Profiles\j0b6p7mp.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-29] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-07]

Chrome:
=======
CHR Profile: C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-07]
CHR Extension: (Google Docs) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-18]
CHR Extension: (Google Drive) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-18]
CHR Extension: (No Name) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-07-07]
CHR Extension: (No Name) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-07-07]
CHR Extension: (YouTube) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-18]
CHR Extension: (Google Search) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-18]
CHR Extension: (Avast SafePrice) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-06-03]
CHR Extension: (No Name) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-07]
CHR Extension: (Bookmark Manager) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-27]
CHR Extension: (Avast Online Security) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-03]
CHR Extension: (No Name) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-18]
CHR Extension: (No Name) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-07-07]
CHR Extension: (Gmail) - C:\Users\KoulovaA\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-04-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-07]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-14] (AVAST Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2139328 2014-05-27] (Comodo Security Solutions, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-07] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-12-23] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-01-02] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 ssinstall; C:\Windows\SysWOW64\ssins.exe [2324216 2015-04-08] (PS Media s.r.o.)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S5 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [533824 2014-10-07] (Microsoft Corporation)
R5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation)
S5 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S5 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation)
S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices)
S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.)
S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices)
S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-14] (AVAST Software)
R5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-14] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-14] (AVAST Software)
R5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-14] (AVAST Software)
S5 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation)
S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation)
R5 CLFS; C:\Windows\System32\drivers\CLFS.sys [377152 2015-03-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [561928 2015-03-30] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [100192 2013-08-22] (Microsoft Corporation)
S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation)
S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-03-18] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [354112 2014-08-26] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-09-17] (Microsoft Corporation)
S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation)
S5 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [632168 2013-11-06] (Intel Corporation)
S5 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation)
S5 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation)
R5 intelpep; C:\Windows\System32\drivers\intelpep.sys [39744 2014-10-13] (Microsoft Corporation)
S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100672 2014-10-29] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [178008 2015-06-28] (Microsoft Corporation)
S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation)
S5 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation)
S5 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation)
R5 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
S5 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation)
S5 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101720 2015-07-16] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation)
S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [1113944 2015-07-14] (Microsoft Corporation)
S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation)
S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation)
S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [88896 2014-10-15] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [280384 2014-07-24] (Microsoft Corporation)
S5 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation)
S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation)
R5 pdc; C:\Windows\System32\drivers\pdc.sys [86336 2014-10-13] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-03-18] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3379416 2014-03-22] (Realtek Semiconductor Corporation )
S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation)
S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.)
S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-12-13] (Synaptics Incorporated)
R5 spaceport; C:\Windows\System32\drivers\spaceport.sys [415040 2014-10-29] (Microsoft Corporation)
S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.)
R5 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation)
S5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [49944 2014-10-29] (Microsoft Corporation)
S5 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2476376 2015-06-11] (Microsoft Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation)
S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation)
S5 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.)
S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [97048 2014-10-29] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [73568 2013-08-22] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [310080 2014-06-19] (Microsoft Corporation)
S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd)
S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation)
R5 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136512 2014-10-29] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
R5 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-04-26] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-20 14:52 - 2015-08-20 14:53 - 00029588 _____ C:\Users\KoulovaA\Desktop\FRST.txt
2015-08-20 14:50 - 2015-08-20 14:51 - 00112640 _____ (forum.viry.cz) C:\Users\KoulovaA\Desktop\FRSTLauncher.exe
2015-08-20 14:49 - 2015-08-20 14:49 - 02173952 _____ (Farbar) C:\Users\KoulovaA\Desktop\FRST64.exe
2015-08-20 12:41 - 2015-08-20 12:41 - 00001138 _____ C:\Users\KoulovaA\Desktop\1.txt
2015-08-20 10:43 - 2015-08-20 10:44 - 00002760 _____ C:\Users\KoulovaA\Desktop\Textový soubor.txt
2015-08-19 20:43 - 2015-08-19 20:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-19 20:40 - 2015-08-19 20:40 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\KoulovaA\Desktop\mbam-setup-2.1.8.1057.exe
2015-08-19 20:34 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 20:34 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 19:51 - 2015-08-19 20:05 - 00000000 ____D C:\AdwCleaner
2015-08-19 19:50 - 2015-08-19 19:50 - 01585664 _____ C:\Users\KoulovaA\Desktop\adwcleaner_5.002.exe
2015-08-19 19:47 - 2015-08-19 19:48 - 00000194 _____ C:\Users\KoulovaA\Desktop\DiskInfo.ini
2015-08-19 19:47 - 2015-08-19 19:47 - 00000000 ____D C:\Users\KoulovaA\Desktop\Smart
2015-08-19 19:47 - 2015-08-19 19:47 - 00000000 ____D C:\Users\KoulovaA\Desktop\CdiResource
2015-08-19 19:47 - 2012-06-15 14:08 - 01149912 _____ (Crystal Dew World) C:\Users\KoulovaA\Desktop\DiskInfo.exe
2015-08-19 19:38 - 2015-08-19 19:38 - 01496172 _____ C:\Users\KoulovaA\Desktop\CrystalDiskInfo5_0_0.zip
2015-08-19 18:14 - 2015-08-19 18:15 - 01222144 _____ C:\Users\KoulovaA\Downloads\RSITx64.exe
2015-08-19 18:06 - 2015-08-19 18:06 - 00000000 ____D C:\Users\KoulovaA\AppData\Roaming\LibreOffice
2015-08-19 17:56 - 2015-08-19 17:56 - 00000099 ____H C:\Users\Kotyna\Desktop\.~lock.Headway.odt#
2015-08-19 17:43 - 2015-08-20 14:47 - 00000000 ____D C:\Program Files\trend micro
2015-08-19 17:43 - 2015-08-19 17:44 - 00000000 ____D C:\rsit
2015-08-19 17:43 - 2015-08-19 17:43 - 01222144 _____ C:\Users\KoulovaA\Desktop\RSITx64.exe
2015-08-19 17:40 - 2015-08-19 17:40 - 00000000 ____D C:\Users\KoulovaA\AppData\Local\GWX
2015-08-16 19:22 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-16 19:22 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 20:32 - 2015-08-17 09:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-14 20:07 - 2015-08-14 20:15 - 1492742144 _____ C:\Users\Kotyna\Downloads\Vlasy (1979) CZ-dabing - Miloš Forman.avi
2015-08-14 19:59 - 2015-08-14 20:06 - 1073244362 _____ C:\Users\Kotyna\Downloads\Královna-prokletých cz dabing.avi
2015-08-14 19:27 - 2015-08-14 19:27 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-14 19:27 - 2015-08-14 19:27 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-12 20:09 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 20:09 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 20:09 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 20:09 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 20:09 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 20:09 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 20:09 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 20:09 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-12 20:09 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-12 20:09 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-12 20:09 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 20:09 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-12 20:09 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 20:09 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 20:09 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 20:09 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 20:08 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-12 20:08 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 19:45 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 19:45 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 19:45 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 19:45 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 19:45 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 19:45 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 19:45 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 19:45 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 19:45 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 19:45 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 19:45 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 19:45 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 19:44 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 19:44 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 19:44 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 19:44 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 19:44 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 19:44 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 19:44 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-12 19:44 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 19:44 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 19:44 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 19:44 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 19:44 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 19:44 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 19:44 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-12 19:44 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 19:44 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 19:44 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 19:44 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-12 19:44 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 19:44 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 19:44 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 19:44 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 19:44 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 19:44 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 19:44 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-12 19:44 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 19:44 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 19:44 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 19:44 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 19:43 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 19:43 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 19:43 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 19:43 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 19:43 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 19:43 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 19:43 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 19:43 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 19:43 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 19:42 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 19:42 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 19:42 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 19:42 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 19:42 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 19:42 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 19:42 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 19:42 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 19:42 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 19:42 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 19:42 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 19:42 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 19:42 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 19:42 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 19:42 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 19:42 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 19:42 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 19:42 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 19:42 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 19:42 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 19:42 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 19:42 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-11 18:52 - 2015-08-11 18:55 - 529227760 _____ C:\Users\Kotyna\Downloads\Predtucha Premonition (2007).avi
2015-08-09 10:58 - 2015-08-09 11:04 - 842923082 _____ C:\Users\Kotyna\Downloads\MIMONI 2015 CZ DABing dobrá kvalita zvuku.avi
2015-08-09 10:56 - 2015-08-09 11:04 - 685496320 _____ C:\Users\Kotyna\Downloads\Porotci-CZ-2014-vyborny-film.avi
2015-08-09 10:44 - 2015-08-09 10:48 - 736878866 _____ C:\Users\Kotyna\Downloads\Policajt ze sámošky 2 [Paul Blart - Mall Cop 2] (2015) CZ dabing.avi
2015-08-09 10:39 - 2015-08-09 10:44 - 889047312 _____ C:\Users\Kotyna\Downloads\ULIČKA HANBY (2014) CZ DABING komedie.avi
2015-08-08 21:03 - 2015-08-08 21:07 - 734704002 _____ C:\Users\Kotyna\Downloads\Ďáblův advokát (1997).avi
2015-07-27 07:55 - 2015-07-27 07:59 - 777746432 _____ C:\Users\Kotyna\Downloads\Street Dance 2 CZ-dabing (2012) NOVINKA.avi
2015-07-27 07:18 - 2015-07-27 07:24 - 788767702 _____ C:\Users\Kotyna\Downloads\Pach krve 4 Krvavý počátek 2011 CZ Dabing.avi
2015-07-27 07:16 - 2015-07-27 07:25 - 862297568 _____ C:\Users\Kotyna\Downloads\Pach krve 2 - CZ dabing.avi
2015-07-27 06:55 - 2015-07-27 06:59 - 733897762 _____ C:\Users\Kotyna\Downloads\Tanec s vášní Rozbal to! (2008)CZ hudební.avi
2015-07-27 06:38 - 2015-07-27 06:42 - 734015488 _____ C:\Users\Kotyna\Downloads\parodie-na-vse-komedie-2010-cz-dabing.avi
2015-07-26 20:48 - 2015-07-26 20:56 - 1444176620 _____ C:\Users\Kotyna\Downloads\Méďa 2-Ted 2 (2015) CZ titulky NOVINKA.avi
2015-07-24 21:49 - 2015-07-24 22:02 - 733915136 _____ C:\Users\Kotyna\Downloads\Penelope - cz dubing - by brabicek.avi
2015-07-24 21:46 - 2015-07-24 22:02 - 1034991616 _____ C:\Users\Kotyna\Downloads\Jist, meditovat, milovat CZ dabing.avi
2015-07-24 21:45 - 2015-07-24 22:05 - 795103232 _____ C:\Users\Kotyna\Downloads\Nádherné bytosti Beautiful Creatures (2013) CZdub.avi

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-20 14:53 - 2015-07-05 20:46 - 00000000 ____D C:\FRST
2015-08-20 14:50 - 2014-12-20 21:44 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2592885859-3292131433-3858698835-1002
2015-08-20 14:50 - 2014-12-18 14:00 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2592885859-3292131433-3858698835-1001
2015-08-20 14:44 - 2014-12-18 15:10 - 00003986 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CDC825C2-CBD1-4092-A5A5-2D1C7758BAB7}
2015-08-20 14:42 - 2015-03-13 11:41 - 00000000 ____D C:\Users\Kotyna\AppData\Roaming\vlc
2015-08-20 14:41 - 2015-07-08 23:41 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-20 14:02 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-20 13:58 - 2014-12-18 13:54 - 01800568 _____ C:\Windows\WindowsUpdate.log
2015-08-20 13:57 - 2015-07-16 15:52 - 00000980 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-20 13:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-20 13:32 - 2015-04-08 09:34 - 00000000 ____D C:\Users\Kotyna\AppData\Roaming\Seznam.cz
2015-08-20 13:27 - 2015-07-16 15:52 - 00000976 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-20 12:09 - 2014-12-18 13:57 - 00000000 ____D C:\Users\KoulovaA\Documents\Youcam
2015-08-20 12:02 - 2015-04-08 00:04 - 00000000 _____ C:\Windows\SysWOW64\sinstall.log
2015-08-20 12:02 - 2014-03-18 11:44 - 00092660 _____ C:\Windows\PFRO.log
2015-08-20 12:02 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-08-20 12:02 - 2013-08-22 16:46 - 00063382 _____ C:\Windows\setupact.log
2015-08-20 12:02 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-20 12:02 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-08-19 20:34 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-19 20:03 - 2014-12-20 21:43 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1EE0349C-1664-4024-9C18-E82B1E07FDC5}
2015-08-19 18:28 - 2015-03-13 11:41 - 00001093 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-08-19 18:22 - 2014-12-18 22:01 - 00000000 ____D C:\Users\KoulovaA\AppData\Local\Nero
2015-08-19 12:33 - 2014-12-20 21:44 - 00000000 ____D C:\Users\Kotyna\Documents\Youcam
2015-08-18 23:16 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-17 18:14 - 2015-01-01 21:37 - 00000000 ____D C:\Users\Kotyna\AppData\Roaming\Tropico 4
2015-08-17 09:40 - 2015-06-15 12:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-16 17:44 - 2015-06-29 16:40 - 00000000 ____D C:\Users\Kotyna\Downloads\Nové filmy
2015-08-14 19:27 - 2015-04-07 19:12 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-14 19:27 - 2015-04-07 19:11 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-14 19:27 - 2015-04-07 19:11 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-14 19:27 - 2015-04-07 19:11 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-14 19:27 - 2015-04-07 19:11 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-08-14 19:27 - 2015-04-07 19:11 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-08-14 19:27 - 2015-04-07 19:11 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-14 19:27 - 2015-04-07 19:11 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-14 19:27 - 2015-04-07 19:11 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-13 21:07 - 2014-04-26 15:47 - 00768392 _____ C:\Windows\system32\perfh005.dat
2015-08-13 21:07 - 2014-04-26 15:47 - 00166490 _____ C:\Windows\system32\perfc005.dat
2015-08-13 21:07 - 2014-03-18 11:53 - 01883040 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-13 21:00 - 2013-08-22 16:44 - 00405824 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 20:56 - 2014-12-23 00:21 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 20:56 - 2014-12-23 00:21 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 20:56 - 2014-12-22 11:46 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 20:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 20:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 20:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-13 20:56 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-13 20:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-13 20:56 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-13 20:48 - 2014-12-22 11:46 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 19:59 - 2014-12-18 21:47 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-11 22:41 - 2015-07-04 13:23 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-08 15:55 - 2014-12-21 21:03 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2014-12-21 21:03 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 18:10 - 2014-12-20 21:38 - 00000000 ____D C:\Users\Kotyna\AppData\Local\Packages
2015-08-01 17:26 - 2014-04-02 12:25 - 00000000 ____D C:\Windows\Panther
2015-08-01 17:16 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-07-25 12:10 - 2015-04-05 16:23 - 00000000 ___SD C:\Windows\system32\GWX

==================== Files in the root of some directories =======


Some files in TEMP:
====================
C:\Users\Kotyna\AppData\Local\Temp\vlc-2.2.1-win32.exe
C:\Users\Kotyna\AppData\Local\Temp\{D4C337D2-EB80-476F-8E0E-E058242FFE25}-44.0.2403.107_chrome_installer.exe
C:\Users\KoulovaA\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\KoulovaA\Desktop" je 924 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\KoulovaA\Desktop" je 924 MB.

Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku




Otevrete si poznamkovy blok a zkopirujte do nej tento skript Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.