Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosím o kontrolu - otevírá záhadná okna

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
MedaBeda
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 27 lis 2007 14:27
Bydliště: Praha

prosím o kontrolu - otevírá záhadná okna

#1 Příspěvek od MedaBeda »

dobrý den,

tak jsem zase potřebovala něco stáhnout (obyčejný bluetooth) a asi jsem někde přišla k něčemu špatnému, AVG ale nic nenašel

po spuštění prohlížeče se mi místo domovské stránky otevře nějaké blablabla, i když je to jen bílá stránka, a někdy když potřebuju na něco kliknout (před chvílí tady na název tématu), z kurzoru se nestane ručička a po kliknutí se otevře okno s nějakou stránkou (většinou na sázky nebo nějaký download), až napodruhé se mi objeví ručička a už to jde normálně

log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Beda at 2016-03-22 10:10:06
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 38 GB (33%) free of 114 GB
Total RAM: 8140 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:10:07, on 22.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Beda.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://un-stop.net/wpad.dat?70dc15eb86b ... 2d57911997
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
O2 - BHO: (no name) - {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Pin It - {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - C:\Program Files (x86)\Pinterest\Pin It\FrameScript.htm
O9 - Extra 'Tools' menuitem: &Pin It - {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} - C:\Program Files (x86)\Pinterest\Pin It\FrameScript.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} (Web Control) - http://213.168.177.168/web.cab
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14864 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-395a-587e3baa6555 /binaryPath="C:\Program Files (x86)\AVG\Av\\"
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\AVG\Av\avgidsagent.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe"
/TRAYONLY
/fmw.trayonly
"C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\AVG\Av\avgemca.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
WLIDSvcM.exe 3664
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe"
"C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe" -Embedding
ctfmon.exe
"C:\Windows\system32\GWX\GWX.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" -startup
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Internet Explorer\iexplore.exe" "http://trustedsurf.com/?ssid=1458582297 ... b8686d4637"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5788 CREDAT:275457 /prefetch:2
"C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe" /medium
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5788 CREDAT:4076576 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://www.yoursearching.com/?type=sc&t ... 07fc120agn
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.87 --handshake-handle=0xd0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3592.0.1722238566\540754211" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,25,54,64 --gpu-vendor-id=0x10de --gpu-device-id=0x1244 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3592.2.196013426\428326126" /prefetch:1
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3592.5.1621547008\54248793" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3592.6.1310276329\476894006" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/14DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_51/*UMA-Uniformity-Trial-10-Percent/group_03/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_05/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3592.9.1146759383\1785619279" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3592.10.1458243693\539255267" --ppapi-flash-args --lang=cs --device-scale-factor=1 --ignored=" --type=renderer " /prefetch:3
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5788 CREDAT:3748894 /prefetch:2

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5788 CREDAT:2831403 /prefetch:2
"C:\Program Files\totalcmd\TOTALCMD64.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5788 CREDAT:1061947 /prefetch:2
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\System32\svchost.exe -k WerSvcGroup
"E:\DECKO\download\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\0316avUpdateInfo.job - C:\ProgramData\Avg_Update_0316av\0316av_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0316av /INFORETRY=3 /RUNBY=AV
C:\Windows\tasks\1215avUpdateInfo.job - C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe /SETINFO /CMPID=1215av /INFORETRY=3 /RUNBY=AV
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\AutoKMS.job - C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-332784963-1637011244-2087319766-1000Core.job - C:\Users\oem\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-332784963-1637011244-2087319766-1000UA.job - C:\Users\oem\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default

prefs.js - "browser.startup.homepage" - "http://www.vave.biz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.182 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.182 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll


C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\extensions\
deskCutv2@gmail.com

C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\searchplugins\
yoursearching.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-03-04 231120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-03-04 600864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-04 2093872]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-03-04 424224]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-01-16 12445288]
"BLEServicesCtrl"=C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [2013-10-18 184632]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-10-09 7818040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-05-16 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2016-02-12 8641240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NSU_agent]
C:\Program Files (x86)\Nokia\Nokia Software Updater\nsu3ui_agent.exe [2012-02-28 190768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor]
C:\Windows\PixArt\PAC7302\Monitor.exe [2007-12-10 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray]
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STCAgent]
C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZyngaGamesAgent]
C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2011-12-16 133400]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-01-27 291608]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-03-02 25512]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-02-18 179624]
"StatusAlerts"=C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2013-04-18 313656]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma Loader.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux2"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux3"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux4"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux5"=wdmaud.drv
"aux6"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-03-22 10:06:42 ----D---- C:\rsit
2016-03-22 10:06:42 ----D---- C:\Program Files\trend micro
2016-03-21 19:23:52 ----SHD---- C:\Config.Msi
2016-03-21 19:23:48 ----A---- C:\mini-agent.txt
2016-03-21 18:45:46 ----D---- C:\Users\Beda\AppData\Roaming\SpringFiles
2016-03-21 18:45:17 ----D---- C:\Users\Beda\AppData\Roaming\yoursearching
2016-03-21 18:29:34 ----D---- C:\ProgramData\Bluetooth
2016-03-19 16:30:28 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-19 13:08:50 ----A---- C:\Windows\Language_trs.ini
2016-03-19 11:47:49 ----D---- C:\Program Files\AirLive
2016-03-18 17:00:31 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2016-03-18 10:39:07 ----D---- C:\Program Files (x86)\SSD Fresh
2016-03-18 10:34:58 ----ASH---- C:\pagefile.sys
2016-03-18 09:53:35 ----D---- C:\Program Files\CCleaner
2016-03-18 09:47:19 ----D---- C:\Users\Beda\AppData\Roaming\HpUpdate
2016-03-18 09:44:21 ----D---- C:\Users\Beda\AppData\Roaming\Apple Computer
2016-03-16 13:28:55 ----D---- C:\Users\Beda\AppData\Roaming\Thunderbird
2016-03-13 16:08:27 ----D---- C:\Program Files\totalcmd
2016-03-13 15:51:25 ----D---- C:\Users\Beda\AppData\Roaming\WinRAR
2016-03-13 11:54:24 ----A---- C:\Windows\NeroDigital.ini
2016-03-10 21:52:57 ----D---- C:\ProgramData\Avg_Update_0316av
2016-03-10 19:25:06 ----D---- C:\Users\Beda\AppData\Roaming\POP Peeper
2016-03-10 12:34:32 ----D---- C:\Users\Beda\AppData\Roaming\AVS4YOU
2016-03-10 12:33:46 ----D---- C:\Users\Beda\AppData\Roaming\NVIDIA
2016-03-10 12:33:46 ----D---- C:\Users\Beda\AppData\Roaming\NCH Software
2016-03-10 12:33:27 ----D---- C:\Users\Beda\AppData\Roaming\AvitoDvd
2016-03-10 12:33:27 ----D---- C:\Users\Beda\AppData\Roaming\AviDvdBurner
2016-03-10 12:33:14 ----D---- C:\Users\Beda\AppData\Roaming\TeamViewer
2016-03-10 12:29:09 ----D---- C:\Users\Beda\AppData\Roaming\Ahead
2016-03-10 12:28:10 ----D---- C:\Users\Beda\AppData\Roaming\PSpad
2016-03-10 12:27:44 ----D---- C:\Users\Beda\AppData\Roaming\Easy Thumbnails
2016-03-10 12:27:38 ----D---- C:\Users\Beda\AppData\Roaming\mp3DirectCut
2016-03-10 12:06:17 ----D---- C:\Users\Beda\AppData\Roaming\Nokia
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 09:41:28 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 09:41:27 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-03-09 09:41:27 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-03-09 09:41:27 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-03-09 09:41:27 ----A---- C:\Windows\system32\wuwebv.dll
2016-03-09 09:41:27 ----A---- C:\Windows\system32\wups.dll
2016-03-09 09:41:27 ----A---- C:\Windows\system32\wudriver.dll
2016-03-09 09:41:27 ----A---- C:\Windows\system32\wucltux.dll
2016-03-09 09:41:27 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-09 09:41:27 ----A---- C:\Windows\system32\wuapi.dll
2016-03-09 09:41:27 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 09:41:26 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-03-09 09:41:26 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-03-09 09:41:26 ----A---- C:\Windows\system32\wups2.dll
2016-03-09 09:41:26 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-09 09:41:26 ----A---- C:\Windows\system32\wuapp.exe
2016-03-09 09:41:26 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 09:41:26 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-03-09 09:41:25 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-03-09 09:41:25 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-03-09 09:41:25 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-09 09:41:25 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-09 09:41:25 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-03-09 09:41:25 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-09 09:41:24 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-03-09 09:41:24 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 09:41:24 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 09:41:23 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-09 09:41:23 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-09 09:41:23 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-03-09 09:41:23 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-03-09 09:41:23 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 09:41:23 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-03-09 09:41:23 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-09 09:41:23 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-09 09:41:23 ----A---- C:\Windows\system32\inseng.dll
2016-03-09 09:41:23 ----A---- C:\Windows\system32\iernonce.dll
2016-03-09 09:41:23 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-09 09:41:23 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-09 09:41:23 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-09 09:41:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-09 09:41:22 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-09 09:41:22 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-03-09 09:41:22 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 09:41:21 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-09 09:41:21 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-03-09 09:41:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-09 09:41:21 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-03-09 09:41:21 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-03-09 09:41:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-09 09:41:21 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-03-09 09:41:21 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 09:41:21 ----A---- C:\Windows\system32\occache.dll
2016-03-09 09:41:21 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 09:41:21 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 09:41:21 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 09:41:21 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-09 09:41:21 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 09:41:20 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-09 09:41:20 ----A---- C:\Windows\system32\iesetup.dll
2016-03-09 09:41:20 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-09 09:41:19 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-09 09:41:19 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-09 09:41:19 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-03-09 09:41:19 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 09:41:19 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-03-09 09:41:19 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-09 09:41:19 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-03-09 09:41:19 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 09:41:19 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 09:41:18 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-09 09:41:18 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 09:41:18 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 09:41:18 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 09:41:18 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 09:41:18 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 09:41:17 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 09:41:17 ----A---- C:\Windows\system32\webcheck.dll
2016-03-09 09:41:17 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-09 09:41:17 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 09:41:17 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 09:41:16 ----A---- C:\Windows\system32\msrating.dll
2016-03-09 09:41:16 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-09 09:41:16 ----A---- C:\Windows\system32\mshtml.dll
2016-03-09 09:41:10 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-03-09 09:41:10 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 09:41:10 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-03-09 09:41:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-09 09:41:10 ----A---- C:\Windows\system32\ntdll.dll
2016-03-09 09:41:10 ----A---- C:\Windows\system32\KernelBase.dll
2016-03-09 09:41:10 ----A---- C:\Windows\system32\kerberos.dll
2016-03-09 09:41:09 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-03-09 09:41:09 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-03-09 09:41:09 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-03-09 09:41:09 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-03-09 09:41:09 ----A---- C:\Windows\system32\smss.exe
2016-03-09 09:41:09 ----A---- C:\Windows\system32\schannel.dll
2016-03-09 09:41:09 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-09 09:41:09 ----A---- C:\Windows\system32\lsasrv.dll
2016-03-09 09:41:09 ----A---- C:\Windows\system32\kernel32.dll
2016-03-09 09:41:09 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-03-09 09:41:09 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-03-09 09:41:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-03-09 09:41:09 ----A---- C:\Windows\system32\advapi32.dll
2016-03-09 09:41:08 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-03-09 09:41:08 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-03-09 09:41:08 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-03-09 09:41:08 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-03-09 09:41:08 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-03-09 09:41:08 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-03-09 09:41:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-03-09 09:41:08 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-03-09 09:41:08 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-03-09 09:41:08 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\wow64win.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\wow64cpu.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\wow64.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\winsrv.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\wdigest.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\TSpkg.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\sspisrv.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\sspicli.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\srcore.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\srclient.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\secur32.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\rstrui.exe
2016-03-09 09:41:08 ----A---- C:\Windows\system32\ntvdm64.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\ncrypt.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\msv1_0.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\lsass.exe
2016-03-09 09:41:08 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-03-09 09:41:08 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-03-09 09:41:08 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\cryptbase.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\credssp.dll
2016-03-09 09:41:08 ----A---- C:\Windows\system32\conhost.exe
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 09:41:07 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 09:41:07 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-03-09 09:41:07 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-03-09 09:41:07 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-03-09 09:41:07 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-03-09 09:41:07 ----A---- C:\Windows\system32\auditpol.exe
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 09:41:06 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 09:41:06 ----A---- C:\Windows\SYSWOW64\user.exe
2016-03-09 09:41:06 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-03-09 09:41:06 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-03-09 09:41:06 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-03-09 09:41:06 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-03-09 09:41:06 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-03-09 09:41:06 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-03-09 09:41:06 ----A---- C:\Windows\system32\msobjs.dll
2016-03-09 09:41:06 ----A---- C:\Windows\system32\msaudite.dll
2016-03-09 09:41:06 ----A---- C:\Windows\system32\apisetschema.dll
2016-03-09 09:41:06 ----A---- C:\Windows\system32\adtschema.dll
2016-03-09 09:41:02 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-03-09 09:41:02 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-03-09 09:41:02 ----A---- C:\Windows\system32\mfds.dll
2016-03-09 09:41:02 ----A---- C:\Windows\system32\lpk.dll
2016-03-09 09:41:02 ----A---- C:\Windows\system32\fontsub.dll
2016-03-09 09:41:02 ----A---- C:\Windows\system32\dciman32.dll
2016-03-09 09:41:02 ----A---- C:\Windows\system32\atmfd.dll
2016-03-09 09:41:01 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-03-09 09:41:01 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-03-09 09:41:01 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-03-09 09:41:01 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-03-09 09:41:01 ----A---- C:\Windows\system32\wmp.dll
2016-03-09 09:41:01 ----A---- C:\Windows\system32\seclogon.dll
2016-03-09 09:41:01 ----A---- C:\Windows\system32\atmlib.dll
2016-03-09 09:41:00 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-03-09 09:41:00 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-03-09 09:41:00 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-03-09 09:41:00 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-03-09 09:41:00 ----A---- C:\Windows\system32\wmploc.DLL
2016-03-09 09:41:00 ----A---- C:\Windows\system32\spwmp.dll
2016-03-09 09:41:00 ----A---- C:\Windows\system32\dxmasf.dll
2016-03-09 09:40:59 ----A---- C:\Windows\system32\invagent.dll
2016-03-09 09:40:59 ----A---- C:\Windows\system32\generaltel.dll
2016-03-09 09:40:59 ----A---- C:\Windows\system32\devinv.dll
2016-03-09 09:40:59 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-03-09 09:40:59 ----A---- C:\Windows\system32\appraiser.dll
2016-03-09 09:40:59 ----A---- C:\Windows\system32\aeinv.dll
2016-03-09 09:40:59 ----A---- C:\Windows\system32\acmigration.dll
2016-03-08 10:13:07 ----D---- C:\Users\Beda\AppData\Roaming\Skype
2016-03-07 15:28:58 ----D---- C:\Users\Beda\AppData\Roaming\AdobeUM
2016-03-06 19:30:05 ----D---- C:\Users\Beda\AppData\Roaming\Opera Software
2016-03-04 13:43:51 ----D---- C:\Users\Beda\AppData\Roaming\Macromedia
2016-03-04 13:41:22 ----D---- C:\Users\Beda\AppData\Roaming\Mozilla
2016-03-04 13:38:14 ----D---- C:\Users\Beda\AppData\Roaming\Google
2016-03-04 13:31:42 ----D---- C:\Users\Beda\AppData\Roaming\ACD Systems
2016-03-04 13:14:53 ----D---- C:\Users\Beda\AppData\Roaming\GHISLER
2016-03-04 13:04:52 ----D---- C:\Users\Beda\AppData\Roaming\Hewlett-Packard Company
2016-03-04 13:04:43 ----D---- C:\Users\Beda\AppData\Roaming\AVG
2016-03-04 13:04:36 ----D---- C:\Users\Beda\AppData\Roaming\Adobe
2016-03-04 13:04:34 ----D---- C:\Users\Beda\AppData\Roaming\Identities
2016-03-04 13:04:33 ----D---- C:\Users\Beda\AppData\Roaming\PC Suite
2016-03-04 13:04:32 ----SD---- C:\Users\Beda\AppData\Roaming\Microsoft
2016-03-04 13:04:32 ----D---- C:\Users\Beda\AppData\Roaming\TuneUp Software
2016-03-04 13:04:32 ----D---- C:\Users\Beda\AppData\Roaming\Media Center Programs
2016-03-04 12:43:47 ----A---- C:\Windows\system32\drivers\SWDUMon.sys
2016-03-04 11:34:30 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2016-03-04 11:34:02 ----D---- C:\Program Files\Microsoft Office 15
2016-03-03 01:03:31 ----D---- C:\Program Files (x86)\Microsoft OneDrive
2016-03-03 01:03:24 ----D---- C:\ProgramData\Microsoft OneDrive
2016-03-02 10:21:12 ----A---- C:\Windows\system32\drivers\avgmfx64.sys

======List of files/folders modified in the last 1 month======

2016-03-22 10:09:55 ----D---- C:\Windows\Temp
2016-03-22 10:06:42 ----RD---- C:\Program Files
2016-03-22 09:52:38 ----D---- C:\Windows\System32
2016-03-22 09:52:38 ----D---- C:\Windows\inf
2016-03-22 09:52:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-22 09:51:27 ----D---- C:\ProgramData\MFAData
2016-03-22 09:50:27 ----A---- C:\Windows\SYSWOW64\log.txt
2016-03-22 09:48:20 ----D---- C:\ProgramData\NVIDIA
2016-03-22 00:03:42 ----D---- C:\Windows\system32\config
2016-03-21 19:43:27 ----RD---- C:\Program Files (x86)
2016-03-21 19:43:08 ----D---- C:\Windows
2016-03-21 19:42:07 ----D---- C:\Windows\system32\catroot
2016-03-21 19:41:47 ----D---- C:\ProgramData\Adobe
2016-03-21 19:24:02 ----SHD---- C:\Windows\Installer
2016-03-21 19:23:51 ----D---- C:\Windows\system32\DriverStore
2016-03-21 19:23:51 ----D---- C:\Windows\system32\drivers
2016-03-21 19:23:10 ----SHD---- C:\System Volume Information
2016-03-21 19:22:39 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-21 18:43:04 ----D---- C:\Windows\system32\Tasks
2016-03-21 18:29:34 ----HD---- C:\ProgramData
2016-03-21 18:28:26 ----D---- C:\Windows\SysWOW64
2016-03-20 09:10:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-19 13:11:51 ----RD---- C:\Users
2016-03-19 13:09:43 ----D---- C:\Program Files (x86)\Common Files
2016-03-19 13:09:42 ----D---- C:\Windows\winsxs
2016-03-19 12:44:26 ----D---- C:\Program Files (x86)\Intel
2016-03-19 12:37:59 ----D---- C:\Windows\ModemLogs
2016-03-19 11:57:41 ----AD---- C:\ProgramData\TEMP
2016-03-19 11:46:33 ----SHD---- C:\$RECYCLE.BIN
2016-03-18 10:35:46 ----D---- C:\Windows\Prefetch
2016-03-18 10:05:28 ----D---- C:\Program Files (x86)\PDFCreator
2016-03-18 10:05:25 ----D---- C:\Windows\Panther
2016-03-18 10:05:25 ----D---- C:\Windows\Logs
2016-03-18 10:05:25 ----D---- C:\Windows\debug
2016-03-18 09:46:41 ----D---- C:\Windows\Tasks
2016-03-15 19:00:00 ----D---- C:\Program Files (x86)\Microsoft Office
2016-03-12 01:00:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-03-11 08:55:51 ----D---- C:\Windows\system32\catroot2
2016-03-10 19:25:14 ----D---- C:\Program Files (x86)\POP Peeper
2016-03-10 13:24:26 ----D---- C:\Windows\rescache
2016-03-10 10:38:32 ----D---- C:\Windows\Microsoft.NET
2016-03-10 10:37:16 ----RSD---- C:\Windows\assembly
2016-03-10 08:28:23 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-03-10 08:28:23 ----D---- C:\Windows\system32\cs-CZ
2016-03-10 08:28:22 ----D---- C:\Windows\SYSWOW64\en-US
2016-03-10 08:28:22 ----D---- C:\Windows\system32\en-US
2016-03-10 08:28:22 ----D---- C:\Program Files\Internet Explorer
2016-03-10 08:28:21 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-10 08:28:20 ----D---- C:\Windows\AppPatch
2016-03-10 08:28:18 ----D---- C:\Program Files\Windows Media Player
2016-03-10 08:28:18 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-09 23:54:38 ----D---- C:\Windows\system32\MRT
2016-03-09 23:49:05 ----A---- C:\Windows\system32\MRT.exe
2016-03-09 23:49:02 ----D---- C:\Windows\system32\appraiser
2016-03-06 19:34:11 ----D---- C:\Program Files (x86)\Opera
2016-03-05 08:58:42 ----D---- C:\Windows\system32\wdi
2016-03-04 21:47:22 ----RSD---- C:\Windows\Fonts
2016-03-04 13:45:25 ----D---- C:\Program Files (x86)\Google
2016-03-04 11:40:11 ----D---- C:\Program Files (x86)\Microsoft.NET
2016-03-04 11:34:30 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-03-03 00:58:59 ----SD---- C:\ProgramData\Microsoft
2016-03-03 00:27:54 ----D---- C:\ProgramData\Microsoft Help
2016-03-03 00:27:46 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-03-03 00:27:35 ----D---- C:\Program Files (x86)\MSBuild
2016-03-03 00:27:07 ----D---- C:\Windows\ShellNew
2016-03-03 00:27:02 ----N---- C:\Windows\win.ini
2016-03-02 23:21:26 ----D---- C:\Program Files\Common Files
2016-03-02 23:20:42 ----D---- C:\Program Files\Common Files\System
2016-02-27 22:24:23 ----SD---- C:\Windows\SYSWOW64\GWX
2016-02-27 22:24:23 ----SD---- C:\Windows\system32\GWX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-01-26 272304]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2016-02-03 378288]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-03-02 269232]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2015-12-04 42416]
R0 Avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-01-08 23472]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-01-27 16152]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2011-11-02 21616]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-01-26 315312]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2015-10-08 302000]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-01-17 4734440]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-01-27 356120]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-01-27 787736]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-08-11 104560]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-05-10 174184]
R3 PAC7302;PAC7302 VGA USB Camera; C:\Windows\system32\DRIVERS\PAC7302.SYS [2009-04-28 532480]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2009-07-14 11264]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
S0 BTHidEnum;Bluetooth HID Enumerator; C:\Windows\System32\Drivers\vbtenum.sys []
S0 BTHidMgr;Bluetooth HID Manager Service; C:\Windows\System32\Drivers\BTHidMgr.sys []
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys []
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2009-07-14 48768]
S3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys []
S3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys []
S3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys []
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTKRNL;Bluetooth Bus Enumerator; C:\Windows\system32\DRIVERS\btkrnl.sys [2005-12-02 1110272]
S3 btmaux;Intel Bluetooth Auxiliary Service; C:\Windows\system32\DRIVERS\btmaux.sys [2013-07-22 140600]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\Windows\System32\Drivers\btwusb.sys [2005-12-02 62336]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2012-09-15 25640]
S3 GVTDrv64;GVTDrv64; \??\C:\Windows\GVTDrv64.sys [2012-09-15 30528]
S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2009-07-14 61440]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 Ser2pl;Prolific Serial port WDF driver; C:\Windows\system32\DRIVERS\ser2pl64.sys [2013-02-22 160256]
S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2016-03-04 25608]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2016-03-02 3934184]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-02-18 1045928]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2016-03-02 561104]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-10-03 1137016]
R2 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2013-10-09 1689976]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-10-03 1157496]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-02-28 2804976]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-12-04 174592]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-08 607456]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2011-12-16 161560]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-12-16 277784]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-16 363800]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2015-09-10 72704]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-12 269504]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-03-02 604144]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-14 194032]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-19 146888]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2016-02-28 212176]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2016-02-27 5132888]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-29 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-11 139944]
S4 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S4 TeamViewer5;TeamViewer 5; C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2012-07-16 2025368]

-----------------EOF-----------------


předem moc děkuji
Obrázek
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: prosím o kontrolu - otevírá záhadná okna

#2 Příspěvek od Márty84 »

Zdravim :)

Mate crackly office, nebo cely system? :boxed:

:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

:arrow: Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
MedaBeda
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 27 lis 2007 14:27
Bydliště: Praha

Re: prosím o kontrolu - otevírá záhadná okna

#3 Příspěvek od MedaBeda »

pardon že ruším, ale je to možné, že v MBAM jedou už hodinu a půl teprve pre-scan operatons???? :???: nezaseklo se to nějak??? :???:

jinak - NEMÁM!!!! systém je zakoupený jako oem společně s počítačem a Office jsem právě nedávno kupovala nové od czc.cz

ale měla jsem prakticky plný systémový disk (mám dva fyzické disky - C je systém plus programy, E jako datový) a v pc servisu mi řekli, že to můžou vyčistit (to nemohlo stačit, navíc co s tím do budoucna při instalaci nějakých dalších případných programů)anebo bude třeba nový disk, tak jsem rovnou koupila nový disk, vlastně úplně stejný ssd jen s dvojnásobnou kapacitou - a pán mi to na to nějak naklonoval (vůbec tomu nerozumím, ale klon si představuju prostě jako klon)

to vadí????? :???: :???: :?:

jdu dál čekat na ten scan od MBAM
Obrázek
Nahoru
Uživatelský avatar
MedaBeda
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 27 lis 2007 14:27
Bydliště: Praha

Re: prosím o kontrolu - otevírá záhadná okna

#4 Příspěvek od MedaBeda »

P.S.

ale tohle nedělá od toho klonování disku, ale až ode dneška, jak jsem včera instalovala ten BT
Obrázek
Nahoru
Uživatelský avatar
MedaBeda
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 27 lis 2007 14:27
Bydliště: Praha

Re: prosím o kontrolu - otevírá záhadná okna

#5 Příspěvek od MedaBeda »

tak jsem to stopla, opravdu se nějak zasekl, následně to proběhlo celkem rychle

tady je ten AdwCleaner:

# AdwCleaner v5.105 - Logfile created 22/03/2016 at 16:06:56
# Updated 21/03/2016 by Xplode
# Database : 2016-03-21.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Beda - BEDA
# Running from : C:\Users\Beda\Desktop\adwcleaner_5.105.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : swdumon

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[-] Folder Deleted : C:\ProgramData\Avg_Update_0316av
[-] Folder Deleted : C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\enbjgfinbinhckicnbfbmgjhloecioof
[-] Folder Deleted : C:\Users\Beda\AppData\Roaming\yoursearching
[-] Folder Deleted : C:\Users\Beda\AppData\Roaming\SpringFiles
[-] Folder Deleted : C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\extensions\deskCutv2@gmail.com

***** [ Files ] *****

[-] File Deleted : C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\searchplugins\yoursearching.xml
[-] File Deleted : C:\Windows\SysNative\drivers\swdumon.sys

***** [ DLLs ] *****


***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[-] Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[-] Shortcut Disinfected : C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
[-] Shortcut Disinfected : C:\Users\Beda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Scheduled tasks ] *****

[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi

***** [ Registry ] *****

[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Key Deleted : HKLM\SOFTWARE\Classes\PCSuiteContactsView
[-] Key Deleted : HKLM\SOFTWARE\Classes\PCSuiteMessagesView
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B722ED8B-0B38-408E-BB89-260C73BCF3D4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8233093C-178B-484B-979E-3C6B5B147DBC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKCU\Software\SprgFiles
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[-] Key Deleted : HKLM\SOFTWARE\yoursearchingSoftware
[-] Key Deleted : HKLM\SOFTWARE\SprgFiles
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\yoursearching
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{3C8AA4C2-9B2C-4473-A920-B5A03AFBB63B}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{D022B9F6-9016-4981-9095-2B3A4A33ACB6}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{259EF807-EA81-4335-A080-6D1895CB1358}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{EE999EEE-6116-4DF6-9510-0B53F1C640C9}]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\calendarspark.dl.tb.ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com

***** [ Web browsers ] *****

[-] [C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "hxxp://www.yoursearching.com/newtab/?type=nt&t ... 07fc120agn");
[-] [C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\prefs.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\user.js] [Preference] Deleted : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.yoursearching.com/?type=hp&ts=14585 ... 07fc120agn
[-] [C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : enbjgfinbinhckicnbfbmgjhloecioof

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [6751 bytes] - [22/03/2016 16:06:56]
C:\AdwCleaner\AdwCleaner[S1].txt - [7695 bytes] - [22/03/2016 12:56:56]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6897 bytes] ##########


a tady MBAM:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 22.3.2016
Čas skenování: 16:11
Protokol: mbam.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.03.22.06
Databáze rootkitů: v2016.03.12.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Beda

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 624477
Uplynulý čas: 42 min, 8 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 2
PUP.Optional.EasyDriverPro, HKU\S-1-5-21-332784963-1637011244-2087319766-1001\SOFTWARE\PROBIT SOFTWARE\Easy Driver Pro, , [d0fe8bffa9f04ee8c4ea030c1fe5e719],
Trojan.Poweliks.B, HKU\S-1-5-21-332784963-1637011244-2087319766-1001_Classes\WOW6432NODE\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}, , [e2ec761467320135eebd54aee7198b75],

Hodnoty registru: 2
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CONTROLSET001\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, 0http://un-stop.net/wpad.dat?70dc15eb86b7c4b3428c3a58026632d57911997, , [8c42adddb7e248ee040f3e5319ebe61a]
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-332784963-1637011244-2087319766-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://un-stop.net/wpad.dat?70dc15eb86b ... 2d57911997, , [b519ef9b980144f2739f5b36d62e08f8]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 5
PUP.Optional.APNToolBar, C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe, , [04caa4e63b5e7bbb51c066dc58a9dc24],
PUP.Optional.YourSearching, C:\Users\Beda\AppData\Local\Temp\KxEm8HiFNR.exe, , [b21ca1e9e4b587af829ccd780bfaba46],
PUP.Optional.BrowseFox, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Windows\System32\drivers\{67561ace-c443-4c39-9e16-07f6354b97f2}Gw64.sys.vir, , [9d3132582a6fac8a718c55edb1544ab6],
PUP.Optional.BrowseFox, C:\FRST\Quarantine\C\AdwCleaner\Quarantine\C\Windows\System32\drivers\{bdc6addf-3c72-484a-a614-9e470f5bfb74}Gw64.sys.vir, , [26a86b1fe0b98fa7d825fc467d886e92],
RiskWare.Tool.CK, C:\FRST\Quarantine\C\Windows\AutoKMS.exe.xBAD, , [5876b2d83762be78f86bb679e5209769],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Obrázek
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: prosím o kontrolu - otevírá záhadná okna

#6 Příspěvek od Márty84 »

Byl tam aktivni crack na office - pripadne windows, proto ta otazka. Neco cracknute urcite bylo, sam od sebe se tam urcite nedostal :-)


:arrow: Vsechny nalezy MBAM nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte, at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
MedaBeda
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 27 lis 2007 14:27
Bydliště: Praha

Re: prosím o kontrolu - otevírá záhadná okna

#7 Příspěvek od MedaBeda »

aha, no ty minulý Office 2010 jsem měla od známýho, nevím vlastně odkud, klidně to můžeme smazat ať je to kdekoli

tady je ten výsledek:

Malwarebytes Anti-Malware
http://www.malwarebytes.org

Datum skenování: 22.3.2016
Čas skenování: 19:51
Protokol: mbam2.txt
Správce: Ano

Verze: 2.2.1.1043
Databáze malwaru: v2016.03.22.07
Databáze rootkitů: v2016.03.12.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Beda

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 675104
Uplynulý čas: 58 min, 17 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 1
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CONTROLSET001\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, 0http://un-stop.net/wpad.dat?70dc15eb86b7c4b3428c3a58026632d57911997, , [be1191f922776bcb510e31600400f40c]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 4
PUP.Optional.Monetizer, E:\BEDA\Backup Set 2013-03-24 190003\Backup Files 2013-03-24 190003\Backup files 5.zip, , [913eabdf22774ee8e9e983c803ff4bb5],
PUP.Optional.Monetizer, E:\BEDA\Backup Set 2013-04-14 190003\Backup Files 2013-04-14 190003\Backup files 5.zip, , [943b7119ddbcde5818baaaa1cb375aa6],
PUP.Optional.Monetizer, E:\BEDA\Backup Set 2013-05-05 190003\Backup Files 2013-05-05 190003\Backup files 5.zip, , [418e87036f2a91a59b3796b50200ea16],
PUP.Optional.Monetizer, E:\BEDA\Backup Set 2013-05-26 190000\Backup Files 2013-05-26 190000\Backup files 5.zip, , [d1fe5d2d5841a3935b77d972758d1be5],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)
Obrázek
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: prosím o kontrolu - otevírá záhadná okna

#8 Příspěvek od Márty84 »

:arrow: Nalezy nechte odstranit, pak muzete MBAM odinstalovat.

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
MedaBeda
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 27 lis 2007 14:27
Bydliště: Praha

Re: prosím o kontrolu - otevírá záhadná okna

#9 Příspěvek od MedaBeda »

mám problém - nemůžu ten FRSTLauncher ani stáhnout, tvrdí mi že nemám potřebná oprávnění, ale jiný účet administrátorský, nějaký "vyšší" v počítači vůbec není.... ano, antivir jsem ignorovala, v tom to není, jde o ty oprávnění

ale to jsem vlastně tam, kde to celé začalo - nemohla jsem (z CD!!!) nainstalovat svůj BT, tak proto jsem stáhla některé věci z netu a tím se mi sem asi něco dostalo... tam mi to taky tvrdilo, že nemám dostatečná oprávnění k instalaci


P.S.
jinak hlásím, že Chrome a Mozilla už otevírají normální domovskou stránku, ale IE pořád nějakou tu sázecí nebo co, ona je ta stránka bez ničeho, celá bílá, ale v adrese je na konci wordsread.cricket

P.P.S.
a vůbec nedokáže zobrazit Zařízení a tiskárny - nahoře běží věčnost zelený proužek jako by se něco načítalo - a nic
Obrázek
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: prosím o kontrolu - otevírá záhadná okna

#10 Příspěvek od Márty84 »

Dejte log jen ze samotneho FRST, bez pouziti Launcheru :-)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
MedaBeda
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 27 lis 2007 14:27
Bydliště: Praha

Re: prosím o kontrolu - otevírá záhadná okna

#11 Příspěvek od MedaBeda »

tak log FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Beda (administrator) on BEDA (23-03-2016 14:57:49)
Running from C:\Users\Beda\Desktop
Loaded Profiles: Beda (Available Profiles: UpdatusUser & Beda)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_182.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Adobe\Photoshop CS\Photoshop.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-16] (Realtek Semiconductor)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-10-18] (Motorola Solutions, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2011-12-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-27] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-02-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-332784963-1637011244-2087319766-1005\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-332784963-1637011244-2087319766-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2015-09-09]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{10AF1D91-17B6-4B1D-A43A-43AA2E5F15E8}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKU\S-1-5-21-332784963-1637011244-2087319766-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-332784963-1637011244-2087319766-1005 -> DefaultScope {D3EAAE97-A8DA-4061-A0BD-3415687857F2} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-332784963-1637011244-2087319766-1005 -> {D3EAAE97-A8DA-4061-A0BD-3415687857F2} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-03-04] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-03-04] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-03-04] (Microsoft Corporation)
BHO-x32: No Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> No File
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-03-04] (Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
Toolbar: HKU\S-1-5-21-332784963-1637011244-2087319766-1005 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} hxxp://213.168.177.168/web.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-03-04] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default
FF Homepage: hxxp://www.vave.biz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-03-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF user.js: detected! => C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\user.js [2016-03-22]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-19] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.cz/webhp?hl=cs&pli=1
CHR Profile: C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (soulshine) - C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\enbjgfinbinhckicnbfbmgjhloecioof [2016-03-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-09-10] (Adobe Systems) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-28] (Microsoft Corporation)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
S3 BTKRNL; C:\Windows\System32\DRIVERS\btkrnl.sys [1110272 2005-12-02] (Broadcom Corporation.) [File not signed]
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
S3 BTWUSB; C:\Windows\System32\Drivers\btwusb.sys [62336 2005-12-02] (Broadcom Corporation.) [File not signed]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-09-15] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [532480 2009-04-28] (PixArt Imaging Inc.)
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 AthBTPort; system32\DRIVERS\btath_flt.sys [X]
S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X]
S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X]
S3 BT; system32\DRIVERS\btnetdrv.sys [X]
S3 BTATH_A2DP; system32\drivers\btath_a2dp.sys [X]
S3 BTATH_BUS; system32\DRIVERS\btath_bus.sys [X]
S3 BTATH_HCRP; system32\DRIVERS\btath_hcrp.sys [X]
S3 BTATH_LWFLT; system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; system32\DRIVERS\btath_rcp.sys [X]
S3 Btcsrusb; System32\Drivers\btcusb.sys [X]
S0 BTHidEnum; System32\Drivers\vbtenum.sys [X]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X]
S3 VComm; system32\DRIVERS\VComm.sys [X]
S3 VcommMgr; System32\Drivers\VcommMgr.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-23 14:57 - 2016-03-23 14:57 - 00021448 _____ C:\Users\Beda\Desktop\FRST.txt
2016-03-23 09:56 - 2016-03-23 09:56 - 00000000 _____ C:\Users\Beda\Desktop\FRSTLauncher.exe.bxpuwqd.partial
2016-03-23 09:56 - 2016-03-23 09:56 - 00000000 _____ C:\Users\Beda\Desktop\FRSTLauncher.exe.7vt5l6k.partial
2016-03-23 09:55 - 2016-03-23 09:55 - 02374144 _____ (Farbar) C:\Users\Beda\Desktop\FRST64.exe
2016-03-22 21:17 - 2016-03-22 21:17 - 00001902 _____ C:\Users\Beda\Desktop\mbam2.txt
2016-03-22 17:18 - 2016-03-22 17:18 - 00002598 _____ C:\Users\Beda\Desktop\mbam.txt
2016-03-22 13:03 - 2016-03-22 13:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-22 12:56 - 2016-03-22 16:06 - 00000000 ____D C:\AdwCleaner
2016-03-22 12:55 - 2016-03-22 12:55 - 01530368 _____ C:\Users\Beda\Desktop\adwcleaner_5.105.exe
2016-03-22 12:00 - 2016-03-22 12:00 - 00757404 _____ C:\Users\Beda\Downloads\muj_pes_modra.pdf
2016-03-22 10:06 - 2016-03-22 10:10 - 00000000 ____D C:\Program Files\trend micro
2016-03-22 10:06 - 2016-03-22 10:07 - 00000000 ____D C:\rsit
2016-03-21 19:23 - 2016-03-21 19:23 - 00000029 _____ C:\mini-agent.txt
2016-03-21 18:43 - 2016-03-21 18:43 - 00002984 _____ C:\Windows\System32\Tasks\{51B48FED-EE84-43BA-9E9E-77665D0A7BEE}
2016-03-21 18:41 - 2016-03-21 18:41 - 00003184 _____ C:\Windows\System32\Tasks\{9F9AEBA5-EB03-45C8-BEBB-9F06967D703E}
2016-03-21 18:29 - 2016-03-21 19:22 - 00000000 ____D C:\ProgramData\Bluetooth
2016-03-21 18:29 - 2016-03-21 18:29 - 00000000 ____D C:\Users\Beda\Documents\Bluetooth
2016-03-21 18:28 - 2016-03-21 19:22 - 00000032 _____ C:\Windows\0
2016-03-21 18:28 - 2016-03-21 18:28 - 00000000 _____ C:\Windows\SysWOW64\0
2016-03-21 18:27 - 2016-03-21 18:27 - 00003110 _____ C:\Windows\System32\Tasks\{D939A442-ADFF-41C8-8AA5-3985439E57EF}
2016-03-21 14:33 - 2016-03-21 18:43 - 00000000 ____D C:\Users\Beda\AppData\Local\ElevatedDiagnostics
2016-03-21 14:27 - 2016-03-21 14:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf
2016-03-19 16:30 - 2016-03-19 16:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-19 13:16 - 2016-03-19 13:16 - 00000000 ____D C:\Users\Public\Documents\Atheros
2016-03-19 13:15 - 2016-03-19 13:15 - 00000000 ____D C:\Users\Beda\AppData\Local\BMExplorer
2016-03-19 13:11 - 2016-03-21 09:00 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2016-03-19 13:09 - 2016-03-21 18:28 - 00000000 ____D C:\Users\Beda\Documents\Bluetooth Folder
2016-03-19 13:08 - 2016-03-19 13:09 - 00001769 _____ C:\Windows\Language_trs.ini
2016-03-19 12:44 - 2016-03-19 12:44 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_btmaux_01009.Wdf
2016-03-19 12:44 - 2016-03-19 12:44 - 00000000 ____D C:\Users\Beda\Documents\Moje přijaté soubory
2016-03-19 11:47 - 2016-03-19 11:47 - 00000000 ____D C:\Program Files\AirLive
2016-03-19 11:46 - 2016-03-21 09:01 - 00000000 ____D C:\Users\Meda Beda
2016-03-19 11:15 - 2016-03-19 11:15 - 00002986 _____ C:\Windows\System32\Tasks\{F29D9CB9-AA93-457E-B3C8-BB5055F5B529}
2016-03-19 11:15 - 2016-03-19 11:15 - 00002986 _____ C:\Windows\System32\Tasks\{4E39091A-FD7E-4ED6-9408-0AEA3C10E58B}
2016-03-18 22:45 - 2016-03-18 22:48 - 00699801 _____ C:\Users\Beda\Desktop\litanie.psd
2016-03-18 22:30 - 2016-03-18 22:53 - 00000323 _____ C:\Users\Beda\Desktop\litanie.txt
2016-03-18 17:00 - 2016-03-18 17:00 - 00001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2016-03-18 17:00 - 2016-03-18 17:00 - 00001209 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2016-03-18 17:00 - 2016-03-18 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-03-18 15:51 - 2016-03-18 15:51 - 00001769 _____ C:\Users\Beda\Desktop\Acrobat.lnk
2016-03-18 10:39 - 2016-03-18 10:39 - 00001014 _____ C:\Users\Public\Desktop\SSD Fresh.lnk
2016-03-18 10:39 - 2016-03-18 10:39 - 00000000 ____D C:\Users\Beda\AppData\Local\Abelssoft
2016-03-18 10:39 - 2016-03-18 10:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSD Fresh
2016-03-18 10:39 - 2016-03-18 10:39 - 00000000 ____D C:\Program Files (x86)\SSD Fresh
2016-03-18 10:38 - 2016-03-18 10:38 - 02563264 _____ (Abelssoft ) C:\Users\Beda\Downloads\ssdfresh.exe
2016-03-18 09:53 - 2016-03-18 09:53 - 06837784 _____ (Piriform Ltd) C:\Users\Beda\Downloads\ccsetup515.exe
2016-03-18 09:53 - 2016-03-18 09:53 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-03-18 09:53 - 2016-03-18 09:53 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-18 09:53 - 2016-03-18 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-18 09:53 - 2016-03-18 09:53 - 00000000 ____D C:\Program Files\CCleaner
2016-03-18 09:47 - 2016-03-18 09:47 - 00000000 ____D C:\Users\Beda\AppData\Roaming\HpUpdate
2016-03-18 09:44 - 2016-03-18 09:44 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Apple Computer
2016-03-18 09:43 - 2016-03-18 09:43 - 00004202 _____ C:\Users\Beda\AppData\default.pls
2016-03-18 09:43 - 2016-03-18 09:43 - 00000000 ____D C:\Users\Beda\AppData\Local\Ahead
2016-03-16 13:28 - 2016-03-16 13:28 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Thunderbird
2016-03-16 13:28 - 2016-03-16 13:28 - 00000000 ____D C:\Users\Beda\AppData\Local\Thunderbird
2016-03-13 21:41 - 2016-03-22 12:16 - 00000000 ____D C:\Users\Beda\AppData\Local\CrashDumps
2016-03-13 16:08 - 2016-03-19 12:35 - 00000000 ____D C:\Program Files\totalcmd
2016-03-13 16:08 - 2016-03-13 16:08 - 00000852 _____ C:\Users\Public\Desktop\Total Commander 64 bit.lnk
2016-03-13 16:08 - 2016-03-13 16:08 - 00000838 _____ C:\Users\Public\Desktop\Total Commander.lnk
2016-03-13 16:08 - 2016-03-13 16:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2016-03-13 15:51 - 2016-03-13 15:51 - 00000000 ____D C:\Users\Beda\AppData\Roaming\WinRAR
2016-03-13 11:54 - 2016-03-20 16:05 - 00000069 _____ C:\Windows\NeroDigital.ini
2016-03-10 21:52 - 2016-03-10 21:52 - 00002456 _____ C:\Windows\System32\Tasks\0316avUpdateInfo
2016-03-10 21:52 - 2016-03-10 21:52 - 00000340 _____ C:\Windows\Tasks\0316avUpdateInfo.job
2016-03-10 19:25 - 2016-03-21 19:41 - 00000000 ____D C:\Users\Beda\AppData\Roaming\POP Peeper
2016-03-10 12:34 - 2016-03-10 12:34 - 00000000 ____D C:\Users\Beda\AppData\Roaming\AVS4YOU
2016-03-10 12:33 - 2016-03-10 12:33 - 00000000 ____D C:\Users\Beda\AppData\Roaming\TeamViewer
2016-03-10 12:33 - 2016-03-10 12:33 - 00000000 ____D C:\Users\Beda\AppData\Roaming\NVIDIA
2016-03-10 12:33 - 2016-03-10 12:33 - 00000000 ____D C:\Users\Beda\AppData\Roaming\NCH Software
2016-03-10 12:33 - 2016-03-10 12:33 - 00000000 ____D C:\Users\Beda\AppData\Roaming\AvitoDvd
2016-03-10 12:33 - 2016-03-10 12:33 - 00000000 ____D C:\Users\Beda\AppData\Roaming\AviDvdBurner
2016-03-10 12:29 - 2016-03-10 12:29 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Ahead
2016-03-10 12:28 - 2016-03-10 12:28 - 00000000 ____D C:\Users\Beda\AppData\Roaming\PSpad
2016-03-10 12:28 - 2016-03-10 12:28 - 00000000 ____D C:\Users\Beda\AppData\Local\HP
2016-03-10 12:27 - 2016-03-10 12:27 - 00000000 ____D C:\Users\Beda\AppData\Roaming\mp3DirectCut
2016-03-10 12:27 - 2016-03-10 12:27 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Easy Thumbnails
2016-03-10 12:27 - 2016-03-10 12:27 - 00000000 ____D C:\Users\Beda\AppData\Local\Paint.NET
2016-03-10 12:06 - 2016-03-10 12:22 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Nokia
2016-03-09 16:12 - 2016-03-09 16:12 - 00113615 _____ C:\Users\Beda\Downloads\5547_1.pdf
2016-03-09 09:41 - 2016-02-12 19:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 09:41 - 2016-02-12 19:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 09:41 - 2016-02-12 19:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 09:41 - 2016-02-12 19:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 09:41 - 2016-02-12 19:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 09:41 - 2016-02-12 19:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 09:41 - 2016-02-12 19:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 09:41 - 2016-02-12 19:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 09:41 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 09:41 - 2016-02-12 19:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 09:41 - 2016-02-12 19:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 09:41 - 2016-02-12 19:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 09:41 - 2016-02-12 19:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 09:41 - 2016-02-12 19:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 09:41 - 2016-02-12 19:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 09:41 - 2016-02-12 19:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 09:41 - 2016-02-11 19:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 09:41 - 2016-02-11 19:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 09:41 - 2016-02-11 19:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 09:41 - 2016-02-11 19:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 09:41 - 2016-02-11 19:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 09:41 - 2016-02-11 19:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 09:41 - 2016-02-11 19:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 09:41 - 2016-02-11 19:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 09:41 - 2016-02-11 19:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 09:41 - 2016-02-11 19:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 09:41 - 2016-02-11 19:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 09:41 - 2016-02-11 19:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 09:41 - 2016-02-11 19:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 09:41 - 2016-02-11 19:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 09:41 - 2016-02-11 19:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 09:41 - 2016-02-11 19:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 09:41 - 2016-02-11 19:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 09:41 - 2016-02-11 19:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 09:41 - 2016-02-11 19:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 09:41 - 2016-02-11 19:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 09:41 - 2016-02-11 19:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 09:41 - 2016-02-11 19:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 09:41 - 2016-02-11 19:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 09:41 - 2016-02-11 19:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 09:41 - 2016-02-11 19:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 09:41 - 2016-02-11 19:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 09:41 - 2016-02-11 19:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 09:41 - 2016-02-11 19:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 09:41 - 2016-02-11 19:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 09:41 - 2016-02-11 19:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 09:41 - 2016-02-11 19:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 09:41 - 2016-02-11 19:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 09:41 - 2016-02-11 19:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 09:41 - 2016-02-11 19:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 09:41 - 2016-02-11 19:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 09:41 - 2016-02-11 19:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 09:41 - 2016-02-11 19:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 09:41 - 2016-02-11 19:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 09:41 - 2016-02-11 19:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 09:41 - 2016-02-11 19:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 09:41 - 2016-02-11 19:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 09:41 - 2016-02-11 19:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 09:41 - 2016-02-11 19:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 09:41 - 2016-02-11 19:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 09:41 - 2016-02-11 19:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 09:41 - 2016-02-11 19:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 18:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 09:41 - 2016-02-11 18:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 09:41 - 2016-02-11 18:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 09:41 - 2016-02-11 18:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 09:41 - 2016-02-11 18:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 09:41 - 2016-02-11 18:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 09:41 - 2016-02-11 18:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 09:41 - 2016-02-11 18:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 09:41 - 2016-02-11 18:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 09:41 - 2016-02-11 18:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 09:41 - 2016-02-11 18:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 09:41 - 2016-02-11 18:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 09:41 - 2016-02-11 18:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 09:41 - 2016-02-11 18:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 09:41 - 2016-02-11 18:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 18:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 18:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 09:41 - 2016-02-11 18:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 09:41 - 2016-02-09 10:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 09:41 - 2016-02-09 10:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 09:41 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 09:41 - 2016-02-09 10:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 09:41 - 2016-02-09 10:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 09:41 - 2016-02-09 10:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 09:41 - 2016-02-09 10:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 09:41 - 2016-02-09 10:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 09:41 - 2016-02-09 10:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 09:41 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 09:41 - 2016-02-09 10:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 09:41 - 2016-02-09 07:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 09:41 - 2016-02-09 07:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 09:41 - 2016-02-08 22:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 09:41 - 2016-02-08 21:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 09:41 - 2016-02-08 21:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 09:41 - 2016-02-08 21:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 09:41 - 2016-02-08 21:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 09:41 - 2016-02-08 21:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 09:41 - 2016-02-08 21:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 09:41 - 2016-02-08 21:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 09:41 - 2016-02-08 21:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 09:41 - 2016-02-08 21:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 09:41 - 2016-02-08 21:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 09:41 - 2016-02-08 21:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 09:41 - 2016-02-08 21:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 09:41 - 2016-02-08 21:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 09:41 - 2016-02-08 21:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 09:41 - 2016-02-08 21:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 09:41 - 2016-02-08 21:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 09:41 - 2016-02-08 21:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 09:41 - 2016-02-08 21:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 09:41 - 2016-02-08 21:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 09:41 - 2016-02-08 21:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 09:41 - 2016-02-08 21:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 09:41 - 2016-02-08 21:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 09:41 - 2016-02-08 21:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 09:41 - 2016-02-08 21:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 09:41 - 2016-02-08 21:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 09:41 - 2016-02-08 21:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 09:41 - 2016-02-08 21:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 09:41 - 2016-02-08 20:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 09:41 - 2016-02-08 20:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 09:41 - 2016-02-08 20:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 09:41 - 2016-02-08 19:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 09:41 - 2016-02-08 19:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 09:41 - 2016-02-08 19:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 09:41 - 2016-02-08 19:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 09:41 - 2016-02-08 19:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 09:41 - 2016-02-08 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 09:41 - 2016-02-08 19:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 09:41 - 2016-02-08 19:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 09:41 - 2016-02-08 19:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 09:41 - 2016-02-08 19:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 09:41 - 2016-02-08 19:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 09:41 - 2016-02-08 19:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 09:41 - 2016-02-08 19:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 09:41 - 2016-02-08 19:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 09:41 - 2016-02-08 19:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 09:41 - 2016-02-08 19:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 09:41 - 2016-02-08 19:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 09:41 - 2016-02-08 19:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 09:41 - 2016-02-08 18:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 09:41 - 2016-02-08 18:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 09:41 - 2016-02-08 18:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 09:41 - 2016-02-08 18:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 09:41 - 2016-02-08 18:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 09:41 - 2016-02-08 18:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 09:41 - 2016-02-08 18:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 09:41 - 2016-02-08 18:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 09:41 - 2016-02-08 18:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 09:41 - 2016-02-08 18:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 09:41 - 2016-02-08 18:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 09:41 - 2016-02-08 18:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 09:41 - 2016-02-08 18:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 09:41 - 2016-02-08 18:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 09:41 - 2016-02-08 17:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 09:41 - 2016-02-05 19:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 09:41 - 2016-02-05 19:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 09:41 - 2016-02-05 19:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 09:41 - 2016-02-05 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 09:41 - 2016-02-05 19:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 09:41 - 2016-02-05 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 09:41 - 2016-02-05 19:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 09:41 - 2016-02-05 18:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 09:41 - 2016-02-05 18:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 09:41 - 2016-02-05 18:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 09:41 - 2016-02-05 02:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 09:41 - 2016-02-04 19:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-09 09:41 - 2016-02-04 18:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 09:41 - 2016-02-03 19:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 09:41 - 2016-02-03 19:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 09:41 - 2016-02-03 19:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 09:41 - 2016-02-03 19:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 09:41 - 2016-02-03 19:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 09:41 - 2016-01-11 20:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 09:41 - 2015-11-19 15:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 09:41 - 2015-11-19 15:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 09:40 - 2016-02-19 20:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 09:40 - 2016-02-19 19:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 09:40 - 2016-02-19 15:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 09:40 - 2016-02-11 15:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 09:40 - 2016-02-05 15:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 09:40 - 2016-02-05 15:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 09:40 - 2016-02-05 15:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-08 10:13 - 2016-03-20 21:22 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Skype
2016-03-08 10:13 - 2016-03-08 10:13 - 00000000 ____D C:\Users\Beda\Tracing
2016-03-07 23:55 - 2016-03-07 23:55 - 00003126 _____ C:\Windows\System32\Tasks\{FE8FAAFA-71ED-478A-9DB5-FDC7B7A7FEE9}
2016-03-07 15:28 - 2016-03-07 15:28 - 00000000 ____D C:\Users\Beda\AppData\Roaming\AdobeUM
2016-03-07 15:25 - 2016-03-07 15:25 - 00003160 _____ C:\Windows\System32\Tasks\{F960936F-99FA-4864-9D7F-E8E59327B0DF}
2016-03-06 19:32 - 2016-03-06 19:32 - 00000000 ____D C:\Users\Beda\AppData\Local\Adobe
2016-03-06 19:31 - 2016-03-06 19:31 - 00209646 _____ C:\Users\Beda\Downloads\Faktura_BEE_VS_1611054296_vystaveno_18022016.pdf
2016-03-06 19:30 - 2016-03-06 19:34 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Opera Software
2016-03-05 09:02 - 2016-03-05 09:02 - 00000000 ____D C:\Users\Beda\AppData\Local\GWX
2016-03-04 13:45 - 2016-03-22 16:06 - 00001298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-04 13:45 - 2016-03-22 16:06 - 00001286 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-04 13:43 - 2016-03-04 13:43 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Macromedia
2016-03-04 13:43 - 2016-03-04 13:43 - 00000000 ____D C:\Users\Beda\AppData\Local\Macromedia
2016-03-04 13:41 - 2016-03-04 13:47 - 00000000 ____D C:\Users\Beda\AppData\Local\Mozilla
2016-03-04 13:41 - 2016-03-04 13:41 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Mozilla
2016-03-04 13:38 - 2016-03-05 09:28 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Google
2016-03-04 13:38 - 2016-03-05 09:02 - 00000000 ____D C:\Users\Beda\AppData\Local\Google
2016-03-04 13:31 - 2016-03-04 13:31 - 00000000 ____D C:\Users\Beda\AppData\Roaming\ACD Systems
2016-03-04 13:23 - 2016-03-06 19:34 - 00000000 ____D C:\Users\Beda\AppData\Local\Opera Software
2016-03-04 13:23 - 2016-03-04 13:23 - 00000000 ____D C:\Users\Beda\AppData\Local\AVG Netherlands BV
2016-03-04 13:21 - 2016-03-04 13:21 - 00000000 ____D C:\Users\Beda\AppData\Local\GHISLER
2016-03-04 13:14 - 2016-03-13 16:08 - 00000000 ____D C:\Users\Beda\AppData\Roaming\GHISLER
2016-03-04 13:04 - 2016-03-23 12:09 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Adobe
2016-03-04 13:04 - 2016-03-21 18:45 - 00001607 _____ C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-04 13:04 - 2016-03-19 12:07 - 00000000 ____D C:\Users\Beda
2016-03-04 13:04 - 2016-03-16 19:05 - 00000000 ____D C:\Users\Beda\AppData\Local\Microsoft Help
2016-03-04 13:04 - 2016-03-13 21:28 - 00000000 ____D C:\Users\Beda\AppData\Local\Avg
2016-03-04 13:04 - 2016-03-10 12:25 - 00000000 ____D C:\Users\Beda\AppData\Local\VirtualStore
2016-03-04 13:04 - 2016-03-10 12:22 - 00000000 ____D C:\Users\Beda\AppData\Roaming\PC Suite
2016-03-04 13:04 - 2016-03-04 13:04 - 00000020 ___SH C:\Users\Beda\ntuser.ini
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\Šablony
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\Soubory cookie
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\Poslední
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\Okolní tiskárny
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\Okolní síť
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\Nabídka Start
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\Dokumenty
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\Documents\Obrázky
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\Documents\Hudba
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\Documents\Filmy
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\Data aplikací
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 _SHDL C:\Users\Beda\AppData\Local\Data aplikací
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 ___RD C:\Users\Beda\Virtual Machines
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Hewlett-Packard Company
2016-03-04 13:04 - 2016-03-04 13:04 - 00000000 ____D C:\Users\Beda\AppData\Roaming\AVG
2016-03-04 13:04 - 2016-03-04 12:29 - 00226336 _____ C:\Users\Beda\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-04 13:04 - 2016-03-03 01:03 - 00002124 _____ C:\Users\Beda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-03-04 13:04 - 2015-10-09 08:02 - 00000000 ____D C:\Users\Beda\AppData\Roaming\TuneUp Software
2016-03-04 13:04 - 2011-04-12 09:45 - 00000000 ____D C:\Users\Beda\AppData\Roaming\Media Center Programs
2016-03-04 12:43 - 2016-03-04 12:43 - 00002497 _____ C:\Users\Public\Desktop\AVG Driver Updater.lnk
2016-03-04 12:43 - 2016-03-04 12:43 - 00000000 ____D C:\Users\Public\Documents\Downloaded Installers
2016-03-04 12:10 - 2016-03-04 12:10 - 00129326 _____ C:\Users\Beda\Documents\test.pdf
2016-03-04 11:34 - 2016-03-04 11:40 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-04 11:34 - 2016-03-04 11:34 - 00002482 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-03-04 11:34 - 2016-03-04 11:34 - 00002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-03-04 11:34 - 2016-03-04 11:34 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-03-04 11:34 - 2016-03-04 11:34 - 00002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-03-04 11:34 - 2016-03-04 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2016-03-04 11:34 - 2016-03-04 11:34 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-03-03 19:20 - 2016-03-03 19:20 - 00000000 ____D C:\Users\Beda\Documents\Vlastní šablony Office
2016-03-03 01:07 - 2016-03-03 01:07 - 00000000 ____D C:\Users\Beda\Documents\Poznámkové bloky aplikace OneNote
2016-03-03 01:03 - 2016-03-03 01:03 - 00002124 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-03-03 01:03 - 2016-03-03 01:03 - 00002124 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-03-03 01:03 - 2016-03-03 01:03 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-03-03 01:03 - 2016-03-03 01:03 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-03-02 23:41 - 2016-03-23 09:49 - 00000260 _____ C:\Windows\Tasks\AutoKMS.job
2016-03-02 23:41 - 2016-03-02 23:41 - 00002890 _____ C:\Windows\System32\Tasks\AutoKMS
2016-03-02 10:21 - 2016-03-02 10:21 - 00269232 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-23 14:57 - 2015-01-29 09:05 - 00000000 ____D C:\FRST
2016-03-23 14:52 - 2015-02-05 19:15 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-332784963-1637011244-2087319766-1000UA.job
2016-03-23 14:28 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-23 14:28 - 2009-07-14 05:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-23 14:23 - 2015-02-04 17:41 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-23 14:23 - 2015-02-04 17:41 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-23 12:09 - 2012-08-29 20:01 - 00000000 ____D C:\ProgramData\Adobe
2016-03-23 10:52 - 2015-02-05 19:15 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-332784963-1637011244-2087319766-1000Core.job
2016-03-23 09:53 - 2011-04-12 09:34 - 00670674 _____ C:\Windows\system32\perfh005.dat
2016-03-23 09:53 - 2011-04-12 09:34 - 00142286 _____ C:\Windows\system32\perfc005.dat
2016-03-23 09:53 - 2009-07-14 06:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-23 09:53 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-23 09:51 - 2012-08-29 19:47 - 00000000 ____D C:\ProgramData\MFAData
2016-03-23 09:49 - 2012-08-23 11:41 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-23 09:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-22 19:47 - 2016-01-07 18:25 - 00000000 ____D C:\Windows\Hewlett-Packard
2016-03-22 16:06 - 2012-08-30 15:11 - 00001067 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-22 16:06 - 2012-08-30 15:11 - 00001055 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-21 18:45 - 2015-01-30 21:15 - 00001835 _____ C:\Users\Beda\Desktop\iexplorer.lnk
2016-03-20 09:10 - 2012-08-30 15:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-19 12:44 - 2012-08-23 11:46 - 00000000 ____D C:\Program Files (x86)\Intel
2016-03-19 12:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\ModemLogs
2016-03-19 11:57 - 2012-11-06 08:27 - 00000000 ____D C:\ProgramData\TEMP
2016-03-18 15:11 - 2012-08-23 17:28 - 00000000 ____D C:\Users\oem
2016-03-18 10:05 - 2014-09-12 08:24 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2016-03-18 10:05 - 2012-08-23 18:20 - 00000000 ____D C:\Windows\Panther
2016-03-18 09:52 - 2015-09-09 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2016-03-18 09:52 - 2015-09-09 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre Studio X
2016-03-18 09:52 - 2015-01-07 09:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Related Programs
2016-03-18 09:52 - 2013-01-19 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-03-18 09:46 - 2012-09-01 12:39 - 00001912 _____ C:\Windows\epplauncher.mif
2016-03-16 16:10 - 2013-06-27 17:41 - 00000000 ____D C:\Users\Beda\dwhelper
2016-03-15 19:00 - 2015-08-19 12:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-03-13 11:54 - 2009-07-14 05:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-12 02:00 - 2015-02-04 21:00 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-12 01:00 - 2012-09-15 11:06 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-12 01:00 - 2012-09-15 11:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-12 01:00 - 2012-09-15 11:06 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-11 17:55 - 2015-10-22 08:33 - 00000936 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-03-11 17:55 - 2015-09-09 17:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-03-10 19:25 - 2014-10-17 07:56 - 00000000 ____D C:\Program Files (x86)\POP Peeper
2016-03-10 13:24 - 2016-02-11 11:07 - 00000000 ____D C:\Windows\rescache
2016-03-10 08:30 - 2015-10-03 11:44 - 00002309 _____ C:\Users\Beda\Desktop\mp3 DirectCut.lnk
2016-03-10 08:29 - 2009-07-14 05:45 - 02712368 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-09 23:54 - 2013-07-23 19:30 - 00000000 ____D C:\Windows\system32\MRT
2016-03-09 23:49 - 2014-12-11 08:41 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-09 23:49 - 2012-09-01 12:51 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-06 19:34 - 2014-09-12 08:24 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-06 12:07 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-03-04 21:46 - 2012-11-06 08:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Any Video Converter
2016-03-04 13:45 - 2012-11-14 08:32 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-04 11:34 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-03-03 00:27 - 2013-01-20 16:08 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-03-03 00:27 - 2011-04-12 09:45 - 00000000 ____D C:\Windows\ShellNew
2016-03-03 00:27 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-03-03 00:27 - 2009-07-14 03:34 - 00000501 ____N C:\Windows\win.ini
2016-03-02 23:20 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2016-02-27 22:24 - 2015-04-04 21:23 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-27 22:24 - 2015-04-04 21:23 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-25 19:30 - 2016-02-20 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP

==================== Files in the root of some directories =======

2005-03-21 12:41 - 2005-03-21 12:41 - 0012793 _____ () C:\Program Files (x86)\How To Install.html
2005-02-25 13:37 - 2005-02-25 13:37 - 0157035 _____ () C:\Program Files (x86)\LegalNotices.pdf
2005-02-22 12:31 - 2005-02-22 12:31 - 0142049 _____ () C:\Program Files (x86)\Photoshop At A Glance.pdf
2005-02-22 12:32 - 2005-02-22 12:32 - 2723276 _____ () C:\Program Files (x86)\Photoshop New Features.pdf
2005-02-23 10:24 - 2005-02-23 10:24 - 0002773 _____ () C:\Program Files (x86)\Read Me First.html
2010-01-10 22:51 - 2002-12-16 10:45 - 0208384 ____R () C:\Program Files (x86)\spec14.exe

Some files in TEMP:
====================
C:\Users\Beda\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-19 14:05

==================== End of FRST.txt ============================


Addition.txt je v příloze
Addition.zip
(15.14 KiB) Staženo 40 x
ale co je sakra s těmi účty???????? :???: :???: :???: :( :(
Obrázek
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: prosím o kontrolu - otevírá záhadná okna

#12 Příspěvek od Márty84 »

:arrow: Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-332784963-1637011244-2087319766-1005\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: No Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
DPF: HKLM-x32 {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} hxxp://213.168.177.168/web.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FF user.js: detected! => C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\user.js [2016-03-22]

CHR Extension: (soulshine) - C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\enbjgfinbinhckicnbfbmgjhloecioof [2016-03-22]

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-09-10] (Adobe Systems) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-14 194032]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]

2016-03-23 09:56 - 2016-03-23 09:56 - 00000000 _____ C:\Users\Beda\Desktop\FRSTLauncher.exe.bxpuwqd.partial
2016-03-23 09:56 - 2016-03-23 09:56 - 00000000 _____ C:\Users\Beda\Desktop\FRSTLauncher.exe.7vt5l6k.partial

Task: {B197FE0D-A804-4808-A38D-A21A4B8C819F} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {ED257F3B-93AE-4D32-B73F-B0640E3F2E4D} - System32\Tasks\KMS Activation for Office => C:\Windows\KMSAct.exe
Task: C:\Windows\Tasks\0316avUpdateInfo.job => C:\ProgramData\Avg_Update_0316av\0316av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1215avUpdateInfo.job => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-332784963-1637011244-2087319766-1000Core.job => C:\Users\oem\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-332784963-1637011244-2087319766-1000UA.job => C:\Users\oem\AppData\Local\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:054B9966 [254]
AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8 [128]

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STCAgent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZyngaGamesAgent

Hosts:
EmptyTemp:
Reboot:
End
Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
MedaBeda
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 27 lis 2007 14:27
Bydliště: Praha

Re: prosím o kontrolu - otevírá záhadná okna

#13 Příspěvek od MedaBeda »

Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Beda (2016-03-23 20:15:05) Run:2
Running from C:\Users\Beda\Desktop
Loaded Profiles: Beda (Available Profiles: UpdatusUser & Beda)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-332784963-1637011244-2087319766-1005\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-19] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: No Name -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-19] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
DPF: HKLM-x32 {FD3BEB0C-AB43-4253-9146-C371D48FBE0D} hxxp://213.168.177.168/web.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FF user.js: detected! => C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\user.js [2016-03-22]

CHR Extension: (soulshine) - C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\enbjgfinbinhckicnbfbmgjhloecioof [2016-03-22]

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-09-10] (Adobe Systems) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG)
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-11-14 194032]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]

2016-03-23 09:56 - 2016-03-23 09:56 - 00000000 _____ C:\Users\Beda\Desktop\FRSTLauncher.exe.bxpuwqd.partial
2016-03-23 09:56 - 2016-03-23 09:56 - 00000000 _____ C:\Users\Beda\Desktop\FRSTLauncher.exe.7vt5l6k.partial

Task: {B197FE0D-A804-4808-A38D-A21A4B8C819F} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {ED257F3B-93AE-4D32-B73F-B0640E3F2E4D} - System32\Tasks\KMS Activation for Office => C:\Windows\KMSAct.exe
Task: C:\Windows\Tasks\0316avUpdateInfo.job => C:\ProgramData\Avg_Update_0316av\0316av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\1215avUpdateInfo.job => C:\ProgramData\Avg_Update_1215av\1215av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-332784963-1637011244-2087319766-1000Core.job => C:\Users\oem\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-332784963-1637011244-2087319766-1000UA.job => C:\Users\oem\AppData\Local\Google\Update\GoogleUpdate.exe

AlternateDataStreams: C:\ProgramData\TEMP:054B9966 [254]
AlternateDataStreams: C:\ProgramData\TEMP:DBC416F8 [128]

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STCAgent
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZyngaGamesAgent

Hosts:
EmptyTemp:
Reboot:
End


*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-332784963-1637011244-2087319766-1005\Software\Microsoft\Windows\CurrentVersion\Run\\PC Suite Tray => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}" => key removed successfully
HKCR\Wow6432Node\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{FD3BEB0C-AB43-4253-9146-C371D48FBE0D}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{FD3BEB0C-AB43-4253-9146-C371D48FBE0D}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
C:\Users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\user.js => moved successfully
C:\Users\Beda\AppData\Local\Google\Chrome\User Data\Default\Extensions\enbjgfinbinhckicnbfbmgjhloecioof => moved successfully
Adobe LM Service => service removed successfully
NMIndexingService => service removed successfully
gupdate => service removed successfully
SkypeUpdate => service removed successfully
gupdatem => service removed successfully
gusvc => service removed successfully
NBService => service removed successfully
C:\Users\Beda\Desktop\FRSTLauncher.exe.bxpuwqd.partial => moved successfully
C:\Users\Beda\Desktop\FRSTLauncher.exe.7vt5l6k.partial => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B197FE0D-A804-4808-A38D-A21A4B8C819F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B197FE0D-A804-4808-A38D-A21A4B8C819F}" => key removed successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ED257F3B-93AE-4D32-B73F-B0640E3F2E4D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ED257F3B-93AE-4D32-B73F-B0640E3F2E4D}" => key removed successfully
C:\Windows\System32\Tasks\KMS Activation for Office => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMS Activation for Office" => key removed successfully
C:\Windows\Tasks\0316avUpdateInfo.job => moved successfully
C:\Windows\Tasks\1215avUpdateInfo.job => moved successfully
C:\Windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\Windows\Tasks\AutoKMS.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-332784963-1637011244-2087319766-1000Core.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-332784963-1637011244-2087319766-1000UA.job => moved successfully
C:\ProgramData\TEMP => ":054B9966" ADS removed successfully.
C:\ProgramData\TEMP => ":DBC416F8" ADS removed successfully.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Suite Tray => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STCAgent => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZyngaGamesAgent => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 490.5 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 20:15:27 ====
Obrázek
Nahoru
Márty84
VIP
VIP
Příspěvky: 21679
Registrován: 05 pro 2009 20:08
Bydliště: Ostrava

Re: prosím o kontrolu - otevírá záhadná okna

#14 Příspěvek od Márty84 »

:!: Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) :!:

:!: Nepouzivejte ComboFix bez predchozi domluvy! Je to poruseni pravidel fora a ztratite tim narok na pomoc!

:arrow: Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Kliknete na ComboFix pravym mysidlem a levym na Spustit jako spravce
Odsouhlaste licencni podminky a nechte program pracovat. Jestli vam nabidne instalaci Konzoly pro zotaveni, souhlaste.
Po dobu skenu nic nespoustejte, nikam neklikejte.
Po dokonceni skenovani (muze dojit i k restartu pc) by se mel vytvorit log, ktery bude umisteny zde C:\ComboFix.txt
Jeho obsah sem zkopirujte

:!: Kdyby po restartu nenabehl windows, restartujte znovu, mackejte klavesu F8 a zvolte - Posledni znama funkcni konfigurace
:!: Kdyz windows nabehne, ale pri spousteni ruznych programu bude hlasena chyba, staci restartovat pc a bude to v poradku
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz

Možnost podpořit naše fórum https://platba.viry.cz/payment/

Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Nahoru
Uživatelský avatar
MedaBeda
Návštěvník
Návštěvník
Příspěvky: 62
Registrován: 27 lis 2007 14:27
Bydliště: Praha

Re: prosím o kontrolu - otevírá záhadná okna

#15 Příspěvek od MedaBeda »

ComboFix 16-03-19.01 - Beda 24.03.2016 10:51:00.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.8140.6181 [GMT 1:00]
Spuštěný z: c:\users\Beda\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus Free Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\users\Beda\AppData\Roaming\ACD Systems\ACDSee\ImageDB.ddf
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SysWow64\AdobePDF.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\wpcap.dll
E:\install.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-02-24 do 2016-03-24 )))))))))))))))))))))))))))))))
.
.
2016-03-22 12:03 . 2016-03-22 12:03 -------- d-----w- c:\programdata\Malwarebytes
2016-03-22 11:56 . 2016-03-22 15:06 -------- d-----w- C:\AdwCleaner
2016-03-22 09:06 . 2016-03-22 09:10 -------- d-----w- c:\program files\trend micro
2016-03-22 09:06 . 2016-03-22 09:07 -------- d-----w- C:\rsit
2016-03-21 17:29 . 2016-03-21 18:22 -------- d-----w- c:\programdata\Bluetooth
2016-03-19 12:09 . 2016-03-19 12:09 -------- d-----w- c:\program files (x86)\Common Files\Atheros
2016-03-19 10:47 . 2016-03-19 10:47 -------- d-----w- c:\program files\AirLive
2016-03-19 10:46 . 2016-03-21 08:01 -------- d-----w- c:\users\Meda Beda
2016-03-18 16:00 . 2016-03-18 16:00 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2016-03-18 09:39 . 2016-03-18 09:39 -------- d-----w- c:\program files (x86)\SSD Fresh
2016-03-18 08:54 . 2016-03-02 15:59 11249080 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CE83C7DD-93E5-450F-81EC-F62DFFB5B4AD}\mpengine.dll
2016-03-18 08:53 . 2016-03-18 08:53 -------- d-----w- c:\program files\CCleaner
2016-03-13 15:08 . 2016-03-19 11:35 -------- d-----w- c:\program files\totalcmd
2016-03-13 11:48 . 2016-03-13 11:48 212184 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2016-03-13 11:47 . 2016-03-13 11:47 368928 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2016-03-13 11:47 . 2016-03-13 11:47 25336 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2016-03-09 08:40 . 2016-02-19 19:02 38336 ----a-w- c:\windows\system32\CompatTelRunner.exe
2016-03-09 08:40 . 2016-02-19 18:54 1168896 ----a-w- c:\windows\system32\aeinv.dll
2016-03-09 08:40 . 2016-02-19 14:07 1373184 ----a-w- c:\windows\system32\appraiser.dll
2016-03-09 08:40 . 2016-02-11 14:07 689152 ----a-w- c:\windows\system32\generaltel.dll
2016-03-09 08:40 . 2016-02-05 14:07 696832 ----a-w- c:\windows\system32\invagent.dll
2016-03-09 08:40 . 2016-02-05 14:07 499200 ----a-w- c:\windows\system32\devinv.dll
2016-03-09 08:40 . 2016-02-05 14:07 76800 ----a-w- c:\windows\system32\acmigration.dll
2016-03-04 12:04 . 2016-03-19 11:07 -------- d-----w- c:\users\Beda
2016-03-04 10:33 . 2016-03-13 07:51 84728 ----a-w- c:\program files\Common Files\Microsoft Shared\ClickToRun\msointl30.cs-cz.dll
2016-03-04 10:33 . 2016-03-13 07:45 946944 ----a-w- c:\program files\Common Files\Microsoft Shared\ClickToRun\C2RUI.cs-cz.dll
2016-03-03 00:03 . 2016-03-03 00:03 -------- d-----w- c:\program files (x86)\Microsoft OneDrive
2016-03-03 00:03 . 2016-03-03 00:03 -------- d-----w- c:\programdata\Microsoft OneDrive
2016-03-02 23:59 . 2016-03-13 14:55 2520864 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2016-03-02 09:21 . 2016-03-02 09:21 269232 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
2016-02-28 05:22 . 2016-02-28 05:22 20680 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\extensibility.dll
2016-02-27 22:28 . 2016-02-27 22:28 1274456 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pidgenx.dll
2016-02-27 00:18 . 2016-02-27 00:18 5132888 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
2016-02-27 00:18 . 2016-02-27 00:18 2230360 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL
2016-02-27 00:18 . 2016-02-27 00:18 204376 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
2016-02-27 00:18 . 2016-02-27 00:18 1833560 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL
2016-02-27 00:18 . 2016-02-27 00:18 179800 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL
2016-02-27 00:18 . 2016-02-27 00:18 1653336 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPCEXT.DLL
2016-02-27 00:18 . 2016-02-27 00:18 147032 ----a-w- c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-03-12 00:00 . 2012-09-15 10:06 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-03-12 00:00 . 2012-09-15 10:06 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-09 22:49 . 2012-09-01 11:51 143659408 ----a-w- c:\windows\system32\MRT.exe
2016-02-11 18:48 . 2016-03-09 08:41 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-11 18:37 . 2016-03-09 08:41 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-11 18:30 . 2016-03-09 08:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-02-04 22:13 . 2016-02-04 22:13 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2016-02-04 22:13 . 2016-02-04 22:13 536776 ----a-w- c:\windows\SysWow64\msvcp120_clr0400.dll
2016-02-04 22:03 . 2016-02-04 22:03 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2016-02-04 22:03 . 2016-02-04 22:03 678600 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2016-02-04 08:12 . 2016-02-04 08:12 88816 ----a-w- c:\windows\system32\vcruntime140.dll
2016-02-04 08:12 . 2016-02-04 08:12 635120 ----a-w- c:\windows\system32\msvcp140.dll
2016-02-04 08:12 . 2016-02-04 08:12 390400 ----a-w- c:\windows\system32\vccorlib140.dll
2016-02-04 08:12 . 2016-02-04 08:12 333080 ----a-w- c:\windows\system32\concrt140.dll
2016-02-04 06:21 . 2016-02-04 06:21 85232 ----a-w- c:\windows\SysWow64\vcruntime140.dll
2016-02-04 06:21 . 2016-02-04 06:21 439536 ----a-w- c:\windows\SysWow64\msvcp140.dll
2016-02-04 06:21 . 2016-02-04 06:21 267016 ----a-w- c:\windows\SysWow64\vccorlib140.dll
2016-02-04 06:21 . 2016-02-04 06:21 243480 ----a-w- c:\windows\SysWow64\concrt140.dll
2016-02-03 10:53 . 2016-02-03 10:53 378288 ----a-w- c:\windows\system32\drivers\avgloga.sys
2016-01-26 10:04 . 2016-01-26 10:04 315312 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
2016-01-26 10:04 . 2016-01-26 10:04 272304 ----a-w- c:\windows\system32\drivers\avgidsha.sys
2016-01-22 06:19 . 2016-02-10 12:53 14179840 ----a-w- c:\windows\system32\shell32.dll
2016-01-22 06:18 . 2016-02-10 12:53 961024 ----a-w- c:\windows\system32\CPFilters.dll
2016-01-22 06:18 . 2016-02-10 12:53 723968 ----a-w- c:\windows\system32\EncDec.dll
2016-01-22 06:17 . 2016-02-10 12:53 159744 ----a-w- c:\windows\system32\mtxoci.dll
2016-01-22 06:15 . 2016-02-10 12:53 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-01-22 06:12 . 2016-02-10 12:53 1940992 ----a-w- c:\windows\system32\authui.dll
2016-01-22 06:04 . 2016-02-10 12:53 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2016-01-22 06:04 . 2016-02-10 12:53 535040 ----a-w- c:\windows\SysWow64\EncDec.dll
2016-01-22 06:02 . 2016-02-10 12:53 114176 ----a-w- c:\windows\SysWow64\mtxoci.dll
2016-01-22 06:02 . 2016-02-10 12:53 176128 ----a-w- c:\windows\SysWow64\msorcl32.dll
2016-01-22 06:00 . 2016-02-10 12:53 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-01-22 05:59 . 2016-02-10 12:53 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-01-22 05:19 . 2016-02-10 12:53 3231232 ----a-w- c:\windows\explorer.exe
2016-01-22 05:12 . 2016-02-10 12:53 2973184 ----a-w- c:\windows\SysWow64\explorer.exe
2016-01-16 19:01 . 2016-02-10 12:53 2085888 ----a-w- c:\windows\system32\ole32.dll
2016-01-16 18:36 . 2016-02-10 12:53 1413632 ----a-w- c:\windows\SysWow64\ole32.dll
2016-01-08 09:46 . 2016-01-08 09:46 23472 ----a-w- c:\windows\system32\drivers\avguniva.sys
2016-01-07 17:42 . 2016-02-10 12:53 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2016-01-06 19:02 . 2016-02-10 12:54 24576 ----a-w- c:\windows\system32\jnwmon.dll
2016-01-06 19:02 . 2016-02-10 12:54 275456 ----a-w- c:\windows\system32\InkEd.dll
2016-01-06 18:41 . 2016-02-10 12:54 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2002-12-16 09:45 . 2010-01-10 21:51 208384 ----a-r- c:\program files (x86)\spec14.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-12-16 133400]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-01-27 291608]
"AVG_UI"="c:\program files (x86)\AVG\Av\avuirunnerx.exe" [2016-03-02 25512]
"AvgUi"="c:\program files (x86)\AVG\Framework\Common\avguirnx.exe" [2016-02-18 179624]
"StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2013-04-18 313656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2015-9-9 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 anvsnddrv;AnvSoft Virtual Sound Device;c:\windows\system32\drivers\anvsnddrv.sys;c:\windows\SYSNATIVE\drivers\anvsnddrv.sys [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 AvgAMPS;AvgAMPS;c:\program files (x86)\AVG\Av\avgamps.exe;c:\program files (x86)\AVG\Av\avgamps.exe [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys;c:\windows\GVTDrv64.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 Avguniva;AVG Universal Driver;c:\windows\system32\DRIVERS\avguniva.sys;c:\windows\SYSNATIVE\DRIVERS\avguniva.sys [x]
S0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\Av\avgidsagent.exe;c:\program files (x86)\AVG\Av\avgidsagent.exe [x]
S2 avgsvc;AVG Service;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe;c:\program files (x86)\AVG\Framework\Common\avgsvca.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\Av\avgwdsvcx.exe;c:\program files (x86)\AVG\Av\avgwdsvcx.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-03-15 18:00 1106072 ----a-w- c:\program files (x86)\Google\Chrome\Application\49.0.2623.87\Installer\chrmstp.exe
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-03-13 15:45 2095920 ----a-w- c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-03-13 15:45 2095920 ----a-w- c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-03-13 15:45 2095920 ----a-w- c:\program files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-16 12445288]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2013-10-18 184632]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-10-09 7818040]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.seznam.cz/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
FF - ProfilePath - c:\users\Beda\AppData\Roaming\Mozilla\Firefox\Profiles\k24jwh2r.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.vave.biz/
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-ExpressBurn - c:\program files (x86)\NCH Software\ExpressBurn\expressburn.exe
AddRemove-WavePad - c:\program files (x86)\NCH Software\WavePad\wavepad.exe
AddRemove-xampp - c:\xampp\uninstall.exe
AddRemove-{1B9604EE-B104-45C8-8551-5F63BA631E23} - c:\programdata\{FA77A43D-F6ED-4924-87B5-517C061388C6}\WeatherBugSetup.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_21_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_182_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_21_0_0_182_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_182.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.21"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_182.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_182.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_21_0_0_182.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/sma ... A18}\Alias]
"0"="Microsoft Actions Pane 3"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2016-03-24 10:57:30 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-03-24 09:57
.
Před spuštěním: Volných bajtů: 39 387 729 920
Po spuštění: Volných bajtů: 38 538 825 728
.
- - End Of File - - 6074139CB24586BF51C1E61F2732A5C2
A36C5E4F47E84449FF07ED3517B43A31





********************************
pro mě se chová už vcelku normálně :) , akorát ten blbej IE pořád po spuštění otevírá nějakou záhadnou stránku, např. teď s adresou http://e34405f5z4bax74e.halltoo.accountant/ :(
Obrázek
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“