Prosím o preventivní kontrolu.Nějakou dobu nefungoval antivir a notebook se velice zpomalil.Předem děkuji za pomoc a radu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Lenka at 2016-05-07 10:03:31
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 265 GB (58%) free of 459 GB
Total RAM: 3000 MB (49% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:04:07, on 7.5.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18283)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Users\Lenka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Tenda\Common\RaUI.exe
C:\Program Files (x86)\WinZip\FAHWindow32.exe
C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\Lenka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lenka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Lenka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Lenka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: FAH.lnk = C:\Program Files (x86)\WinZip\FAHConsole.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
O4 - Global Startup: Tenda Wireless Utility.lnk = C:\Program Files (x86)\Tenda\Common\RaUI.exe
O4 - Global Startup: Update Notifier.lnk = C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe
O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files (x86)\WinZip\WzPreloader.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.mcafee.com (HKLM)
O15 - Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone: http://www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)
O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1A53CB29-2DC9-426A-8B97-8D4ED98DCBA3}: NameServer =
O17 - HKLM\System\CCS\Services\Tcpip\..\{2B8C7773-AA60-4FC4-B424-08ADEA3A04BF}: NameServer = 93.153.117.1 93.153.117.33
O17 - HKLM\System\CCS\Services\Tcpip\..\{9F72BD8E-107A-4D34-8733-0893D0C215F3}: NameServer =
O17 - HKLM\System\CS1\Services\Tcpip\..\{1A53CB29-2DC9-426A-8B97-8D4ED98DCBA3}: NameServer =
O17 - HKLM\System\CS2\Services\Tcpip\..\{1A53CB29-2DC9-426A-8B97-8D4ED98DCBA3}: NameServer =
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: RalinkRegistryWriter - Ralink Technology, Corp. - C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
O23 - Service: RalinkRegistryWriter64 - Ralink Technology, Corp. - C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
O23 - Service: RaMediaServer - Unknown owner - C:\Program Files (x86)\Tenda\Common\RaMediaServer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SInstalátor (ssinstall) - PS Media s.r.o. - C:\windows\SysWOW64\ssins.exe
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16529 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\WLANExt.exe 3006464
\??\C:\windows\system32\conhost.exe "1883637631-15356877471354355309-11533848111702474904-16568455271638227852595197523
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
taskeng.exe {81E1EB07-A0DE-42FE-8837-476AE0DE686B}
C:\windows\System32\spoolsv.exe
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe"
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" service
"C:\windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
C:\windows\SysWOW64\PnkBstrA.exe
C:\windows\system32\igfxsrvc.exe -Embedding
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
"C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE" /logon
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Tenda\Common\RaRegistry.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
C:\windows\SysWOW64\ssins.exe
C:\windows\system32\svchost.exe -k imgsvc
szndesktop.exe default start
"C:\Users\Lenka\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\windows\system32\conhost.exe "-423475108-8876242271394030231251040045-1295085530362245474-120539005-794566077
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe"
"C:\Program Files (x86)\Tenda\Common\RaUI.exe" -s
"C:\Program Files (x86)\WinZip\FAHWindow32.exe" register
"C:\Program Files (x86)\WinZip\FAHWindow64.exe" register
"C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe"
"C:\Program Files (x86)\WinZip\WzPreloader.exe"
"C:\Program Files\Motorola\Bluetooth\obexsrv.exe"
C:\windows\SysWOW64\svchost.exe -k MbnExt
WLIDSvcM.exe 3700
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
C:\windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Motorola\Bluetooth\audiosrv.exe"
"C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" mode=windowless
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
C:\windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
C:\windows\system32\sppsvc.exe
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\Lenka\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForLenka.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForLenka (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.77.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}
C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\searchplugins\
ask-search.xml
Ask.xml
askcom.xml
seznam-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-14 902624]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25 439352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}]
Canon Easy-WebPrint EX BHO - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08 202144]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24 462400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-14 679680]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24 173120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25 414776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Canon Easy-WebPrint EX - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08 1619352]
{D4027C7F-154A-4066-A1AD-4243D8127440}
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2010-01-08 186904]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-01-30 2174760]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-03-25 166424]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-03-25 390680]
"Persistence"=C:\windows\system32\igfxpers.exe [2010-03-25 410136]
"BTMTrayAgent"=C:\Program Files\Motorola\Bluetooth\btmshell.dll [2010-06-11 24783624]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2009-10-19 2185032]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2009-09-04 767312]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2013-05-29 489472]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"=C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe [2010-02-10 1712184]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-01-22 2363392]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2015-08-06 2162152]
"cz.seznam.software.autoupdate"=C:\Users\Lenka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Lenka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-09-01 499768]
"NortonOnlineBackup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-05-03 1110360]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-10-01 256056]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-05-03 7391632]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-08-11 658424]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-03-20 595480]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FAH.lnk - C:\Program Files (x86)\WinZip\FAHConsole.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
Tenda Wireless Utility.lnk - C:\Program Files (x86)\Tenda\Common\RaUI.exe
Update Notifier.lnk - C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe
WinZip Preloader.lnk - C:\Program Files (x86)\WinZip\WzPreloader.exe
C:\Users\Lenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Lenka\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-01-25 268800]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"VIDC.LAGS"=lagarith.dll
"VIDC.X264"=x264vfw64.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-05-07 10:03:31 ----D---- C:\rsit
2016-05-07 10:03:31 ----D---- C:\Program Files\trend micro
2016-05-03 20:00:13 ----A---- C:\windows\system32\aswBoot.exe
2016-05-03 19:07:31 ----A---- C:\windows\avastSS.scr
2016-04-14 16:29:04 ----A---- C:\windows\system32\drivers\aswKbd.sys
2016-04-13 19:33:59 ----A---- C:\windows\system32\mtxoci.dll
2016-04-13 19:33:56 ----A---- C:\windows\SYSWOW64\mtxoci.dll
2016-04-13 19:33:55 ----A---- C:\windows\SYSWOW64\msorcl32.dll
2016-04-13 19:33:19 ----A---- C:\windows\system32\rpcss.dll
2016-04-13 19:33:18 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2016-04-13 19:33:18 ----A---- C:\windows\SYSWOW64\msxml3.dll
2016-04-13 19:33:18 ----A---- C:\windows\system32\msxml3r.dll
2016-04-13 19:33:18 ----A---- C:\windows\system32\msxml3.dll
2016-04-13 19:33:09 ----A---- C:\windows\system32\ole32.dll
2016-04-13 19:33:08 ----A---- C:\windows\SYSWOW64\ole32.dll
2016-04-13 19:33:08 ----A---- C:\windows\SYSWOW64\ntoskrnl.exe
2016-04-13 19:33:08 ----A---- C:\windows\system32\lsasrv.dll
2016-04-13 19:33:07 ----A---- C:\windows\SYSWOW64\ntkrnlpa.exe
2016-04-13 19:33:04 ----A---- C:\windows\system32\ntoskrnl.exe
2016-04-13 19:33:03 ----A---- C:\windows\SYSWOW64\ntdll.dll
2016-04-13 19:33:03 ----A---- C:\windows\system32\ntdll.dll
2016-04-13 19:33:03 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2016-04-13 19:33:03 ----A---- C:\windows\system32\drivers\ksecdd.sys
2016-04-13 19:33:02 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2016-04-13 19:33:02 ----A---- C:\windows\SYSWOW64\certcli.dll
2016-04-13 19:33:02 ----A---- C:\windows\system32\smss.exe
2016-04-13 19:33:02 ----A---- C:\windows\system32\rpcrt4.dll
2016-04-13 19:33:02 ----A---- C:\windows\system32\kernel32.dll
2016-04-13 19:33:02 ----A---- C:\windows\system32\kerberos.dll
2016-04-13 19:33:02 ----A---- C:\windows\system32\drivers\mrxsmb.sys
2016-04-13 19:33:02 ----A---- C:\windows\system32\certcli.dll
2016-04-13 19:33:02 ----A---- C:\windows\system32\advapi32.dll
2016-04-13 19:33:01 ----A---- C:\windows\SYSWOW64\sspicli.dll
2016-04-13 19:33:01 ----A---- C:\windows\SYSWOW64\schannel.dll
2016-04-13 19:33:01 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2016-04-13 19:33:01 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2016-04-13 19:33:01 ----A---- C:\windows\SYSWOW64\kerberos.dll
2016-04-13 19:33:01 ----A---- C:\windows\SYSWOW64\advapi32.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\wow64win.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\wow64.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\winsrv.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\wdigest.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\TSpkg.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\sspicli.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\srcore.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\schannel.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\rpchttp.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\ncrypt.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\msv1_0.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\KernelBase.dll
2016-04-13 19:33:01 ----A---- C:\windows\system32\drivers\mrxsmb10.sys
2016-04-13 19:33:01 ----A---- C:\windows\system32\conhost.exe
2016-04-13 19:33:00 ----A---- C:\windows\SYSWOW64\wdigest.dll
2016-04-13 19:33:00 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2016-04-13 19:33:00 ----A---- C:\windows\SYSWOW64\srclient.dll
2016-04-13 19:33:00 ----A---- C:\windows\SYSWOW64\rpchttp.dll
2016-04-13 19:33:00 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2016-04-13 19:33:00 ----A---- C:\windows\system32\wow64cpu.dll
2016-04-13 19:33:00 ----A---- C:\windows\system32\sspisrv.dll
2016-04-13 19:33:00 ----A---- C:\windows\system32\srclient.dll
2016-04-13 19:33:00 ----A---- C:\windows\system32\setbcdlocale.dll
2016-04-13 19:33:00 ----A---- C:\windows\system32\secur32.dll
2016-04-13 19:33:00 ----A---- C:\windows\system32\rstrui.exe
2016-04-13 19:33:00 ----A---- C:\windows\system32\ntvdm64.dll
2016-04-13 19:33:00 ----A---- C:\windows\system32\lsass.exe
2016-04-13 19:33:00 ----A---- C:\windows\system32\drivers\mrxsmb20.sys
2016-04-13 19:33:00 ----A---- C:\windows\system32\drivers\appid.sys
2016-04-13 19:33:00 ----A---- C:\windows\system32\csrsrv.dll
2016-04-13 19:33:00 ----A---- C:\windows\system32\cryptbase.dll
2016-04-13 19:33:00 ----A---- C:\windows\system32\appidsvc.dll
2016-04-13 19:33:00 ----A---- C:\windows\system32\appidpolicyconverter.exe
2016-04-13 19:33:00 ----A---- C:\windows\system32\appidapi.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 19:32:59 ----AH---- C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 19:32:59 ----A---- C:\windows\SYSWOW64\wow32.dll
2016-04-13 19:32:59 ----A---- C:\windows\SYSWOW64\setup16.exe
2016-04-13 19:32:59 ----A---- C:\windows\SYSWOW64\secur32.dll
2016-04-13 19:32:59 ----A---- C:\windows\SYSWOW64\ntvdm64.dll
2016-04-13 19:32:59 ----A---- C:\windows\SYSWOW64\kernel32.dll
2016-04-13 19:32:59 ----A---- C:\windows\SYSWOW64\instnm.exe
2016-04-13 19:32:59 ----A---- C:\windows\SYSWOW64\cryptbase.dll
2016-04-13 19:32:59 ----A---- C:\windows\SYSWOW64\credssp.dll
2016-04-13 19:32:59 ----A---- C:\windows\SYSWOW64\auditpol.exe
2016-04-13 19:32:59 ----A---- C:\windows\SYSWOW64\appidapi.dll
2016-04-13 19:32:59 ----A---- C:\windows\SYSWOW64\apisetschema.dll
2016-04-13 19:32:59 ----A---- C:\windows\system32\credssp.dll
2016-04-13 19:32:59 ----A---- C:\windows\system32\auditpol.exe
2016-04-13 19:32:59 ----A---- C:\windows\system32\appidcertstorecheck.exe
2016-04-13 19:32:59 ----A---- C:\windows\system32\apisetschema.dll
2016-04-13 19:32:58 ----A---- C:\windows\SYSWOW64\user.exe
2016-04-13 19:32:58 ----A---- C:\windows\SYSWOW64\msobjs.dll
2016-04-13 19:32:58 ----A---- C:\windows\SYSWOW64\msaudite.dll
2016-04-13 19:32:58 ----A---- C:\windows\SYSWOW64\adtschema.dll
2016-04-13 19:32:58 ----A---- C:\windows\system32\msobjs.dll
2016-04-13 19:32:58 ----A---- C:\windows\system32\msaudite.dll
2016-04-13 19:32:58 ----A---- C:\windows\system32\adtschema.dll
2016-04-13 19:32:27 ----A---- C:\windows\system32\win32k.sys
2016-04-13 19:32:24 ----A---- C:\windows\system32\drivers\disk.sys
2016-04-13 19:32:18 ----A---- C:\windows\SYSWOW64\tbs.dll
2016-04-13 19:32:18 ----A---- C:\windows\system32\tbs.dll
2016-04-13 19:32:18 ----A---- C:\windows\system32\fveapibase.dll
2016-04-13 19:32:18 ----A---- C:\windows\system32\fveapi.dll
2016-04-13 19:32:18 ----A---- C:\windows\system32\drivers\tpm.sys
2016-04-13 19:31:59 ----A---- C:\windows\system32\invagent.dll
2016-04-13 19:31:59 ----A---- C:\windows\system32\generaltel.dll
2016-04-13 19:31:59 ----A---- C:\windows\system32\devinv.dll
2016-04-13 19:31:59 ----A---- C:\windows\system32\CompatTelRunner.exe
2016-04-13 19:31:59 ----A---- C:\windows\system32\appraiser.dll
2016-04-13 19:31:59 ----A---- C:\windows\system32\aepic.dll
2016-04-13 19:31:59 ----A---- C:\windows\system32\aeinv.dll
2016-04-13 19:31:59 ----A---- C:\windows\system32\acmigration.dll
2016-04-13 19:31:52 ----A---- C:\windows\SYSWOW64\samlib.dll
2016-04-13 19:31:52 ----A---- C:\windows\system32\samsrv.dll
2016-04-13 19:31:52 ----A---- C:\windows\system32\samlib.dll
2016-04-13 19:31:14 ----A---- C:\windows\system32\tzres.dll
2016-04-13 19:31:13 ----A---- C:\windows\SYSWOW64\tzres.dll
2016-04-13 19:30:34 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2016-04-13 19:30:34 ----A---- C:\windows\SYSWOW64\inseng.dll
2016-04-13 19:30:34 ----A---- C:\windows\SYSWOW64\iernonce.dll
2016-04-13 19:30:34 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2016-04-13 19:30:34 ----A---- C:\windows\system32\iernonce.dll
2016-04-13 19:30:34 ----A---- C:\windows\system32\ieetwproxystub.dll
2016-04-13 19:30:34 ----A---- C:\windows\system32\ieetwcollector.exe
2016-04-13 19:30:33 ----A---- C:\windows\SYSWOW64\urlmon.dll
2016-04-13 19:30:33 ----A---- C:\windows\SYSWOW64\occache.dll
2016-04-13 19:30:33 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2016-04-13 19:30:33 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2016-04-13 19:30:33 ----A---- C:\windows\system32\inseng.dll
2016-04-13 19:30:33 ----A---- C:\windows\system32\ie4uinit.exe
2016-04-13 19:30:32 ----A---- C:\windows\SYSWOW64\vbscript.dll
2016-04-13 19:30:32 ----A---- C:\windows\SYSWOW64\mshtml.dll
2016-04-13 19:30:32 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2016-04-13 19:30:32 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-04-13 19:30:32 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2016-04-13 19:30:32 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 19:30:30 ----A---- C:\windows\SYSWOW64\iesetup.dll
2016-04-13 19:30:30 ----A---- C:\windows\SYSWOW64\iertutil.dll
2016-04-13 19:30:30 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2016-04-13 19:30:30 ----A---- C:\windows\system32\urlmon.dll
2016-04-13 19:30:30 ----A---- C:\windows\system32\occache.dll
2016-04-13 19:30:30 ----A---- C:\windows\system32\iedkcs32.dll
2016-04-13 19:30:29 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2016-04-13 19:30:29 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2016-04-13 19:30:29 ----A---- C:\windows\SYSWOW64\jscript.dll
2016-04-13 19:30:29 ----A---- C:\windows\SYSWOW64\ieui.dll
2016-04-13 19:30:29 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2016-04-13 19:30:29 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2016-04-13 19:30:29 ----A---- C:\windows\system32\msfeeds.dll
2016-04-13 19:30:29 ----A---- C:\windows\system32\ieetwcollectorres.dll
2016-04-13 19:30:29 ----A---- C:\windows\system32\dxtrans.dll
2016-04-13 19:30:28 ----A---- C:\windows\SYSWOW64\ieframe.dll
2016-04-13 19:30:28 ----A---- C:\windows\system32\iesetup.dll
2016-04-13 19:30:27 ----A---- C:\windows\system32\ieapfltr.dll
2016-04-13 19:30:26 ----A---- C:\windows\system32\iertutil.dll
2016-04-13 19:30:25 ----A---- C:\windows\SYSWOW64\wininet.dll
2016-04-13 19:30:25 ----A---- C:\windows\SYSWOW64\webcheck.dll
2016-04-13 19:30:25 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2016-04-13 19:30:25 ----A---- C:\windows\SYSWOW64\jscript9.dll
2016-04-13 19:30:25 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2016-04-13 19:30:25 ----A---- C:\windows\system32\vbscript.dll
2016-04-13 19:30:24 ----A---- C:\windows\SYSWOW64\msrating.dll
2016-04-13 19:30:24 ----A---- C:\windows\system32\jsproxy.dll
2016-04-13 19:30:24 ----A---- C:\windows\system32\dxtmsft.dll
2016-04-13 19:30:23 ----A---- C:\windows\system32\ieui.dll
2016-04-13 19:30:23 ----A---- C:\windows\system32\ieframe.dll
2016-04-13 19:30:22 ----A---- C:\windows\system32\mshtmlmedia.dll
2016-04-13 19:30:22 ----A---- C:\windows\system32\mshtmled.dll
2016-04-13 19:30:22 ----A---- C:\windows\system32\ieUnatt.exe
2016-04-13 19:30:21 ----A---- C:\windows\system32\webcheck.dll
2016-04-13 19:30:21 ----A---- C:\windows\system32\jscript9diag.dll
2016-04-13 19:30:21 ----A---- C:\windows\system32\jscript9.dll
2016-04-13 19:30:21 ----A---- C:\windows\system32\jscript.dll
2016-04-13 19:30:20 ----A---- C:\windows\system32\wininet.dll
2016-04-13 19:30:19 ----A---- C:\windows\system32\msrating.dll
2016-04-13 19:30:19 ----A---- C:\windows\system32\MshtmlDac.dll
2016-04-13 19:30:18 ----A---- C:\windows\system32\mshtml.dll
2016-04-13 08:41:13 ----D---- C:\ProgramData\Apple Computer
2016-04-13 08:41:13 ----D---- C:\Program Files (x86)\QuickTime
======List of files/folders modified in the last 1 month======
2016-05-07 10:03:37 ----D---- C:\windows\Temp
2016-05-07 10:03:31 ----D---- C:\Program Files
2016-05-07 09:54:05 ----D---- C:\windows\winsxs
2016-05-07 09:47:21 ----D---- C:\Users\Lenka\AppData\Roaming\Seznam.cz
2016-05-07 09:44:20 ----D---- C:\Users\Lenka\AppData\Roaming\Dropbox
2016-05-07 09:44:06 ----D---- C:\Users\Lenka\AppData\Roaming\DropboxMaster
2016-05-07 09:43:32 ----D---- C:\ProgramData\PDFC
2016-05-07 09:43:13 ----D---- C:\windows\system32\config
2016-05-07 08:22:12 ----D---- C:\windows\Prefetch
2016-05-07 08:06:02 ----SD---- C:\windows\SYSWOW64\GWX
2016-05-07 08:06:02 ----SD---- C:\windows\system32\GWX
2016-05-07 08:03:27 ----SHD---- C:\System Volume Information
2016-05-06 20:38:45 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-05-06 19:18:58 ----D---- C:\windows\system32\appraiser
2016-05-04 18:53:57 ----D---- C:\windows\System32
2016-05-04 18:53:57 ----A---- C:\windows\system32\PerfStringBackup.INI
2016-05-04 18:53:56 ----D---- C:\windows\inf
2016-05-04 15:48:59 ----D---- C:\windows\system32\Tasks
2016-05-04 15:48:55 ----D---- C:\windows\Tasks
2016-05-03 20:10:37 ----D---- C:\windows\SysWOW64
2016-05-03 20:05:15 ----D---- C:\windows\system32\drivers
2016-05-03 20:02:23 ----D---- C:\windows\system32\DriverStore
2016-05-03 19:59:59 ----D---- C:\Windows
2016-05-03 19:13:19 ----SHD---- C:\Config.Msi
2016-05-01 18:33:46 ----AHD---- C:\ProgramData
2016-04-30 07:54:19 ----RD---- C:\Program Files (x86)
2016-04-28 17:38:32 ----SHD---- C:\windows\Installer
2016-04-21 15:05:02 ----N---- C:\windows\system32\MpSigStub.exe
2016-04-17 21:43:31 ----RSD---- C:\windows\assembly
2016-04-14 16:28:30 ----D---- C:\ProgramData\AVAST Software
2016-04-14 16:27:58 ----D---- C:\Program Files\AVAST Software
2016-04-14 07:43:01 ----D---- C:\windows\rescache
2016-04-14 06:36:48 ----D---- C:\windows\Microsoft.NET
2016-04-14 06:00:23 ----D---- C:\windows\SYSWOW64\cs-CZ
2016-04-14 06:00:20 ----D---- C:\windows\system32\cs-CZ
2016-04-14 06:00:19 ----D---- C:\windows\system32\en-US
2016-04-14 06:00:14 ----D---- C:\windows\AppPatch
2016-04-14 06:00:13 ----D---- C:\windows\system32\Boot
2016-04-14 06:00:10 ----D---- C:\windows\SYSWOW64\wbem
2016-04-14 06:00:10 ----D---- C:\windows\system32\wbem
2016-04-14 06:00:10 ----D---- C:\windows\system32\drivers\cs-CZ
2016-04-14 06:00:09 ----D---- C:\windows\Logs
2016-04-14 05:59:20 ----D---- C:\Program Files\Internet Explorer
2016-04-14 05:59:15 ----D---- C:\windows\SYSWOW64\en-US
2016-04-14 05:58:52 ----D---- C:\Program Files (x86)\Internet Explorer
2016-04-13 20:23:34 ----D---- C:\ProgramData\Microsoft Help
2016-04-13 20:21:52 ----D---- C:\windows\system32\MRT
2016-04-13 20:15:44 ----A---- C:\windows\system32\MRT.exe
2016-04-13 20:10:33 ----D---- C:\windows\system32\catroot2
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\windows\system32\drivers\aswRvrt.sys [2016-05-03 74544]
R0 aswVmm;avast! VM Monitor; C:\windows\system32\drivers\aswVmm.sys [2016-05-03 287528]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-01-08 409112]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\windows\System32\Drivers\sptd.sys [2011-04-14 834544]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2016-05-03 37144]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2016-05-03 103064]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2016-05-03 1070904]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2016-05-03 465792]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\windows\system32\drivers\aswHwid.sys [2016-05-03 37656]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2016-05-03 107792]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2016-05-03 166432]
R3 BTMUSB;Motorola Bluetooth Radio Service; C:\windows\System32\Drivers\btmusb.sys [2010-07-09 3232768]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 huawei_enumerator;huawei_enumerator; C:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-04-23 90112]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-01-25 7842272]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 145408]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\windows\system32\DRIVERS\netr28x.sys [2011-04-19 1488448]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-05-04 331880]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2010-05-21 96384]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2013-05-29 515584]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2014-01-30 1379376]
S3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 androidusb;ADB Interface Driver; C:\windows\System32\Drivers\androidusb.sys [2010-04-29 32768]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTMCOM;Bluetooth Serial Port; C:\windows\System32\Drivers\btmcom.sys [2010-04-10 52736]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\windows\system32\DRIVERS\ew_hwusbdev.sys [2010-07-27 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\windows\system32\DRIVERS\ew_usbenumfilter.sys [2010-03-20 13952]
S3 huawei_cdcacm;huawei_cdcacm; C:\windows\system32\DRIVERS\ew_jucdcacm.sys [2012-04-23 104448]
S3 huawei_ext_ctrl;huawei_ext_ctrl; C:\windows\system32\DRIVERS\ew_juextctrl.sys [2012-04-23 30720]
S3 huawei_wwanecm;huawei_wwanecm; C:\windows\system32\DRIVERS\ew_juwwanecm.sys [2012-04-23 238080]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 TPM;Čip TPM; C:\windows\system32\drivers\tpm.sys [2016-02-05 147904]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2013-05-29 89600]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-05-03 243296]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-10-01 280120]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-02-18 26680]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2010-01-08 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]
R2 MbnExt;Mobile Broadband Extension Service; C:\windows\system32\svchost.exe [2009-07-14 27136]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-05-03 2782552]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-08-11 1128952]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2011-08-31 66872]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 RalinkRegistryWriter;RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [2011-03-31 375872]
R2 RalinkRegistryWriter64;RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [2011-03-31 454208]
R2 ssinstall;SInstalátor; C:\windows\SysWOW64\ssins.exe [2014-08-02 2324216]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2013-05-29 271360]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-09-25 1028096]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07 269504]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-09-25 647680]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2016-03-31 114688]
S3 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2009-02-10 116104]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [2016-03-11 293128]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-03-19 146888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RaMediaServer;RaMediaServer; C:\Program Files (x86)\Tenda\Common\RaMediaServer.exe [2011-03-04 621632]
S3 stllssvr;stllssvr; c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-04-07 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivně
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: preventivně
Zdravim 
Odinstalujte McAfee Security Scan.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Odinstalujte McAfee Security Scan. Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivně
# AdwCleaner v5.115 - Log soubor vytvořen 07/05/2016 o 11:57:52
# Aktualizováno 01/05/2016 by Xplode
# Databáze : 2016-05-04.2 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Jméno uživatele : Lenka - LENKA-HP
# Spuštěno z : C:\Users\Lenka\Desktop\adwcleaner_5.115.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazáno : C:\ProgramData\apn
[-] Složka smazáno : C:\ProgramData\Ask
[-] Složka smazáno : C:\ProgramData\AskPartnerNetwork
[#] Složka smazáno : C:\ProgramData\Application Data\apn
[#] Složka smazáno : C:\ProgramData\Application Data\Ask
[#] Složka smazáno : C:\ProgramData\Application Data\AskPartnerNetwork
[-] Složka smazáno : C:\Program Files (x86)\AskPartnerNetwork
[-] Složka smazáno : C:\Program Files (x86)\Movies App
[-] Složka smazáno : C:\Users\Lenka\AppData\Local\apn
[-] Složka smazáno : C:\Users\Lenka\AppData\Local\AskPartnerNetwork
[-] Složka smazáno : C:\Users\Lenka\AppData\Local\iLivid
[-] Složka smazáno : C:\Users\Lenka\Documents\Add-in Express
[-] Složka smazáno : C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
***** [ Soubory ] *****
[-] Soubor smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
[-] Soubor smazáno : C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\searchplugins\Askcom.xml
[-] Soubor smazáno : C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaaojmikegpiepcfdkkjaplodkpfmlo_0.localstorage
[-] Soubor smazáno : C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaaaojmikegpiepcfdkkjaplodkpfmlo
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Applications\iLividSetup-r0-n-bf.exe
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
[-] Hodnota smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Hodnota smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Hodnota smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Klávesa smazáno : HKCU\Software\AskPartnerNetwork
[-] Klávesa smazáno : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Klávesa smazáno : HKLM\SOFTWARE\AskPartnerNetwork
[-] Klávesa smazáno : HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\AskPartnerNetwork
[-] Klávesa smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3903F409-2B78-48BF-BC01-8B3A24D8F5E5}
***** [ Webové prohlížeče ] *****
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.apn_dbr", "ff_16.0.2");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.cbid", "U3");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.config-updated", false);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.cr-o", "100000027cr");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.crumb", "2012.11.15+23.34.56-toolbar017iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibGlj");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all&gct=bar");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.displaybehavior", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.displaytext", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.dtid", "YYYYYYYYCZ");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.ff-original-keyword-url", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.ff19-config-first-run", "true");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.fresh-install", false);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.guid", "A61D4616-8E66-4DB0-A383-8FC5BB31B479");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.if", "su");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.keyword-toggled-in-session", false);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.l", "dis");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.last-config-req", "1392871875044");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.locale", "en_EU");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.location", "Prague,Czech Republic");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.lstation", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.new-tab-opt-out", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.news-native-on", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.o", "100000027");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.pstate", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.qsrc", "2871");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.r", "2");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.sa", "YES");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.saguid", "F3035198-AE2F-45B1-8E19-E4DDB326FC55");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.search-suggestions-enabled", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.silent-upgrade", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-first", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-interval", "1200000");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-max-items", "30");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-native-on", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-speed", "10000");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-transition-first-open", false);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.themeid", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.timeinstalled", "3.2.2013 11:40:51");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.to", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.v", "3.15.29.100013");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.version", "5.15.29.67612");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.volume", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[-] [C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : websearch.ask.com
[-] [C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : ask.com
[-] [C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] smazáno : aaaaojmikegpiepcfdkkjaplodkpfmlo
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [17087 bytes] - [07/05/2016 11:57:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [17183 bytes] - [07/05/2016 11:52:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [17235 bytes] ##########
# Aktualizováno 01/05/2016 by Xplode
# Databáze : 2016-05-04.2 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Jméno uživatele : Lenka - LENKA-HP
# Spuštěno z : C:\Users\Lenka\Desktop\adwcleaner_5.115.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka smazáno : C:\ProgramData\apn
[-] Složka smazáno : C:\ProgramData\Ask
[-] Složka smazáno : C:\ProgramData\AskPartnerNetwork
[#] Složka smazáno : C:\ProgramData\Application Data\apn
[#] Složka smazáno : C:\ProgramData\Application Data\Ask
[#] Složka smazáno : C:\ProgramData\Application Data\AskPartnerNetwork
[-] Složka smazáno : C:\Program Files (x86)\AskPartnerNetwork
[-] Složka smazáno : C:\Program Files (x86)\Movies App
[-] Složka smazáno : C:\Users\Lenka\AppData\Local\apn
[-] Složka smazáno : C:\Users\Lenka\AppData\Local\AskPartnerNetwork
[-] Složka smazáno : C:\Users\Lenka\AppData\Local\iLivid
[-] Složka smazáno : C:\Users\Lenka\Documents\Add-in Express
[-] Složka smazáno : C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
***** [ Soubory ] *****
[-] Soubor smazáno : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
[-] Soubor smazáno : C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\searchplugins\Askcom.xml
[-] Soubor smazáno : C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaaojmikegpiepcfdkkjaplodkpfmlo_0.localstorage
[-] Soubor smazáno : C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaaaojmikegpiepcfdkkjaplodkpfmlo
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Applications\iLividSetup-r0-n-bf.exe
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{884189CF-7C10-41E8-A014-F7B2BE40AADB}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
[-] Hodnota smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Hodnota smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
[-] Hodnota smazáno : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Klávesa smazáno : HKCU\Software\AskPartnerNetwork
[-] Klávesa smazáno : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Klávesa smazáno : HKLM\SOFTWARE\AskPartnerNetwork
[-] Klávesa smazáno : HKLM\SOFTWARE\dt soft\daemon tools toolbar
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\AskPartnerNetwork
[-] Klávesa smazáno : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Klávesa smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3903F409-2B78-48BF-BC01-8B3A24D8F5E5}
***** [ Webové prohlížeče ] *****
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.InstallDir", "C:\\Program Files (x86)\\Ask.com\\");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.abar-war-regex", "conduit\\.com");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.apn_dbr", "ff_16.0.2");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.autofill-competitor-query-enabled", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.cbid", "U3");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.config-updated", false);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.cr-o", "100000027cr");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.crumb", "2012.11.15+23.34.56-toolbar017iad-CZ-UHJhZ3VlLEN6ZWNoIFJlcHVibGlj");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://eu.ask.com/web?qsrc={qsrc}&o={o}&l={l}&q={query}&dm=all&gct=bar");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.displaybehavior", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.displaytext", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.dtid", "YYYYYYYYCZ");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", false);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.dyn-weather-locid-weatherWidget", "EZXX0012");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.dyn-weather-tempunit-weatherWidget", "C");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.ff-original-keyword-url", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.ff19-config-first-run", "true");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.fresh-install", false);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.guid", "A61D4616-8E66-4DB0-A383-8FC5BB31B479");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.if", "su");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.keyword-toggled-in-session", false);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.l", "dis");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.last-config-req", "1392871875044");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.locale", "en_EU");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.location", "Prague,Czech Republic");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.lstation", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.new-tab-opt-out", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.news-native-on", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.o", "100000027");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.pstate", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.qsrc", "2871");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.r", "2");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.sa", "YES");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.saguid", "F3035198-AE2F-45B1-8E19-E4DDB326FC55");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.search-suggestions-enabled", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.silent-upgrade", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-first", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-interval", "1200000");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-max-items", "30");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-native-on", true);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-speed", "10000");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.socialmini-transition-first-open", false);
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.themeid", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.timeinstalled", "3.2.2013 11:40:51");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.to", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.v", "3.15.29.100013");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.version", "5.15.29.67612");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.asktb.volume", "");
[-] [C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\prefs.js] smazáno : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[-] [C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : websearch.ask.com
[-] [C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] smazáno : ask.com
[-] [C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] smazáno : aaaaojmikegpiepcfdkkjaplodkpfmlo
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [17087 bytes] - [07/05/2016 11:57:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [17183 bytes] - [07/05/2016 11:52:53]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [17235 bytes] ##########
Re: preventivně
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivně
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 7.5.2016
Čas skenování: 13:06:33
Protokol: mba.txt
Správce: Ano
Verze: 2.02.1.1043
Databáze malwaru: v2016.05.07.03
Databáze rootkitů: v2016.05.06.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Lenka
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 308075
Uplynulý čas: 26 min, 22 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Optional.Ilivid, C:\$Recycle.Bin\S-1-5-21-85297521-196536162-866879438-1001\$RG63PZI.exe, , [010e53806534ac8aa206e5ecdd233ac6],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 7.5.2016
Čas skenování: 13:06:33
Protokol: mba.txt
Správce: Ano
Verze: 2.02.1.1043
Databáze malwaru: v2016.05.07.03
Databáze rootkitů: v2016.05.06.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Lenka
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 308075
Uplynulý čas: 26 min, 22 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Optional.Ilivid, C:\$Recycle.Bin\S-1-5-21-85297521-196536162-866879438-1001\$RG63PZI.exe, , [010e53806534ac8aa206e5ecdd233ac6],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: preventivně
Nalez nechte odstranit. Po odstraneni a restartu pc test s MBAM zopakujte (ale tentokrat opravdu se spravnym nastavenim - tohle byl jen Sken hrozeb, ten nekontroluje cely pocitac, ja chtel Vlastni sken), at vime, jestli se to nevraci. Napiste vysledek testu a podle nej zvolim dalsi postup.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivně
Tak snad jsem ho teď udělal dobře.
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 7.5.2016
Čas skenování: 16:58:26
Protokol: mba.txt
Správce: Ano
Verze: 2.02.1.1043
Databáze malwaru: v2016.05.07.03
Databáze rootkitů: v2016.05.06.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Lenka
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 527105
Uplynulý čas: 2 hod, 57 min, 49 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 7.5.2016
Čas skenování: 16:58:26
Protokol: mba.txt
Správce: Ano
Verze: 2.02.1.1043
Databáze malwaru: v2016.05.07.03
Databáze rootkitů: v2016.05.06.01
Licence: Premium
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Lenka
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 527105
Uplynulý čas: 2 hod, 57 min, 49 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: preventivně
Ano, ted je to spravne
Podle logu mate MBAM verzi Premium, tedy i se zapnutym stitem. Ale v pc mate i Avast. To neni dobre, stit by mel byt jen jeden, perou se mezi sebou.
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach
Podle logu mate MBAM verzi Premium, tedy i se zapnutym stitem. Ale v pc mate i Avast. To neni dobre, stit by mel byt jen jeden, perou se mezi sebou.
Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivně
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-05-2016
Ran by Lenka (administrator) on LENKA-HP (07-05-2016 20:12:25)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Tenda Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7391632 2016-05-03] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-85297521-196536162-866879438-1001\...\MountPoints2: {43ad6891-ea35-11e2-a5b1-1cc1deab83fd} - H:\Autorun.exe
HKU\S-1-5-21-85297521-196536162-866879438-1001\...\MountPoints2: {4682ae48-66b2-11e0-a9c9-1cc1deab83fd} - E:\autoplay.exe
HKU\S-1-5-21-85297521-196536162-866879438-1001\...\MountPoints2: {501f4e7a-d656-11e2-a5e4-1cc1deab83fd} - D:\Autorun.exe
HKU\S-1-5-21-85297521-196536162-866879438-1001\...\MountPoints2: {501f4e88-d656-11e2-a5e4-1cc1deab83fd} - D:\Autorun.exe
HKU\S-1-5-21-85297521-196536162-866879438-1001\...\MountPoints2: {501f4e96-d656-11e2-a5e4-1cc1deab83fd} - H:\Autorun.exe
HKU\S-1-5-21-85297521-196536162-866879438-1001\...\MountPoints2: {501f4eb4-d656-11e2-a5e4-1cc1deab83fd} - D:\Autorun.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-03] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tenda Wireless Utility.lnk [2014-01-13]
ShortcutTarget: Tenda Wireless Utility.lnk -> C:\Program Files (x86)\Tenda\Common\RaUI.exe (Tenda Technology, Corp.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-85297521-196536162-866879438-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1A53CB29-2DC9-426A-8B97-8D4ED98DCBA3}: [NameServer]
Tcpip\..\Interfaces\{2B8C7773-AA60-4FC4-B424-08ADEA3A04BF}: [NameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{9F72BD8E-107A-4D34-8733-0893D0C215F3}: [NameServer]
Tcpip\..\Interfaces\{DAF6C209-70D7-4A0B-8A65-BA4D05EDCDDA}: [DhcpNameServer] 177.67.82.22 8.8.8.8
Tcpip\..\Interfaces\{EE3E406D-D24E-4F28-A232-597E54A6B7C8}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-85297521-196536162-866879438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-85297521-196536162-866879438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-85297521-196536162-866879438-1001 -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-85297521-196536162-866879438-1001 -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-14] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-14] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
FireFox:
========
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: hxxps://www.seznam.cz
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\searchplugins\seznam-avast.xml [2015-03-02]
FF Extension: Adblock Plus - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-03]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Seznam Lištička - Email) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-03-01]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-13]
CHR Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-25]
CHR Extension: (Peněženka Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-06]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-09-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-14]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-03] (AVAST Software)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2010-09-25] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2010-09-25] (Macrovision Europe Ltd.) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [280120 2010-10-01] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-05-03] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-11] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [66872 2011-08-31] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [454208 2011-03-31] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files (x86)\Tenda\Common\RaMediaServer.exe [621632 2011-03-04] ()
R2 ssinstall; C:\windows\SysWOW64\ssins.exe [2324216 2014-08-02] (PS Media s.r.o.)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-03] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2016-05-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [96384 2010-05-21] (Realtek Semiconductor Corp.)
R3 semav6msr64; C:\windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-04-14] () [File not signed]
U3 ahk0fizf; C:\Windows\System32\Drivers\ahk0fizf.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-07 20:12 - 2016-05-07 20:12 - 00021255 _____ C:\Users\Lenka\Desktop\FRST.txt
2016-05-07 20:11 - 2016-05-07 20:12 - 00000000 ____D C:\FRST
2016-05-07 20:11 - 2016-05-07 20:11 - 02379264 _____ (Farbar) C:\Users\Lenka\Desktop\FRST64.exe
2016-05-07 19:56 - 2016-05-07 19:56 - 00001187 _____ C:\Users\Lenka\Desktop\mba.txt
2016-05-07 13:57 - 2016-05-07 13:57 - 00000000 ____D C:\Users\Lenka\AppData\Local\Intel
2016-05-07 13:56 - 2016-05-07 13:56 - 00003036 _____ C:\windows\System32\Tasks\USER_ESRV_SVC_WILLAMETTE
2016-05-07 13:56 - 2016-05-07 13:56 - 00001170 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.5.lnk
2016-05-07 13:56 - 2016-05-07 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-05-07 13:56 - 2016-05-07 13:56 - 00000000 ____D C:\ProgramData\Intel
2016-05-07 13:56 - 2016-05-07 13:56 - 00000000 ____D C:\Program Files\Intel
2016-05-07 13:56 - 2016-03-09 20:43 - 00021984 _____ C:\windows\system32\Drivers\semav6msr64.sys
2016-05-07 13:55 - 2016-05-07 13:55 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-05-07 13:54 - 2016-05-07 13:54 - 00000000 ____D C:\windows\System32\Tasks\Intel
2016-05-07 12:48 - 2016-05-07 16:58 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-07 12:48 - 2016-05-07 12:51 - 00001098 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-07 12:48 - 2016-05-07 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-07 12:47 - 2016-05-07 13:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-07 12:47 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-05-07 12:47 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-05-07 12:47 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-05-07 12:39 - 2016-05-07 12:45 - 00000000 ____D C:\windows\pss
2016-05-07 11:52 - 2016-05-07 11:57 - 00000000 ____D C:\AdwCleaner
2016-05-07 11:46 - 2016-05-07 11:46 - 00000874 _____ C:\windows\system32\Drivers\etc\hosts.txt
2016-05-07 11:46 - 2016-05-07 11:46 - 00000874 _____ C:\Users\Lenka\Documents\hosts.txt
2016-05-07 11:36 - 2016-05-07 11:36 - 03615296 _____ C:\Users\Lenka\Desktop\adwcleaner_5.115.exe
2016-05-07 10:03 - 2016-05-07 10:04 - 00000000 ____D C:\rsit
2016-05-07 10:03 - 2016-05-07 10:04 - 00000000 ____D C:\Program Files\trend micro
2016-05-04 15:48 - 2016-05-06 19:19 - 00000332 _____ C:\windows\Tasks\HPCeeScheduleForLenka.job
2016-05-04 15:48 - 2016-05-04 15:48 - 00003186 _____ C:\windows\System32\Tasks\HPCeeScheduleForLenka
2016-05-03 20:01 - 2016-05-03 20:01 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-05-03 20:01 - 2016-05-03 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-05-03 20:00 - 2016-05-03 19:07 - 00398152 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2016-05-03 19:07 - 2016-05-03 19:07 - 00052184 _____ (AVAST Software) C:\windows\avastSS.scr
2016-04-18 16:24 - 2016-04-18 16:25 - 00000000 ____D C:\Users\Lenka\Desktop\MOST II
2016-04-14 16:34 - 2016-05-03 20:01 - 00003880 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1460644414
2016-04-14 16:33 - 2016-04-14 16:33 - 00000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-14 16:29 - 2016-05-03 19:07 - 00037144 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2016-04-13 19:33 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-04-13 19:33 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-04-13 19:33 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-04-13 19:33 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-04-13 19:33 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-04-13 19:33 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-04-13 19:33 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-04-13 19:33 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-04-13 19:33 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-04-13 19:33 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-04-13 19:33 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-04-13 19:33 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-04-13 19:33 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-13 19:33 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-04-13 19:33 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-04-13 19:33 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-04-13 19:33 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-04-13 19:33 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-04-13 19:33 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-04-13 19:33 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-04-13 19:33 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-04-13 19:33 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-04-13 19:33 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-04-13 19:33 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-04-13 19:33 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-04-13 19:33 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-04-13 19:33 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-04-13 19:33 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-04-13 19:33 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-04-13 19:33 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-04-13 19:33 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-04-13 19:33 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-04-13 19:33 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-04-13 19:33 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-04-13 19:33 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-04-13 19:33 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-04-13 19:33 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-04-13 19:33 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-04-13 19:33 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-04-13 19:33 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-04-13 19:33 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-04-13 19:33 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-04-13 19:33 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-04-13 19:33 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-04-13 19:33 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-04-13 19:33 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-04-13 19:33 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-04-13 19:33 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-04-13 19:33 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-04-13 19:33 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-04-13 19:33 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-04-13 19:33 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-04-13 19:33 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-13 19:33 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-13 19:33 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-13 19:33 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-13 19:33 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-04-13 19:33 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-13 19:33 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-04-13 19:33 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-04-13 19:32 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-04-13 19:32 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-04-13 19:32 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-04-13 19:32 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-04-13 19:32 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-04-13 19:32 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-04-13 19:32 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-04-13 19:32 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 19:32 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-04-13 19:32 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-04-13 19:32 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-04-13 19:32 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-04-13 19:32 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-04-13 19:32 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-04-13 19:32 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-04-13 19:32 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-04-13 19:32 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 19:32 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 19:32 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 19:32 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 19:32 - 2016-02-05 21:03 - 00147904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2016-04-13 19:32 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2016-04-13 19:32 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2016-04-13 19:32 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2016-04-13 19:32 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-04-13 19:32 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-04-13 19:31 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-04-13 19:31 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-04-13 19:31 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-04-13 19:31 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-04-13 19:31 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-04-13 19:31 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-04-13 19:31 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-04-13 19:31 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-04-13 19:31 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-04-13 19:31 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-04-13 19:31 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2016-04-13 19:31 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-04-13 19:31 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-04-13 19:30 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-04-13 19:30 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-04-13 19:30 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-04-13 19:30 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-04-13 19:30 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-04-13 19:30 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-04-13 19:30 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-04-13 19:30 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-04-13 19:30 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-04-13 19:30 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-04-13 19:30 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-04-13 19:30 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-04-13 19:30 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-04-13 19:30 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-04-13 19:30 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-04-13 19:30 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-04-13 19:30 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-04-13 19:30 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-04-13 19:30 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-04-13 19:30 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-04-13 19:30 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-04-13 19:30 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-04-13 19:30 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-04-13 19:30 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 19:30 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-04-13 19:30 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-04-13 19:30 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-04-13 19:30 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-04-13 19:30 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-04-13 19:30 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-04-13 19:30 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-04-13 19:30 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-04-13 19:30 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-04-13 19:30 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-04-13 19:30 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-04-13 19:30 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-04-13 19:30 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-04-13 19:30 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-04-13 19:30 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-04-13 19:30 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-04-13 19:30 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-04-13 19:30 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-04-13 19:30 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-04-13 19:30 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-04-13 19:30 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-04-13 19:30 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-04-13 19:30 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-04-13 19:30 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-04-13 19:30 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-13 19:30 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-04-13 19:30 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-04-13 19:30 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-04-13 19:30 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-04-13 19:30 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-04-13 19:30 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-04-13 19:30 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-04-13 19:30 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-04-13 19:30 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-04-13 19:30 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-04-13 19:30 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-04-13 19:30 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-04-13 19:30 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-04-13 19:30 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-04-13 19:30 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-04-13 19:30 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-04-13 19:30 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-04-13 08:41 - 2016-04-13 08:41 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-04-13 08:41 - 2016-04-13 08:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-04-13 08:41 - 2016-04-13 08:41 - 00000000 ____D C:\ProgramData\Apple Computer
2016-04-13 08:41 - 2016-04-13 08:41 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-04-10 08:52 - 2016-04-10 17:30 - 00000000 ____D C:\Users\Lenka\Desktop\recepty
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-07 19:46 - 2012-03-30 18:15 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-05-07 19:42 - 2009-07-14 06:45 - 00022704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-07 19:42 - 2009-07-14 06:45 - 00022704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-07 14:08 - 2016-03-19 13:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-07 13:54 - 2010-09-09 23:01 - 00000000 ____D C:\Program Files (x86)\Intel
2016-05-07 13:53 - 2015-10-15 18:03 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-07 13:39 - 2010-09-09 23:23 - 00000000 ____D C:\ProgramData\PDFC
2016-05-07 13:38 - 2012-02-26 10:07 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-07 13:38 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-07 13:23 - 2011-04-05 14:22 - 00000000 ____D C:\Intel
2016-05-07 12:40 - 2014-08-02 10:26 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Seznam.cz
2016-05-07 12:36 - 2014-04-11 19:13 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\DropboxMaster
2016-05-07 12:36 - 2014-04-11 14:53 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Dropbox
2016-05-07 12:04 - 2012-07-07 11:07 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-05-07 08:06 - 2015-04-06 20:33 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-07 08:06 - 2015-04-06 20:33 - 00000000 ___SD C:\windows\system32\GWX
2016-05-06 19:18 - 2014-12-15 17:25 - 00000000 ____D C:\windows\system32\appraiser
2016-05-04 18:53 - 2010-09-09 23:18 - 00669132 _____ C:\windows\system32\perfh005.dat
2016-05-04 18:53 - 2010-09-09 23:18 - 00141760 _____ C:\windows\system32\perfc005.dat
2016-05-04 18:53 - 2009-07-14 07:13 - 01584626 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-04 18:53 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-05-03 19:07 - 2014-04-26 09:03 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2016-05-03 19:07 - 2014-01-13 20:29 - 00166432 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2016-05-03 19:07 - 2013-03-06 08:16 - 00287528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2016-05-03 19:07 - 2013-03-06 08:16 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2016-05-03 19:07 - 2012-02-26 10:04 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2016-05-03 19:07 - 2011-04-05 14:39 - 01070904 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2016-05-03 19:07 - 2011-04-05 14:39 - 00465792 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2016-05-03 19:07 - 2011-04-05 14:39 - 00107792 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2016-05-03 16:25 - 2012-02-26 10:10 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-03 16:25 - 2012-02-26 10:10 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-28 17:38 - 2013-05-27 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-21 15:05 - 2011-04-05 14:58 - 00453288 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-04-18 17:26 - 2015-11-09 13:05 - 00000000 ____D C:\Users\Lenka\Desktop\mišák filmy
2016-04-14 16:28 - 2011-04-05 14:38 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-14 16:27 - 2011-04-05 14:38 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-14 07:43 - 2011-04-05 23:10 - 00000000 ____D C:\windows\rescache
2016-04-14 06:03 - 2009-07-14 06:45 - 00420840 _____ C:\windows\system32\FNTCACHE.DAT
2016-04-13 20:21 - 2013-08-17 09:59 - 00000000 ____D C:\windows\system32\MRT
2016-04-13 20:15 - 2011-04-11 17:20 - 135176864 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-04-07 18:46 - 2012-03-30 18:15 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-07 18:46 - 2012-03-30 18:15 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-07 18:46 - 2012-03-30 18:15 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
==================== Files in the root of some directories =======
2011-04-20 19:29 - 2011-04-27 19:14 - 0001854 _____ () C:\Users\Lenka\AppData\Roaming\GhostObjGAFix.xml
2011-04-08 18:52 - 2011-09-14 16:57 - 0140391 _____ () C:\Users\Lenka\AppData\Roaming\mdbu.bin
2011-05-27 06:47 - 2011-05-27 06:47 - 0033134 _____ () C:\Users\Lenka\AppData\Roaming\UserTile.png
2011-04-05 18:31 - 2013-04-10 21:12 - 0001534 _____ () C:\Users\Lenka\AppData\Local\mbt-actwiz.log
2011-08-31 18:25 - 2011-10-30 19:53 - 0000088 __RSH () C:\ProgramData\3C1857ECAB.sys
2010-09-09 23:58 - 2010-09-09 23:58 - 0000193 _____ () C:\ProgramData\HPWALog.txt
2011-05-06 17:58 - 2011-10-30 19:53 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
Some files in TEMP:
====================
C:\Users\Lenka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvpyilz.dll
C:\Users\Lenka\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Lenka\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Lenka\AppData\Local\Temp\libeay32.dll
C:\Users\Lenka\AppData\Local\Temp\msvcr120.dll
C:\Users\Lenka\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-01 19:05
==================== End of FRST.txt ============================
Ran by Lenka (administrator) on LENKA-HP (07-05-2016 20:12:25)
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Tenda Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(PS Media s.r.o.) C:\Windows\SysWOW64\ssins.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7391632 2016-05-03] (AVAST Software)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-85297521-196536162-866879438-1001\...\MountPoints2: {43ad6891-ea35-11e2-a5b1-1cc1deab83fd} - H:\Autorun.exe
HKU\S-1-5-21-85297521-196536162-866879438-1001\...\MountPoints2: {4682ae48-66b2-11e0-a9c9-1cc1deab83fd} - E:\autoplay.exe
HKU\S-1-5-21-85297521-196536162-866879438-1001\...\MountPoints2: {501f4e7a-d656-11e2-a5e4-1cc1deab83fd} - D:\Autorun.exe
HKU\S-1-5-21-85297521-196536162-866879438-1001\...\MountPoints2: {501f4e88-d656-11e2-a5e4-1cc1deab83fd} - D:\Autorun.exe
HKU\S-1-5-21-85297521-196536162-866879438-1001\...\MountPoints2: {501f4e96-d656-11e2-a5e4-1cc1deab83fd} - H:\Autorun.exe
HKU\S-1-5-21-85297521-196536162-866879438-1001\...\MountPoints2: {501f4eb4-d656-11e2-a5e4-1cc1deab83fd} - D:\Autorun.exe
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-04-25] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-03] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Lenka\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Tenda Wireless Utility.lnk [2014-01-13]
ShortcutTarget: Tenda Wireless Utility.lnk -> C:\Program Files (x86)\Tenda\Common\RaUI.exe (Tenda Technology, Corp.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-85297521-196536162-866879438-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1A53CB29-2DC9-426A-8B97-8D4ED98DCBA3}: [NameServer]
Tcpip\..\Interfaces\{2B8C7773-AA60-4FC4-B424-08ADEA3A04BF}: [NameServer] 93.153.117.1 93.153.117.33
Tcpip\..\Interfaces\{9F72BD8E-107A-4D34-8733-0893D0C215F3}: [NameServer]
Tcpip\..\Interfaces\{DAF6C209-70D7-4A0B-8A65-BA4D05EDCDDA}: [DhcpNameServer] 177.67.82.22 8.8.8.8
Tcpip\..\Interfaces\{EE3E406D-D24E-4F28-A232-597E54A6B7C8}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-85297521-196536162-866879438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-85297521-196536162-866879438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-85297521-196536162-866879438-1001 -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-85297521-196536162-866879438-1001 -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-14] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25] (HP)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-14] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
FireFox:
========
FF ProfilePath: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: hxxps://www.seznam.cz
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\searchplugins\seznam-avast.xml [2015-03-02]
FF Extension: Adblock Plus - C:\Users\Lenka\AppData\Roaming\Mozilla\Firefox\Profiles\0uxd6xmu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-03]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Seznam Lištička - Email) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-03-01]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2014-09-13]
CHR Extension: (Avast Online Security) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-25]
CHR Extension: (Peněženka Google) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-06]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Lenka\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2014-09-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-14]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-03] (AVAST Software)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2010-09-25] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2010-09-25] (Macrovision Europe Ltd.) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [280120 2010-10-01] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MbnExt; C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll [419096 2015-08-25] (Gemfor s.r.o.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2782552 2010-05-03] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-11] (PDF Complete Inc)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [66872 2011-08-31] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\Tenda\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Tenda\Common\RaRegistry64.exe [454208 2011-03-31] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files (x86)\Tenda\Common\RaMediaServer.exe [621632 2011-03-04] ()
R2 ssinstall; C:\windows\SysWOW64\ssins.exe [2324216 2014-08-02] (PS Media s.r.o.)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-03] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2012-04-23] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2016-05-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [96384 2010-05-21] (Realtek Semiconductor Corp.)
R3 semav6msr64; C:\windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2011-04-14] () [File not signed]
U3 ahk0fizf; C:\Windows\System32\Drivers\ahk0fizf.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-07 20:12 - 2016-05-07 20:12 - 00021255 _____ C:\Users\Lenka\Desktop\FRST.txt
2016-05-07 20:11 - 2016-05-07 20:12 - 00000000 ____D C:\FRST
2016-05-07 20:11 - 2016-05-07 20:11 - 02379264 _____ (Farbar) C:\Users\Lenka\Desktop\FRST64.exe
2016-05-07 19:56 - 2016-05-07 19:56 - 00001187 _____ C:\Users\Lenka\Desktop\mba.txt
2016-05-07 13:57 - 2016-05-07 13:57 - 00000000 ____D C:\Users\Lenka\AppData\Local\Intel
2016-05-07 13:56 - 2016-05-07 13:56 - 00003036 _____ C:\windows\System32\Tasks\USER_ESRV_SVC_WILLAMETTE
2016-05-07 13:56 - 2016-05-07 13:56 - 00001170 _____ C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.5.lnk
2016-05-07 13:56 - 2016-05-07 13:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-05-07 13:56 - 2016-05-07 13:56 - 00000000 ____D C:\ProgramData\Intel
2016-05-07 13:56 - 2016-05-07 13:56 - 00000000 ____D C:\Program Files\Intel
2016-05-07 13:56 - 2016-03-09 20:43 - 00021984 _____ C:\windows\system32\Drivers\semav6msr64.sys
2016-05-07 13:55 - 2016-05-07 13:55 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2016-05-07 13:54 - 2016-05-07 13:54 - 00000000 ____D C:\windows\System32\Tasks\Intel
2016-05-07 12:48 - 2016-05-07 16:58 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-07 12:48 - 2016-05-07 12:51 - 00001098 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-05-07 12:48 - 2016-05-07 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-05-07 12:47 - 2016-05-07 13:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-05-07 12:47 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2016-05-07 12:47 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2016-05-07 12:47 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2016-05-07 12:39 - 2016-05-07 12:45 - 00000000 ____D C:\windows\pss
2016-05-07 11:52 - 2016-05-07 11:57 - 00000000 ____D C:\AdwCleaner
2016-05-07 11:46 - 2016-05-07 11:46 - 00000874 _____ C:\windows\system32\Drivers\etc\hosts.txt
2016-05-07 11:46 - 2016-05-07 11:46 - 00000874 _____ C:\Users\Lenka\Documents\hosts.txt
2016-05-07 11:36 - 2016-05-07 11:36 - 03615296 _____ C:\Users\Lenka\Desktop\adwcleaner_5.115.exe
2016-05-07 10:03 - 2016-05-07 10:04 - 00000000 ____D C:\rsit
2016-05-07 10:03 - 2016-05-07 10:04 - 00000000 ____D C:\Program Files\trend micro
2016-05-04 15:48 - 2016-05-06 19:19 - 00000332 _____ C:\windows\Tasks\HPCeeScheduleForLenka.job
2016-05-04 15:48 - 2016-05-04 15:48 - 00003186 _____ C:\windows\System32\Tasks\HPCeeScheduleForLenka
2016-05-03 20:01 - 2016-05-03 20:01 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-05-03 20:01 - 2016-05-03 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-05-03 20:00 - 2016-05-03 19:07 - 00398152 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2016-05-03 19:07 - 2016-05-03 19:07 - 00052184 _____ (AVAST Software) C:\windows\avastSS.scr
2016-04-18 16:24 - 2016-04-18 16:25 - 00000000 ____D C:\Users\Lenka\Desktop\MOST II
2016-04-14 16:34 - 2016-05-03 20:01 - 00003880 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1460644414
2016-04-14 16:33 - 2016-04-14 16:33 - 00000997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-04-14 16:29 - 2016-05-03 19:07 - 00037144 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2016-04-13 19:33 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-04-13 19:33 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-04-13 19:33 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-04-13 19:33 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-04-13 19:33 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-04-13 19:33 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-04-13 19:33 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-04-13 19:33 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-04-13 19:33 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-04-13 19:33 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-04-13 19:33 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-04-13 19:33 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-04-13 19:33 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-04-13 19:33 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-13 19:33 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-04-13 19:33 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-04-13 19:33 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-04-13 19:33 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-04-13 19:33 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-04-13 19:33 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-04-13 19:33 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-04-13 19:33 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-04-13 19:33 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-04-13 19:33 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-04-13 19:33 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-04-13 19:33 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-04-13 19:33 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-04-13 19:33 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-04-13 19:33 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-04-13 19:33 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-04-13 19:33 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-04-13 19:33 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-04-13 19:33 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-04-13 19:33 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-04-13 19:33 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-04-13 19:33 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-04-13 19:33 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-04-13 19:33 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-04-13 19:33 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-04-13 19:33 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-04-13 19:33 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-04-13 19:33 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-04-13 19:33 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-04-13 19:33 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-04-13 19:33 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-04-13 19:33 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-04-13 19:33 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-04-13 19:33 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-04-13 19:33 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-04-13 19:33 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-04-13 19:33 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-04-13 19:33 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-04-13 19:33 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-04-13 19:33 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-13 19:33 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-13 19:33 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-13 19:33 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-13 19:33 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-04-13 19:33 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-13 19:33 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-04-13 19:33 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-04-13 19:32 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-04-13 19:32 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-04-13 19:32 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-04-13 19:32 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-04-13 19:32 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-04-13 19:32 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-04-13 19:32 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-04-13 19:32 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 19:32 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 19:32 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-04-13 19:32 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-04-13 19:32 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-04-13 19:32 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-04-13 19:32 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-04-13 19:32 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-04-13 19:32 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-04-13 19:32 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-04-13 19:32 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 19:32 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 19:32 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 19:32 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 19:32 - 2016-02-05 21:03 - 00147904 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2016-04-13 19:32 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2016-04-13 19:32 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2016-04-13 19:32 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2016-04-13 19:32 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-04-13 19:32 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-04-13 19:31 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-04-13 19:31 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-04-13 19:31 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-04-13 19:31 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-04-13 19:31 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-04-13 19:31 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-04-13 19:31 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-04-13 19:31 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-04-13 19:31 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-04-13 19:31 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-04-13 19:31 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2016-04-13 19:31 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-04-13 19:31 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-04-13 19:30 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-04-13 19:30 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-04-13 19:30 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-04-13 19:30 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-04-13 19:30 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-04-13 19:30 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-04-13 19:30 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-04-13 19:30 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-04-13 19:30 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-04-13 19:30 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-04-13 19:30 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-04-13 19:30 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-04-13 19:30 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-04-13 19:30 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-04-13 19:30 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-04-13 19:30 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-04-13 19:30 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-04-13 19:30 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-04-13 19:30 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-04-13 19:30 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-04-13 19:30 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-04-13 19:30 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-04-13 19:30 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-04-13 19:30 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 19:30 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-04-13 19:30 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-04-13 19:30 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-04-13 19:30 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-04-13 19:30 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-04-13 19:30 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-04-13 19:30 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-04-13 19:30 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-04-13 19:30 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-04-13 19:30 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-04-13 19:30 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-04-13 19:30 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-04-13 19:30 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-04-13 19:30 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-04-13 19:30 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-04-13 19:30 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-04-13 19:30 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-04-13 19:30 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-04-13 19:30 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-04-13 19:30 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-04-13 19:30 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-04-13 19:30 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-04-13 19:30 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-04-13 19:30 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-04-13 19:30 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-13 19:30 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-04-13 19:30 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-04-13 19:30 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-04-13 19:30 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-04-13 19:30 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-04-13 19:30 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-04-13 19:30 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-04-13 19:30 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-04-13 19:30 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-04-13 19:30 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-04-13 19:30 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-04-13 19:30 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-04-13 19:30 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-04-13 19:30 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-04-13 19:30 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-04-13 19:30 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-04-13 19:30 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-04-13 08:41 - 2016-04-13 08:41 - 00001845 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-04-13 08:41 - 2016-04-13 08:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-04-13 08:41 - 2016-04-13 08:41 - 00000000 ____D C:\ProgramData\Apple Computer
2016-04-13 08:41 - 2016-04-13 08:41 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-04-10 08:52 - 2016-04-10 17:30 - 00000000 ____D C:\Users\Lenka\Desktop\recepty
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-07 19:46 - 2012-03-30 18:15 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-05-07 19:42 - 2009-07-14 06:45 - 00022704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-07 19:42 - 2009-07-14 06:45 - 00022704 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-07 14:08 - 2016-03-19 13:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-07 13:54 - 2010-09-09 23:01 - 00000000 ____D C:\Program Files (x86)\Intel
2016-05-07 13:53 - 2015-10-15 18:03 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-07 13:39 - 2010-09-09 23:23 - 00000000 ____D C:\ProgramData\PDFC
2016-05-07 13:38 - 2012-02-26 10:07 - 00000948 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-07 13:38 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-05-07 13:23 - 2011-04-05 14:22 - 00000000 ____D C:\Intel
2016-05-07 12:40 - 2014-08-02 10:26 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Seznam.cz
2016-05-07 12:36 - 2014-04-11 19:13 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\DropboxMaster
2016-05-07 12:36 - 2014-04-11 14:53 - 00000000 ____D C:\Users\Lenka\AppData\Roaming\Dropbox
2016-05-07 12:04 - 2012-07-07 11:07 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update
2016-05-07 08:06 - 2015-04-06 20:33 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-07 08:06 - 2015-04-06 20:33 - 00000000 ___SD C:\windows\system32\GWX
2016-05-06 19:18 - 2014-12-15 17:25 - 00000000 ____D C:\windows\system32\appraiser
2016-05-04 18:53 - 2010-09-09 23:18 - 00669132 _____ C:\windows\system32\perfh005.dat
2016-05-04 18:53 - 2010-09-09 23:18 - 00141760 _____ C:\windows\system32\perfc005.dat
2016-05-04 18:53 - 2009-07-14 07:13 - 01584626 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-04 18:53 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-05-03 19:07 - 2014-04-26 09:03 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2016-05-03 19:07 - 2014-01-13 20:29 - 00166432 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2016-05-03 19:07 - 2013-03-06 08:16 - 00287528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2016-05-03 19:07 - 2013-03-06 08:16 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2016-05-03 19:07 - 2012-02-26 10:04 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2016-05-03 19:07 - 2011-04-05 14:39 - 01070904 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2016-05-03 19:07 - 2011-04-05 14:39 - 00465792 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2016-05-03 19:07 - 2011-04-05 14:39 - 00107792 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2016-05-03 16:25 - 2012-02-26 10:10 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-03 16:25 - 2012-02-26 10:10 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-28 17:38 - 2013-05-27 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-21 15:05 - 2011-04-05 14:58 - 00453288 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2016-04-18 17:26 - 2015-11-09 13:05 - 00000000 ____D C:\Users\Lenka\Desktop\mišák filmy
2016-04-14 16:28 - 2011-04-05 14:38 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-14 16:27 - 2011-04-05 14:38 - 00000000 ____D C:\Program Files\AVAST Software
2016-04-14 07:43 - 2011-04-05 23:10 - 00000000 ____D C:\windows\rescache
2016-04-14 06:03 - 2009-07-14 06:45 - 00420840 _____ C:\windows\system32\FNTCACHE.DAT
2016-04-13 20:21 - 2013-08-17 09:59 - 00000000 ____D C:\windows\system32\MRT
2016-04-13 20:15 - 2011-04-11 17:20 - 135176864 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-04-07 18:46 - 2012-03-30 18:15 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-07 18:46 - 2012-03-30 18:15 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-07 18:46 - 2012-03-30 18:15 - 00003852 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
==================== Files in the root of some directories =======
2011-04-20 19:29 - 2011-04-27 19:14 - 0001854 _____ () C:\Users\Lenka\AppData\Roaming\GhostObjGAFix.xml
2011-04-08 18:52 - 2011-09-14 16:57 - 0140391 _____ () C:\Users\Lenka\AppData\Roaming\mdbu.bin
2011-05-27 06:47 - 2011-05-27 06:47 - 0033134 _____ () C:\Users\Lenka\AppData\Roaming\UserTile.png
2011-04-05 18:31 - 2013-04-10 21:12 - 0001534 _____ () C:\Users\Lenka\AppData\Local\mbt-actwiz.log
2011-08-31 18:25 - 2011-10-30 19:53 - 0000088 __RSH () C:\ProgramData\3C1857ECAB.sys
2010-09-09 23:58 - 2010-09-09 23:58 - 0000193 _____ () C:\ProgramData\HPWALog.txt
2011-05-06 17:58 - 2011-10-30 19:53 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
Some files in TEMP:
====================
C:\Users\Lenka\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvpyilz.dll
C:\Users\Lenka\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Lenka\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Lenka\AppData\Local\Temp\libeay32.dll
C:\Users\Lenka\AppData\Local\Temp\msvcr120.dll
C:\Users\Lenka\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-01 19:05
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (10.05 KiB) Staženo 48 x
Re: preventivně
Napiste mi velikost adresare plochy. Vypnete trvale Windows Defender. Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-85297521-196536162-866879438-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-85297521-196536162-866879438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-85297521-196536162-866879438-1001 -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-85297521-196536162-866879438-1001 -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CMNTDF&pc=CMNTDF&src=IE-SearchBox
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [2016-03-11 293128]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-05-03 2782552]
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivně
Napiste mi velikost adresare plochy. To zjistím jak?
Re: preventivně
Fix result of Farbar Recovery Scan Tool (x64) Version:07-05-2016
Ran by Lenka (2016-05-07 20:42:24) Run:1
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-85297521-196536162-866879438-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-85297521-196536162-866879438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-85297521-196536162-866879438-1001 -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-85297521-196536162-866879438-1001 -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [2016-03-11 293128]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-05-03 2782552]
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-85297521-196536162-866879438-1001\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-85297521-196536162-866879438-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EFD90A5C-C40F-45D9-92AB-A3DAE671237A}" => key removed successfully
HKCR\CLSID\{EFD90A5C-C40F-45D9-92AB-A3DAE671237A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EFD90A5C-C40F-45D9-92AB-A3DAE671237A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{EFD90A5C-C40F-45D9-92AB-A3DAE671237A} => key not found.
HKU\S-1-5-21-85297521-196536162-866879438-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-85297521-196536162-866879438-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EFD90A5C-C40F-45D9-92AB-A3DAE671237A}" => key removed successfully
HKCR\CLSID\{EFD90A5C-C40F-45D9-92AB-A3DAE671237A} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
"HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully
"HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully
"HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully
C:\windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
AdobeARMservice => service removed successfully
BBUpdate => service removed successfully
BBSvc => service removed successfully
gupdate => service removed successfully
SkypeUpdate => service removed successfully
gupdatem => service removed successfully
McComponentHostService => service not found.
NOBU => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 859.8 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 20:45:48 ====
Ran by Lenka (2016-05-07 20:42:24) Run:1
Running from C:\Users\Lenka\Desktop
Loaded Profiles: Lenka (Available Profiles: Lenka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-85297521-196536162-866879438-1001\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKU\S-1-5-21-85297521-196536162-866879438-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com
SearchScopes: HKLM -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-85297521-196536162-866879438-1001 -> DefaultScope {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-85297521-196536162-866879438-1001 -> {EFD90A5C-C40F-45D9-92AB-A3DAE671237A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [2016-03-11 293128]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-05-03 2782552]
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKU\S-1-5-21-85297521-196536162-866879438-1001\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-85297521-196536162-866879438-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EFD90A5C-C40F-45D9-92AB-A3DAE671237A}" => key removed successfully
HKCR\CLSID\{EFD90A5C-C40F-45D9-92AB-A3DAE671237A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{EFD90A5C-C40F-45D9-92AB-A3DAE671237A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{EFD90A5C-C40F-45D9-92AB-A3DAE671237A} => key not found.
HKU\S-1-5-21-85297521-196536162-866879438-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-85297521-196536162-866879438-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EFD90A5C-C40F-45D9-92AB-A3DAE671237A}" => key removed successfully
HKCR\CLSID\{EFD90A5C-C40F-45D9-92AB-A3DAE671237A} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
"HKCR\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => key removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully
"HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value removed successfully
"HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => key removed successfully
C:\windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
AdobeARMservice => service removed successfully
BBUpdate => service removed successfully
BBSvc => service removed successfully
gupdate => service removed successfully
SkypeUpdate => service removed successfully
gupdatem => service removed successfully
McComponentHostService => service not found.
NOBU => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 859.8 MB temporary data Removed.
The system needed a reboot.
==== End of Fixlog 20:45:48 ====
Re: preventivně
Kliknete na Pocitac, disk C, Users, Lenka, a tam bude adresar Plocha (pripadne Desktop). Na ten kliknete pravym mysidlem a levym na Vlastnosti. Vyskoci okno, kde budou nejake informace vcetne velikosti. Tu mi napiste.ubas píše:Napiste mi velikost adresare plochy. To zjistím jak?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Re: preventivně
ubas píše:70,4GB
Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku 
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak to s pc vypada.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?