Ahoj,
ještě zasílám k prev. kontrole log z 2. ntb. Děkuji.
Logfile of random's system information tool 1.10 (written by random/random)
Run by oempc at 2016-07-19 15:47:25
Microsoft Windows 8.1
System drive C: has 373 GB (81%) free of 462 GB
Total RAM: 3911 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:47:31, on 19. 7. 2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\oempc.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: EgisPBIE - {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} - C:\Program Files\Acer ProShield\x86\EgisPBIE.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: Broadcom Card Reader Service (BrcmCardReader) - Broadcom Corp. - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: EgisTec eLock Service (eLockServ) - Egis Technology Inc. - C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9101 bytes
======Listing Processes======
wininit.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe"
"C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {526ad56e-29f7-4434-94fe3d247ebccc14}
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\Windows\RfBtnSvc64.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe"
taskeng.exe {99F02FC0-E7E9-40E9-A72D-2AB02B707BD9}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"c:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
"C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe"
C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
C:\WINDOWS\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {9BA05972-F6A8-11CF-A442-00A0C90A8F39} -Embedding
taskhostex.exe
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\WINDOWS\system32\igfxext.exe -Embedding
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\WINDOWS\system32\GWX\GWX.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files (x86)\RadioController\RfBtnHelper.exe" HigherRFButtonHelper
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer ProShield\EgisTSR.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
"C:\Program Files\WindowsApps\Microsoft.Reader_6.4.9926.18339_x64__8wekyb3d8bbwe\glcnd.exe" -ServerName:Microsoft.Reader.AppXtszmc7avrx02s7n8gch63tzwg517wd9k.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe18_ Global\UsGthrCtrlFltPipeMssGthrPipe18 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 580 584 592 65536 588
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
"C:\Users\oempc\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-01-28 66688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-14 952952]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9}]
EgisPBIE Sign-in Helper - C:\Program Files\Acer ProShield\x86\EgisPBIE.dll [2013-04-24 531944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-14 716632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-11-20 2873744]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-06-11 12503184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-10-01 448912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe []
"Persistence"=C:\Windows\system32\igfxpers.exe []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2013-01-28 132736]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey []
"LManager"= []
"RadioController"=C:\Program Files (x86)\RadioController\RfBtnHelper.exe [2013-09-29 111216]
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2012-08-15 2994880]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-07-14 8900328]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2013-01-28 132736]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLinkedConnections"=1
"DisableCAD"=1
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"midi3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-19 15:47:25 ----D---- C:\rsit
2016-07-19 15:47:25 ----D---- C:\Program Files\trend micro
2016-07-16 12:54:34 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2016-07-14 19:38:00 ----A---- C:\WINDOWS\SYSWOW64\msvcr120_clr0400.dll
2016-07-14 19:38:00 ----A---- C:\WINDOWS\SYSWOW64\msvcp120_clr0400.dll
2016-07-14 19:38:00 ----A---- C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-07-14 19:38:00 ----A---- C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-07-14 19:02:37 ----A---- C:\WINDOWS\system32\appraiser.dll
2016-07-14 19:02:37 ----A---- C:\WINDOWS\system32\aepic.dll
2016-07-14 19:02:37 ----A---- C:\WINDOWS\system32\aeinv.dll
2016-07-14 19:02:36 ----A---- C:\WINDOWS\system32\invagent.dll
2016-07-14 19:02:36 ----A---- C:\WINDOWS\system32\generaltel.dll
2016-07-14 19:02:36 ----A---- C:\WINDOWS\system32\devinv.dll
2016-07-14 19:02:36 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-14 19:02:36 ----A---- C:\WINDOWS\system32\centel.dll
2016-07-14 19:02:36 ----A---- C:\WINDOWS\system32\acmigration.dll
2016-07-14 19:02:33 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-07-14 19:02:33 ----A---- C:\WINDOWS\system32\localspl.dll
2016-07-14 19:02:32 ----A---- C:\WINDOWS\SYSWOW64\puiapi.dll
2016-07-14 19:02:32 ----A---- C:\WINDOWS\SYSWOW64\DafPrintProvider.dll
2016-07-14 19:02:31 ----A---- C:\WINDOWS\system32\puiobj.dll
2016-07-14 19:02:31 ----A---- C:\WINDOWS\system32\ntprint.dll
2016-07-14 19:02:31 ----A---- C:\WINDOWS\system32\inetpp.dll
2016-07-14 19:02:30 ----A---- C:\WINDOWS\SYSWOW64\puiobj.dll
2016-07-14 19:02:30 ----A---- C:\WINDOWS\system32\puiapi.dll
2016-07-14 19:02:30 ----A---- C:\WINDOWS\system32\DafPrintProvider.dll
2016-07-14 19:02:29 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2016-07-14 19:02:23 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-07-14 19:01:57 ----A---- C:\WINDOWS\system32\poqexec.exe
2016-07-14 19:01:53 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2016-07-14 19:01:41 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-07-14 19:01:39 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2016-07-14 19:01:34 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-07-14 19:01:33 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2016-07-14 19:01:33 ----A---- C:\WINDOWS\system32\jscript9.dll
2016-07-14 19:01:32 ----A---- C:\WINDOWS\system32\wininet.dll
2016-07-14 19:01:31 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2016-07-14 19:01:31 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2016-07-14 19:01:30 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2016-07-14 19:01:30 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-07-14 19:01:30 ----A---- C:\WINDOWS\system32\iertutil.dll
2016-07-14 19:01:29 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2016-07-14 19:01:29 ----A---- C:\WINDOWS\system32\vbscript.dll
2016-07-14 19:01:28 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2016-07-14 19:01:27 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2016-07-14 19:01:27 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2016-07-14 19:01:27 ----A---- C:\WINDOWS\system32\msfeeds.dll
2016-07-14 19:01:27 ----A---- C:\WINDOWS\system32\dxtrans.dll
2016-07-14 19:01:25 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2016-07-14 19:01:24 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2016-07-14 19:01:23 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2016-07-14 19:01:23 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2016-07-14 19:01:23 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2016-07-14 19:01:23 ----A---- C:\WINDOWS\system32\webcheck.dll
2016-07-14 19:01:23 ----A---- C:\WINDOWS\system32\iepeers.dll
2016-07-14 19:01:22 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2016-07-14 19:01:22 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2016-07-14 19:01:22 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2016-07-14 19:01:22 ----A---- C:\WINDOWS\system32\mshtmled.dll
2016-07-14 19:01:22 ----A---- C:\WINDOWS\system32\jscript.dll
2016-07-14 19:01:22 ----A---- C:\WINDOWS\system32\inetcomm.dll
2016-07-14 19:01:21 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2016-07-14 19:01:21 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2016-07-14 18:59:43 ----A---- C:\WINDOWS\system32\win32k.sys
2016-07-14 16:41:54 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2016-07-14 16:41:28 ----A---- C:\WINDOWS\system32\aswBoot.exe
2016-07-14 16:40:53 ----A---- C:\WINDOWS\avastSS.scr
2016-06-23 10:51:53 ----A---- C:\WINDOWS\system32\twinui.dll
2016-06-23 10:51:52 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2016-06-23 10:50:08 ----A---- C:\WINDOWS\system32\pcasvc.dll
2016-06-23 10:50:06 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2016-06-23 10:50:06 ----A---- C:\WINDOWS\SYSWOW64\authui.dll
2016-06-23 10:50:06 ----A---- C:\WINDOWS\system32\msi.dll
2016-06-23 10:50:06 ----A---- C:\WINDOWS\system32\authui.dll
2016-06-23 10:50:05 ----A---- C:\WINDOWS\system32\consent.exe
2016-06-23 10:50:05 ----A---- C:\WINDOWS\system32\appinfo.dll
2016-06-22 22:25:11 ----A---- C:\WINDOWS\SYSWOW64\certcli.dll
2016-06-22 22:25:11 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2016-06-22 22:25:11 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2016-06-22 22:25:11 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2016-06-22 22:25:11 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2016-06-22 22:25:11 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2016-06-22 22:25:11 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2016-06-22 22:25:11 ----A---- C:\WINDOWS\system32\certcli.dll
2016-06-22 22:25:11 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-22 22:25:10 ----A---- C:\WINDOWS\SYSWOW64\glcndFilter.dll
2016-06-22 22:25:10 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-22 22:25:10 ----A---- C:\WINDOWS\system32\glcndFilter.dll
2016-06-22 22:25:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2016-06-22 22:25:09 ----A---- C:\WINDOWS\SYSWOW64\StructuredQuery.dll
2016-06-22 22:25:09 ----A---- C:\WINDOWS\system32\StructuredQuery.dll
2016-06-22 22:25:08 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2016-06-22 22:25:08 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2016-06-22 22:25:08 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-06-22 22:25:08 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-06-22 22:25:07 ----A---- C:\WINDOWS\system32\gpsvc.dll
2016-06-22 22:25:06 ----A---- C:\WINDOWS\system32\polstore.dll
2016-06-22 22:25:06 ----A---- C:\WINDOWS\system32\gpapi.dll
2016-06-22 22:25:05 ----A---- C:\WINDOWS\SYSWOW64\polstore.dll
2016-06-22 22:25:05 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2016-06-22 22:25:05 ----A---- C:\WINDOWS\SYSWOW64\FwRemoteSvr.dll
2016-06-22 22:25:05 ----A---- C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-22 22:25:05 ----A---- C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-22 22:24:02 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2016-06-22 22:24:02 ----A---- C:\WINDOWS\system32\gdi32.dll
2016-06-22 22:24:01 ----A---- C:\WINDOWS\SYSWOW64\ws2_32.dll
2016-06-22 22:24:01 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2016-06-22 22:24:01 ----A---- C:\WINDOWS\SYSWOW64\mswsock.dll
2016-06-22 22:24:01 ----A---- C:\WINDOWS\system32\ws2_32.dll
2016-06-22 22:24:01 ----A---- C:\WINDOWS\system32\winhttp.dll
2016-06-22 22:24:01 ----A---- C:\WINDOWS\system32\mswsock.dll
2016-06-22 22:24:01 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
======List of files/folders modified in the last 1 month======
2016-07-19 15:47:25 ----RD---- C:\Program Files
2016-07-19 15:40:07 ----D---- C:\WINDOWS\Prefetch
2016-07-19 15:35:27 ----D---- C:\WINDOWS\Temp
2016-07-19 15:33:53 ----D---- C:\WINDOWS\Inf
2016-07-19 15:33:48 ----D---- C:\WINDOWS\system32\sru
2016-07-17 16:52:24 ----RD---- C:\WINDOWS\System32
2016-07-17 16:52:24 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-17 16:16:11 ----HD---- C:\ProgramData
2016-07-17 15:45:25 ----D---- C:\WINDOWS\SysWOW64
2016-07-16 13:09:31 ----D---- C:\WINDOWS\system32\config
2016-07-16 12:57:35 ----A---- C:\WINDOWS\SYSWOW64\log.txt
2016-07-16 12:54:47 ----D---- C:\WINDOWS\Microsoft.NET
2016-07-16 12:54:40 ----D---- C:\WINDOWS\WinSxS
2016-07-16 12:54:02 ----D---- C:\WINDOWS\system32\Tasks
2016-07-16 12:50:47 ----D---- C:\WINDOWS\system32\drivers
2016-07-15 09:44:48 ----D---- C:\WINDOWS\system32\wbem
2016-07-15 09:44:47 ----RD---- C:\WINDOWS\ToastData
2016-07-15 09:44:45 ----D---- C:\WINDOWS\system32\appraiser
2016-07-15 09:44:43 ----D---- C:\Program Files\Windows Journal
2016-07-15 09:44:40 ----D---- C:\WINDOWS\system32\CodeIntegrity
2016-07-15 09:44:39 ----D---- C:\WINDOWS\SYSWOW64\en-US
2016-07-15 09:44:39 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2016-07-15 09:44:39 ----D---- C:\Program Files\Internet Explorer
2016-07-15 09:44:39 ----D---- C:\Program Files (x86)\Internet Explorer
2016-07-15 09:44:38 ----D---- C:\WINDOWS\system32\en-US
2016-07-15 09:44:38 ----D---- C:\WINDOWS\system32\cs-CZ
2016-07-14 19:46:49 ----D---- C:\WINDOWS\CbsTemp
2016-07-14 19:45:40 ----D---- C:\WINDOWS\system32\MRT
2016-07-14 19:40:53 ----A---- C:\WINDOWS\system32\MRT.exe
2016-07-14 19:35:45 ----SHD---- C:\System Volume Information
2016-07-14 18:59:19 ----D---- C:\WINDOWS\system32\catroot2
2016-07-14 16:41:54 ----D---- C:\WINDOWS\system32\DriverStore
2016-07-14 16:41:26 ----D---- C:\Windows
2016-07-14 16:41:24 ----D---- C:\ProgramData\AVAST Software
2016-07-14 16:40:19 ----D---- C:\Program Files\AVAST Software
2016-07-14 16:28:02 ----D---- C:\WINDOWS\AppReadiness
2016-06-26 12:13:30 ----D---- C:\WINDOWS\rescache
2016-06-26 12:03:24 ----D---- C:\WINDOWS\Logs
2016-06-26 11:43:38 ----HD---- C:\Program Files\WindowsApps
2016-06-25 18:41:44 ----D---- C:\WINDOWS\apppatch
2016-06-23 12:00:13 ----SHD---- C:\WINDOWS\Installer
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2016-07-14 74544]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2016-07-14 290088]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2012-08-16 645952]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2016-07-14 37144]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2016-07-14 103064]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2016-07-14 1070904]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2016-07-14 473592]
R1 ccSet_NARA;NARA Settings Manager; C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [2012-05-26 168608]
R1 eLock2BurnerLockDriver;Disk Performance Monitor Filter Driver; C:\WINDOWS\system32\DRIVERS\eLock2BurnerLockDriver.sys [2013-09-29 20072]
R1 mwlPSDFilter;mwlPSDFilter; C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys [2013-09-29 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys [2013-09-29 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys [2013-09-29 62776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2016-07-14 37656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2016-07-14 108304]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2016-07-14 162904]
R2 eLock2FSCTLDriver;eLock2FSCTLDriver; C:\WINDOWS\system32\DRIVERS\eLock2FSCTLDriver.sys [2013-09-29 26264]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athw8x.sys [2013-06-18 3680256]
R3 b57xdbd;@oem20.inf,%bcmxd_16bf_svcd%;Broadcom xD Picture Bus Driver Service; C:\WINDOWS\System32\drivers\b57xdbd.sys [2012-08-13 72280]
R3 b57xdmp;@oem20.inf,%BXD_SVCDESC%;Broadcom xD Picture vstorp client drv; C:\WINDOWS\System32\drivers\b57xdmp.sys [2012-08-13 21080]
R3 bScsiMSa;bScsiMSa; C:\WINDOWS\System32\drivers\bScsiMSa.sys [2012-06-19 55384]
R3 bScsiSDa;bScsiSDa; C:\WINDOWS\System32\drivers\bScsiSDa.sys [2012-08-14 70744]
R3 BTATH_HCRP;@oem11.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-01-28 179432]
R3 BTATH_RCP;@oem14.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-01-28 136424]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2014-04-28 599240]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-09-24 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 ETD;@oem3.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2012-11-20 331152]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2014-10-01 3828152]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 IntcDAud;@oem17.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iwdbus;@oem25.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2014-08-01 27032]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984]
R3 MEIx64;@oem21.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\HECIx64.sys [2012-07-03 62784]
R3 Ps2Kb2Hid;@oem22.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [2013-09-29 26736]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys []
S3 AthBTPort;@oem9.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-01-28 89168]
S3 BTATH_A2DP;@oem8.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-01-28 346192]
S3 btath_avdt;@oem8.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-01-28 115280]
S3 BTATH_LWFLT;@oem21.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-01-28 77464]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 intaud_WaveExtensible;@oem24.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2014-08-01 38296]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2013-01-28 227456]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-07-14 197128]
R2 BrcmCardReader;Broadcom Card Reader Service; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [2012-08-21 176640]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-12-10 350544]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2014-10-01 319376]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2010-05-21 110736]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-07-18 165760]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-18 276864]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 NAUpdate;Nero Update; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-08-15 3943104]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2013-09-29 96880]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-18 364416]
R3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [2013-04-24 222184]
R3 eLockServ;EgisTec eLock Service; C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe [2013-04-23 24552]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2013-03-16 662088]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
S3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe []
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2014-10-01 281488]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-11-16 469648]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola logu - ntb č.2
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Per_rhexin
- Návštěvník
- Příspěvky: 17
- Registrován: 18 črc 2016 13:27
Re: Preventivní kontrola logu - ntb č.2
Zdravim 
Jde ciste jen o prevenci, nebo je i nejaky problem?
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Jde ciste jen o prevenci, nebo je i nejaky problem? Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
Per_rhexin
- Návštěvník
- Příspěvky: 17
- Registrován: 18 črc 2016 13:27
Re: Preventivní kontrola logu - ntb č.2
S počítačem v současné době žádné potíže nejsou, jde o preventivní kontrolu - ntb používají převážně rodiče, dost často se na něm užívá internetbanking - takže chci mít jistotu . Přikládám log z AdwCleaneru:
# AdwCleaner v5.201 - Log vytvořen 20/07/2016 v 22:00:11
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-19.2 [Server]
# Operační system : Windows 8.1 (X64)
# Uživatelské jméno : oempc - OEM
# Spuštěno z : C:\Users\oempc\Desktop\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
[-] Složka Smazáno : C:\Users\oempc\AppData\Local\FileViewPro
[-] Složka Smazáno : C:\Program Files\FileViewPro
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileViewPro_is1
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1057 bytů] - [20/07/2016 22:00:11]
C:\AdwCleaner\AdwCleaner[S1].txt - [1090 bytů] - [20/07/2016 21:58:14]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1203 bytů] ##########
. Přikládám log z AdwCleaneru:# AdwCleaner v5.201 - Log vytvořen 20/07/2016 v 22:00:11
# Aktualizováno 30/06/2016 by ToolsLib
# Databáze : 2016-07-19.2 [Server]
# Operační system : Windows 8.1 (X64)
# Uživatelské jméno : oempc - OEM
# Spuštěno z : C:\Users\oempc\Desktop\adwcleaner_5.201.exe
# Nastavení : Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
[-] Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileViewPro
[-] Složka Smazáno : C:\Users\oempc\AppData\Local\FileViewPro
[-] Složka Smazáno : C:\Program Files\FileViewPro
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úlohy ] *****
***** [ Registry ] *****
[-] Klíč Smazáno : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileViewPro_is1
***** [ Prohlížeče ] *****
*************************
:: "Tracing" klíče smazány
:: Nastavení Winsock vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [1057 bytů] - [20/07/2016 22:00:11]
C:\AdwCleaner\AdwCleaner[S1].txt - [1090 bytů] - [20/07/2016 21:58:14]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1203 bytů] ##########
-
Per_rhexin
- Návštěvník
- Příspěvky: 17
- Registrován: 18 črc 2016 13:27
Re: Preventivní kontrola logu - ntb č.2
Log z Malwarebytes:
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenování: 20. 7. 2016
Čas skenování: 22:11
Protokol: log.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.07.20.11
Databáze rootkitů: v2016.05.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: oempc
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 542709
Uplynulý čas: 12 hod, 51 min, 49 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Optional.Solvusoft, C:\AdwCleaner\FileQuarantine\C\Program Files\FileViewPro\FileViewPro.exe.vir, , [2724998dd5c5ef470587b13aba47ef11],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Datum skenování: 20. 7. 2016
Čas skenování: 22:11
Protokol: log.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.07.20.11
Databáze rootkitů: v2016.05.27.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: oempc
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 542709
Uplynulý čas: 12 hod, 51 min, 49 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 1
PUP.Optional.Solvusoft, C:\AdwCleaner\FileQuarantine\C\Program Files\FileViewPro\FileViewPro.exe.vir, , [2724998dd5c5ef470587b13aba47ef11],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: Preventivní kontrola logu - ntb č.2
MBAM muzete odinstalovat. Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach (Kdyby nesel Launcher stahnout, dejte logy jen ze samotneho FRST, tedy bez pouziti Launcheru)
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
Per_rhexin
- Návštěvník
- Příspěvky: 17
- Registrován: 18 črc 2016 13:27
Re: Preventivní kontrola logu - ntb č.2
FRSTLauncher se mi nepodařilo stáhnout, zasílám získané logy:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-07-2016
Ran by oempc (administrator) on OEM (21-07-2016 20:10:24)
Running from C:\Users\oempc\Desktop
Loaded Profiles: oempc (Available Profiles: oempc & Bezny uzivatel)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Egis Technology Inc.) C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Egis Technology Inc. ) C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Egis Technology Inc. ) C:\Program Files\Acer ProShield\EgisTSR.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process -> AvastSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-09-29] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-14] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] (Qualcomm Atheros Commnucations)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-14] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{9A66CF19-5E87-403E-9ECD-10496F971F7A}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AF982867-4124-4D12-B510-85A28E5DB2A6}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Internet Explorer:
==================
HKU\S-1-5-21-676702780-662866294-4191645877-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-676702780-662866294-4191645877-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-676702780-662866294-4191645877-1001 -> DefaultScope {D97B55D8-BDCF-46B8-B35A-C12387DC7C8A} URL =
SearchScopes: HKU\S-1-5-21-676702780-662866294-4191645877-1001 -> {D97B55D8-BDCF-46B8-B35A-C12387DC7C8A} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-01-28] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-14] (AVAST Software)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files\Acer ProShield\x86\EgisPBIE.dll [2013-04-24] (Egis Technology Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-14] (AVAST Software)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-14]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files\Acer ProShield\FFExt
FF Extension: Online Accounts Extension - C:\Program Files\Acer ProShield\FFExt [2013-09-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20
FF Extension: Online Accounts Extension - C:\Program Files\Acer ProShield\FFExt20 [2013-09-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR Profile: C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-14]
CHR Extension: (Disk Google) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-16]
CHR Extension: (YouTube) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15]
CHR Extension: (Vyhledávání Google) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Avast SafePrice) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-02-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-10]
CHR Extension: (AdBlock) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-16]
CHR Extension: (Avast Online Security) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-30]
CHR Extension: (Gmail) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-09]
CHR HKLM-x32\...\Chrome\Extension: [ladimmjldcgbeamniagencjbodhnmgen] - C:\Program Files\Acer ProShield\ChromeEx\EgisPBChromeExt.crx [2013-04-24]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-14] (AVAST Software)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [222184 2013-04-24] (Egis Technology Inc. )
R3 eLockServ; C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe [24552 2013-04-23] (Egis Technology Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-09-29] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-14] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-14] (AVAST Software)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eLock2BurnerLockDriver; C:\Windows\system32\DRIVERS\eLock2BurnerLockDriver.sys [20072 2013-09-29] (Egis Technology Inc.)
R2 eLock2FSCTLDriver; C:\Windows\System32\DRIVERS\eLock2FSCTLDriver.sys [26264 2013-09-29] (Egis Technology Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-09-29] (Dritek System Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-21 20:10 - 2016-07-21 20:10 - 00016787 _____ C:\Users\oempc\Desktop\FRST.txt
2016-07-21 20:09 - 2016-07-21 20:10 - 00000000 ____D C:\FRST
2016-07-21 20:06 - 2016-07-21 20:06 - 00000000 ____D C:\WINDOWS\EOONotify
2016-07-21 19:57 - 2016-07-21 19:57 - 02393600 _____ (Farbar) C:\Users\oempc\Desktop\FRST64.exe
2016-07-21 11:14 - 2016-07-21 11:14 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-07-21 11:11 - 2016-07-21 11:11 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-07-21 11:11 - 2016-07-21 11:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-07-20 21:58 - 2016-07-20 22:00 - 00000000 ____D C:\AdwCleaner
2016-07-20 21:55 - 2016-07-20 21:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-20 21:49 - 2016-07-20 21:49 - 03712064 _____ C:\Users\oempc\Desktop\adwcleaner_5.201.exe
2016-07-20 21:43 - 2016-07-20 21:43 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2016-07-19 17:42 - 2016-07-19 17:42 - 00000956 _____ C:\Users\Bezny uzivatel\Desktop\Dokumenty – zástupce.lnk
2016-07-19 17:42 - 2016-07-19 17:42 - 00000000 ____D C:\Users\Bezny uzivatel\Documents\Vypisy
2016-07-19 17:41 - 2016-07-19 17:41 - 00000949 _____ C:\Users\Bezny uzivatel\Desktop\Obrázky – zástupce.lnk
2016-07-19 16:58 - 2016-07-19 16:58 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\LocalLow\Adblock Plus for IE
2016-07-19 16:57 - 2016-07-19 16:57 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2016-07-19 16:46 - 2016-07-19 16:46 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Roaming\WinRAR
2016-07-19 16:38 - 2016-07-19 16:38 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Roaming\Macromedia
2016-07-19 16:36 - 2016-07-19 16:36 - 00003986 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E0F0794C-B486-44B1-B9D2-0E9FB3BFABD5}
2016-07-19 16:34 - 2016-07-19 16:36 - 00001479 _____ C:\Users\Bezny uzivatel\Desktop\Internet Explorer.lnk
2016-07-19 16:33 - 2016-07-19 17:18 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-676702780-662866294-4191645877-1007
2016-07-19 16:33 - 2016-07-19 16:33 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Local\CEF
2016-07-19 16:29 - 2016-07-19 16:29 - 00000000 ____D C:\Users\Bezny uzivatel\Documents\Bluetooth Folder
2016-07-19 16:29 - 2016-07-19 16:29 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Roaming\AVAST Software
2016-07-19 16:29 - 2016-07-19 16:29 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Local\BMExplorer
2016-07-19 16:28 - 2016-07-19 16:28 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Roaming\Atheros
2016-07-19 16:26 - 2016-07-19 16:26 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Local\EgisTec IPS
2016-07-19 16:25 - 2016-07-19 16:32 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Local\Packages
2016-07-19 16:25 - 2016-07-19 16:25 - 00001426 _____ C:\Users\Bezny uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-07-19 16:25 - 2016-07-19 16:25 - 00000000 __SHD C:\Users\Bezny uzivatel\IntelGraphicsProfiles
2016-07-19 16:25 - 2016-07-19 16:25 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Roaming\lm
2016-07-19 16:25 - 2016-07-19 16:25 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Roaming\Adobe
2016-07-19 16:25 - 2016-07-19 16:25 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Local\VirtualStore
2016-07-19 16:25 - 2016-07-19 16:25 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Local\Google
2016-07-19 16:24 - 2016-07-19 16:26 - 00000000 ____D C:\Users\Bezny uzivatel
2016-07-19 16:24 - 2016-07-19 16:24 - 00000020 ___SH C:\Users\Bezny uzivatel\ntuser.ini
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Šablony
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Soubory cookie
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Poslední
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Okolní tiskárny
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Okolní síť
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Nabídka Start
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Dokumenty
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Documents\Obrázky
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Documents\Hudba
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Documents\Filmy
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Data aplikací
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\AppData\Local\Data aplikací
2016-07-19 16:24 - 2014-09-24 18:32 - 00000369 _____ C:\Users\Bezny uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-07-19 16:24 - 2014-09-24 18:32 - 00000369 _____ C:\Users\Bezny uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-07-19 15:47 - 2016-07-19 15:47 - 00000000 ____D C:\rsit
2016-07-19 15:47 - 2016-07-19 15:47 - 00000000 ____D C:\Program Files\trend micro
2016-07-19 15:46 - 2016-07-19 15:46 - 01222144 _____ C:\Users\oempc\Desktop\RSITx64.exe
2016-07-19 15:38 - 2016-07-19 15:38 - 00000000 ____D C:\Users\oempc\Desktop\Plocha - ostatni(reklamace)
2016-07-19 15:37 - 2016-07-19 15:38 - 00000000 ____D C:\Users\oempc\Desktop\Plocha - stryc
2016-07-19 15:35 - 2016-07-19 15:37 - 00000000 ____D C:\Users\oempc\Desktop\Plocha - Michal
2016-07-17 15:43 - 2016-07-17 15:43 - 00000000 ____D C:\Users\oempc\AppData\Local\CEF
2016-07-16 12:54 - 2016-07-16 12:54 - 00003880 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1468666430
2016-07-16 12:54 - 2016-07-02 06:29 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-16 12:54 - 2016-07-02 06:29 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-16 12:53 - 2016-07-16 12:53 - 00001057 _____ C:\Users\Public\Desktop\Avast SafeZone Browser-internetbanking.lnk
2016-07-16 12:53 - 2016-07-16 12:53 - 00001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-14 19:38 - 2016-05-25 15:22 - 00875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-07-14 19:38 - 2016-05-25 15:22 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-07-14 19:38 - 2016-05-25 15:12 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-07-14 19:38 - 2016-05-25 15:12 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-07-14 19:02 - 2016-06-25 22:05 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-14 19:02 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-14 19:02 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-14 19:02 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-14 19:02 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-14 19:02 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-14 19:02 - 2016-06-22 15:48 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 01208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-14 19:02 - 2016-06-11 21:45 - 07445856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-14 19:02 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-07-14 19:02 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2016-07-14 19:02 - 2016-01-30 20:48 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-07-14 19:02 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-07-14 19:02 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2016-07-14 19:02 - 2016-01-30 19:41 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-07-14 19:01 - 2016-06-21 20:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2016-07-14 19:01 - 2016-06-21 16:12 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2016-07-14 19:01 - 2016-06-11 20:14 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-14 19:01 - 2016-06-11 20:11 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-14 19:01 - 2016-06-11 19:56 - 25812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-14 19:01 - 2016-06-11 19:56 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-07-14 19:01 - 2016-06-11 19:42 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-14 19:01 - 2016-06-11 19:23 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-07-14 19:01 - 2016-06-11 19:22 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-14 19:01 - 2016-06-11 19:22 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-07-14 19:01 - 2016-06-11 19:21 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-07-14 19:01 - 2016-06-11 19:20 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-14 19:01 - 2016-06-11 19:13 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-14 19:01 - 2016-06-11 19:12 - 20348928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-14 19:01 - 2016-06-11 19:12 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-07-14 19:01 - 2016-06-11 19:07 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-07-14 19:01 - 2016-06-11 19:03 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-14 19:01 - 2016-06-11 19:01 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-07-14 19:01 - 2016-06-11 19:00 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-14 19:01 - 2016-06-11 19:00 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-07-14 19:01 - 2016-06-11 18:57 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-14 19:01 - 2016-06-11 18:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-07-14 19:01 - 2016-06-11 18:43 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-14 19:01 - 2016-06-11 18:38 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-07-14 19:01 - 2016-06-11 18:33 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-14 19:01 - 2016-06-11 18:31 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-14 19:01 - 2016-06-11 18:31 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-14 19:01 - 2016-06-11 18:31 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-07-14 19:01 - 2016-06-11 18:30 - 15409664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-14 19:01 - 2016-06-11 18:29 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-14 19:01 - 2016-06-11 18:26 - 02869248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-14 19:01 - 2016-06-11 18:15 - 13806080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-14 19:01 - 2016-06-11 18:12 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-14 19:01 - 2016-06-11 18:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-14 19:01 - 2016-06-11 17:59 - 02392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-14 19:01 - 2016-06-11 17:56 - 01315840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-14 19:01 - 2016-06-11 17:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-14 18:59 - 2016-06-10 23:35 - 04167680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-07-14 16:41 - 2016-07-14 16:41 - 00390984 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-07-14 16:41 - 2016-07-14 16:40 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-07-14 16:40 - 2016-07-14 16:40 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-07-11 18:04 - 2016-07-11 18:04 - 00000000 ____D C:\Users\oempc\AppData\Local\GHISLER
2016-07-11 17:56 - 2016-07-11 17:56 - 01409699 _____ C:\Users\oempc\Documents\TH_20160601-20160711.pdf
2016-07-08 11:48 - 2016-07-08 11:48 - 00081110 _____ C:\Users\oempc\Documents\457781905.PDF
2016-07-08 11:47 - 2016-07-08 11:47 - 00081019 _____ C:\Users\oempc\Documents\456454455.PDF
2016-07-03 18:13 - 2016-07-03 18:13 - 01105271 _____ C:\Users\oempc\Documents\TH_20160604-20160703.pdf
2016-06-23 11:25 - 2016-07-19 16:57 - 00000000 ____D C:\Users\oempc\AppData\LocalLow\Adblock Plus for IE
2016-06-23 10:51 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-23 10:51 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-23 10:50 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-23 10:50 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-23 10:50 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-23 10:50 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-06-23 10:50 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-06-23 10:50 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-23 10:50 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-23 10:23 - 2016-06-23 10:23 - 01106741 _____ C:\Users\oempc\Documents\TH_20160525-20160623.pdf
2016-06-22 22:25 - 2016-05-18 07:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-22 22:25 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-22 22:25 - 2016-05-16 23:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-22 22:25 - 2016-05-16 23:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-22 22:25 - 2016-05-16 23:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-22 22:25 - 2016-05-16 23:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-22 22:25 - 2016-05-14 01:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-22 22:25 - 2016-05-14 01:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-22 22:25 - 2016-05-14 01:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-22 22:25 - 2016-05-14 01:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-22 22:25 - 2016-05-14 00:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-06-22 22:25 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-22 22:25 - 2016-05-13 23:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-06-22 22:25 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-22 22:25 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-22 22:25 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-22 22:25 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-22 22:25 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-22 22:25 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-22 22:25 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-22 22:25 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-22 22:25 - 2016-05-09 23:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-22 22:25 - 2016-05-09 22:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-22 22:25 - 2016-05-09 22:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-22 22:25 - 2016-05-09 22:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-22 22:25 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-22 22:25 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-22 22:24 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-22 22:24 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-22 22:24 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-22 22:24 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-22 22:24 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-22 22:24 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-22 22:24 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-22 22:24 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-22 22:24 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-22 22:18 - 2016-06-22 22:19 - 00001479 _____ C:\Users\oempc\Desktop\Internet Explorer.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-21 20:09 - 2015-04-18 16:20 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-07-21 20:09 - 2015-04-18 16:20 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-07-21 20:09 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-21 20:01 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-07-21 19:54 - 2014-12-31 23:21 - 00003950 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{254F002F-CDBD-4DA8-870B-AA63851CCC8B}
2016-07-21 11:14 - 2013-11-24 23:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-07-21 11:11 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
2016-07-21 11:08 - 2014-01-19 15:55 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-676702780-662866294-4191645877-1001
2016-07-20 22:01 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-20 21:30 - 2014-01-19 15:52 - 00004180 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-07-19 18:04 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-07-19 16:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-19 16:29 - 2013-12-21 12:56 - 00000000 ____D C:\ProgramData\Atheros
2016-07-19 16:28 - 2014-12-30 23:31 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-07-19 16:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-07-17 16:52 - 2014-09-24 18:23 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-17 16:52 - 2014-09-24 17:39 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2016-07-17 16:52 - 2014-09-24 17:39 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2016-07-16 12:53 - 2013-08-22 16:44 - 00485016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-15 09:44 - 2015-01-09 11:31 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-15 09:44 - 2014-09-24 17:59 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-15 09:44 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-07-14 19:45 - 2013-11-22 22:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-14 19:40 - 2013-11-22 22:26 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-14 16:42 - 2014-01-19 15:52 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.146850734271805
2016-07-14 16:42 - 2014-01-19 15:52 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-07-14 16:41 - 2014-06-16 15:48 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-07-14 16:41 - 2014-01-19 15:52 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.146850733896802
2016-07-14 16:41 - 2014-01-19 15:52 - 00290088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-07-14 16:41 - 2014-01-19 15:52 - 00162904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-07-14 16:41 - 2014-01-19 15:52 - 00108304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-07-14 16:41 - 2014-01-19 15:52 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-07-14 16:41 - 2014-01-19 15:52 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-07-14 16:41 - 2014-01-19 15:50 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-14 16:40 - 2014-01-19 15:52 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-07-14 16:40 - 2014-01-19 15:51 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-26 11:43 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-22 22:33 - 2014-12-30 23:07 - 00000000 ____D C:\Users\oempc
2016-06-22 22:23 - 2014-04-20 11:54 - 00002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-22 22:23 - 2014-04-20 11:54 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
Some files in TEMP:
====================
C:\Users\oempc\AppData\Local\Temp\libeay32.dll
C:\Users\oempc\AppData\Local\Temp\msvcr120.dll
C:\Users\oempc\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-21 11:08
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-07-2016
Ran by oempc (administrator) on OEM (21-07-2016 20:10:24)
Running from C:\Users\oempc\Desktop
Loaded Profiles: oempc (Available Profiles: oempc & Bezny uzivatel)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Egis Technology Inc.) C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Egis Technology Inc. ) C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Egis Technology Inc. ) C:\Program Files\Acer ProShield\EgisTSR.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process -> AvastSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2012-11-20] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-09-29] (Dritek System Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [8900328 2016-07-14] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] (Qualcomm Atheros Commnucations)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-07-14] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{9A66CF19-5E87-403E-9ECD-10496F971F7A}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AF982867-4124-4D12-B510-85A28E5DB2A6}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Internet Explorer:
==================
HKU\S-1-5-21-676702780-662866294-4191645877-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-676702780-662866294-4191645877-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-676702780-662866294-4191645877-1001 -> DefaultScope {D97B55D8-BDCF-46B8-B35A-C12387DC7C8A} URL =
SearchScopes: HKU\S-1-5-21-676702780-662866294-4191645877-1001 -> {D97B55D8-BDCF-46B8-B35A-C12387DC7C8A} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-01-28] (Qualcomm Atheros Commnucations)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-07-14] (AVAST Software)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: EgisPBIE Sign-in Helper -> {7B51CCBE-4AF9-44A6-BDAB-D7F7E4C4E6F9} -> C:\Program Files\Acer ProShield\x86\EgisPBIE.dll [2013-04-24] (Egis Technology Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-07-14] (AVAST Software)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-14]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-14]
FF HKLM-x32\...\Firefox\Extensions: [{41ecbc0b-34d5-4cd4-935f-253a30e2cb7e}] - C:\Program Files\Acer ProShield\FFExt
FF Extension: Online Accounts Extension - C:\Program Files\Acer ProShield\FFExt [2013-09-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{d4da7309-b89a-45ec-8ebb-cfb2ae13618b}] - C:\Program Files\Acer ProShield\FFExt20
FF Extension: Online Accounts Extension - C:\Program Files\Acer ProShield\FFExt20 [2013-09-29] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
Chrome:
=======
CHR Profile: C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-14]
CHR Extension: (Disk Google) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-16]
CHR Extension: (YouTube) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-15]
CHR Extension: (Vyhledávání Google) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Avast SafePrice) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-02-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-10]
CHR Extension: (AdBlock) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-07-16]
CHR Extension: (Avast Online Security) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-30]
CHR Extension: (Gmail) - C:\Users\oempc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-05]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-09]
CHR HKLM-x32\...\Chrome\Extension: [ladimmjldcgbeamniagencjbodhnmgen] - C:\Program Files\Acer ProShield\ChromeEx\EgisPBChromeExt.crx [2013-04-24]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-07-14] (AVAST Software)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-21] (Broadcom Corp.) [File not signed]
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 EgisTec Ticket Service; C:\Program Files\Common Files\EgisTec\Services\EgisTicketService.exe [222184 2013-04-24] (Egis Technology Inc. )
R3 eLockServ; C:\Program Files\Common Files\EgisTec CommonModule\eLock\eLockServ.exe [24552 2013-04-23] (Egis Technology Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-09-29] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-14] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-14] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-14] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-14] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-14] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-14] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-14] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-14] (AVAST Software)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 eLock2BurnerLockDriver; C:\Windows\system32\DRIVERS\eLock2BurnerLockDriver.sys [20072 2013-09-29] (Egis Technology Inc.)
R2 eLock2FSCTLDriver; C:\Windows\System32\DRIVERS\eLock2FSCTLDriver.sys [26264 2013-09-29] (Egis Technology Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-09-29] (Dritek System Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-21 20:10 - 2016-07-21 20:10 - 00016787 _____ C:\Users\oempc\Desktop\FRST.txt
2016-07-21 20:09 - 2016-07-21 20:10 - 00000000 ____D C:\FRST
2016-07-21 20:06 - 2016-07-21 20:06 - 00000000 ____D C:\WINDOWS\EOONotify
2016-07-21 19:57 - 2016-07-21 19:57 - 02393600 _____ (Farbar) C:\Users\oempc\Desktop\FRST64.exe
2016-07-21 11:14 - 2016-07-21 11:14 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-07-21 11:11 - 2016-07-21 11:11 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2016-07-21 11:11 - 2016-07-21 11:11 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2016-07-20 21:58 - 2016-07-20 22:00 - 00000000 ____D C:\AdwCleaner
2016-07-20 21:55 - 2016-07-20 21:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-20 21:49 - 2016-07-20 21:49 - 03712064 _____ C:\Users\oempc\Desktop\adwcleaner_5.201.exe
2016-07-20 21:43 - 2016-07-20 21:43 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2016-07-19 17:42 - 2016-07-19 17:42 - 00000956 _____ C:\Users\Bezny uzivatel\Desktop\Dokumenty – zástupce.lnk
2016-07-19 17:42 - 2016-07-19 17:42 - 00000000 ____D C:\Users\Bezny uzivatel\Documents\Vypisy
2016-07-19 17:41 - 2016-07-19 17:41 - 00000949 _____ C:\Users\Bezny uzivatel\Desktop\Obrázky – zástupce.lnk
2016-07-19 16:58 - 2016-07-19 16:58 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\LocalLow\Adblock Plus for IE
2016-07-19 16:57 - 2016-07-19 16:57 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2016-07-19 16:46 - 2016-07-19 16:46 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Roaming\WinRAR
2016-07-19 16:38 - 2016-07-19 16:38 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Roaming\Macromedia
2016-07-19 16:36 - 2016-07-19 16:36 - 00003986 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E0F0794C-B486-44B1-B9D2-0E9FB3BFABD5}
2016-07-19 16:34 - 2016-07-19 16:36 - 00001479 _____ C:\Users\Bezny uzivatel\Desktop\Internet Explorer.lnk
2016-07-19 16:33 - 2016-07-19 17:18 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-676702780-662866294-4191645877-1007
2016-07-19 16:33 - 2016-07-19 16:33 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Local\CEF
2016-07-19 16:29 - 2016-07-19 16:29 - 00000000 ____D C:\Users\Bezny uzivatel\Documents\Bluetooth Folder
2016-07-19 16:29 - 2016-07-19 16:29 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Roaming\AVAST Software
2016-07-19 16:29 - 2016-07-19 16:29 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Local\BMExplorer
2016-07-19 16:28 - 2016-07-19 16:28 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Roaming\Atheros
2016-07-19 16:26 - 2016-07-19 16:26 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Local\EgisTec IPS
2016-07-19 16:25 - 2016-07-19 16:32 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Local\Packages
2016-07-19 16:25 - 2016-07-19 16:25 - 00001426 _____ C:\Users\Bezny uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-07-19 16:25 - 2016-07-19 16:25 - 00000000 __SHD C:\Users\Bezny uzivatel\IntelGraphicsProfiles
2016-07-19 16:25 - 2016-07-19 16:25 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Roaming\lm
2016-07-19 16:25 - 2016-07-19 16:25 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Roaming\Adobe
2016-07-19 16:25 - 2016-07-19 16:25 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Local\VirtualStore
2016-07-19 16:25 - 2016-07-19 16:25 - 00000000 ____D C:\Users\Bezny uzivatel\AppData\Local\Google
2016-07-19 16:24 - 2016-07-19 16:26 - 00000000 ____D C:\Users\Bezny uzivatel
2016-07-19 16:24 - 2016-07-19 16:24 - 00000020 ___SH C:\Users\Bezny uzivatel\ntuser.ini
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Šablony
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Soubory cookie
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Poslední
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Okolní tiskárny
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Okolní síť
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Nabídka Start
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Dokumenty
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Documents\Obrázky
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Documents\Hudba
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Documents\Filmy
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\Data aplikací
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-07-19 16:24 - 2016-07-19 16:24 - 00000000 _SHDL C:\Users\Bezny uzivatel\AppData\Local\Data aplikací
2016-07-19 16:24 - 2014-09-24 18:32 - 00000369 _____ C:\Users\Bezny uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-07-19 16:24 - 2014-09-24 18:32 - 00000369 _____ C:\Users\Bezny uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-07-19 15:47 - 2016-07-19 15:47 - 00000000 ____D C:\rsit
2016-07-19 15:47 - 2016-07-19 15:47 - 00000000 ____D C:\Program Files\trend micro
2016-07-19 15:46 - 2016-07-19 15:46 - 01222144 _____ C:\Users\oempc\Desktop\RSITx64.exe
2016-07-19 15:38 - 2016-07-19 15:38 - 00000000 ____D C:\Users\oempc\Desktop\Plocha - ostatni(reklamace)
2016-07-19 15:37 - 2016-07-19 15:38 - 00000000 ____D C:\Users\oempc\Desktop\Plocha - stryc
2016-07-19 15:35 - 2016-07-19 15:37 - 00000000 ____D C:\Users\oempc\Desktop\Plocha - Michal
2016-07-17 15:43 - 2016-07-17 15:43 - 00000000 ____D C:\Users\oempc\AppData\Local\CEF
2016-07-16 12:54 - 2016-07-16 12:54 - 00003880 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1468666430
2016-07-16 12:54 - 2016-07-02 06:29 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-16 12:54 - 2016-07-02 06:29 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-16 12:53 - 2016-07-16 12:53 - 00001057 _____ C:\Users\Public\Desktop\Avast SafeZone Browser-internetbanking.lnk
2016-07-16 12:53 - 2016-07-16 12:53 - 00001057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-07-14 19:38 - 2016-05-25 15:22 - 00875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-07-14 19:38 - 2016-05-25 15:22 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-07-14 19:38 - 2016-05-25 15:12 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-07-14 19:38 - 2016-05-25 15:12 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-07-14 19:02 - 2016-06-25 22:05 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-14 19:02 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-14 19:02 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-14 19:02 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-14 19:02 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-14 19:02 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-14 19:02 - 2016-06-22 15:48 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 01208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-14 19:02 - 2016-06-21 15:48 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-14 19:02 - 2016-06-11 21:45 - 07445856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-14 19:02 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-07-14 19:02 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2016-07-14 19:02 - 2016-01-30 20:48 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-07-14 19:02 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-07-14 19:02 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2016-07-14 19:02 - 2016-01-30 19:41 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-07-14 19:01 - 2016-06-21 20:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2016-07-14 19:01 - 2016-06-21 16:12 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2016-07-14 19:01 - 2016-06-11 20:14 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-14 19:01 - 2016-06-11 20:11 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-14 19:01 - 2016-06-11 19:56 - 25812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-14 19:01 - 2016-06-11 19:56 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-07-14 19:01 - 2016-06-11 19:42 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-14 19:01 - 2016-06-11 19:23 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-07-14 19:01 - 2016-06-11 19:22 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-14 19:01 - 2016-06-11 19:22 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-07-14 19:01 - 2016-06-11 19:21 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-07-14 19:01 - 2016-06-11 19:20 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-14 19:01 - 2016-06-11 19:13 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-14 19:01 - 2016-06-11 19:12 - 20348928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-14 19:01 - 2016-06-11 19:12 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-07-14 19:01 - 2016-06-11 19:07 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-07-14 19:01 - 2016-06-11 19:03 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-14 19:01 - 2016-06-11 19:01 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-07-14 19:01 - 2016-06-11 19:00 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-14 19:01 - 2016-06-11 19:00 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-07-14 19:01 - 2016-06-11 18:57 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-14 19:01 - 2016-06-11 18:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-07-14 19:01 - 2016-06-11 18:43 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-14 19:01 - 2016-06-11 18:38 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-07-14 19:01 - 2016-06-11 18:33 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-14 19:01 - 2016-06-11 18:31 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-14 19:01 - 2016-06-11 18:31 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-14 19:01 - 2016-06-11 18:31 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-07-14 19:01 - 2016-06-11 18:30 - 15409664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-14 19:01 - 2016-06-11 18:29 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-14 19:01 - 2016-06-11 18:26 - 02869248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-14 19:01 - 2016-06-11 18:15 - 13806080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-14 19:01 - 2016-06-11 18:12 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-14 19:01 - 2016-06-11 18:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-14 19:01 - 2016-06-11 17:59 - 02392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-14 19:01 - 2016-06-11 17:56 - 01315840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-14 19:01 - 2016-06-11 17:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-14 18:59 - 2016-06-10 23:35 - 04167680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-07-14 16:41 - 2016-07-14 16:41 - 00390984 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-07-14 16:41 - 2016-07-14 16:40 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-07-14 16:40 - 2016-07-14 16:40 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-07-11 18:04 - 2016-07-11 18:04 - 00000000 ____D C:\Users\oempc\AppData\Local\GHISLER
2016-07-11 17:56 - 2016-07-11 17:56 - 01409699 _____ C:\Users\oempc\Documents\TH_20160601-20160711.pdf
2016-07-08 11:48 - 2016-07-08 11:48 - 00081110 _____ C:\Users\oempc\Documents\457781905.PDF
2016-07-08 11:47 - 2016-07-08 11:47 - 00081019 _____ C:\Users\oempc\Documents\456454455.PDF
2016-07-03 18:13 - 2016-07-03 18:13 - 01105271 _____ C:\Users\oempc\Documents\TH_20160604-20160703.pdf
2016-06-23 11:25 - 2016-07-19 16:57 - 00000000 ____D C:\Users\oempc\AppData\LocalLow\Adblock Plus for IE
2016-06-23 10:51 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-23 10:51 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-23 10:50 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-23 10:50 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-23 10:50 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-23 10:50 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-06-23 10:50 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-06-23 10:50 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-23 10:50 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-23 10:23 - 2016-06-23 10:23 - 01106741 _____ C:\Users\oempc\Documents\TH_20160525-20160623.pdf
2016-06-22 22:25 - 2016-05-18 07:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-22 22:25 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-22 22:25 - 2016-05-16 23:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-22 22:25 - 2016-05-16 23:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-22 22:25 - 2016-05-16 23:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-22 22:25 - 2016-05-16 23:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-22 22:25 - 2016-05-14 01:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-22 22:25 - 2016-05-14 01:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-22 22:25 - 2016-05-14 01:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-22 22:25 - 2016-05-14 01:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-22 22:25 - 2016-05-14 00:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-06-22 22:25 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-22 22:25 - 2016-05-13 23:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-06-22 22:25 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-22 22:25 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-22 22:25 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-22 22:25 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-22 22:25 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-22 22:25 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-22 22:25 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-22 22:25 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-22 22:25 - 2016-05-09 23:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-22 22:25 - 2016-05-09 22:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-22 22:25 - 2016-05-09 22:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-22 22:25 - 2016-05-09 22:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-22 22:25 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-22 22:25 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-22 22:24 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-22 22:24 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-22 22:24 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-22 22:24 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-22 22:24 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-22 22:24 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-22 22:24 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-22 22:24 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-22 22:24 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-22 22:18 - 2016-06-22 22:19 - 00001479 _____ C:\Users\oempc\Desktop\Internet Explorer.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-21 20:09 - 2015-04-18 16:20 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-07-21 20:09 - 2015-04-18 16:20 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-07-21 20:09 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-21 20:01 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-07-21 19:54 - 2014-12-31 23:21 - 00003950 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{254F002F-CDBD-4DA8-870B-AA63851CCC8B}
2016-07-21 11:14 - 2013-11-24 23:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-07-21 11:11 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
2016-07-21 11:08 - 2014-01-19 15:55 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-676702780-662866294-4191645877-1001
2016-07-20 22:01 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-20 21:30 - 2014-01-19 15:52 - 00004180 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-07-19 18:04 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-07-19 16:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-19 16:29 - 2013-12-21 12:56 - 00000000 ____D C:\ProgramData\Atheros
2016-07-19 16:28 - 2014-12-30 23:31 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2016-07-19 16:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-07-17 16:52 - 2014-09-24 18:23 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-17 16:52 - 2014-09-24 17:39 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2016-07-17 16:52 - 2014-09-24 17:39 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2016-07-16 12:53 - 2013-08-22 16:44 - 00485016 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-15 09:44 - 2015-01-09 11:31 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-15 09:44 - 2014-09-24 17:59 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-15 09:44 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-07-14 19:45 - 2013-11-22 22:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-14 19:40 - 2013-11-22 22:26 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-14 16:42 - 2014-01-19 15:52 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.146850734271805
2016-07-14 16:42 - 2014-01-19 15:52 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2016-07-14 16:41 - 2014-06-16 15:48 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-07-14 16:41 - 2014-01-19 15:52 - 00473592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.146850733896802
2016-07-14 16:41 - 2014-01-19 15:52 - 00290088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-07-14 16:41 - 2014-01-19 15:52 - 00162904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-07-14 16:41 - 2014-01-19 15:52 - 00108304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-07-14 16:41 - 2014-01-19 15:52 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-07-14 16:41 - 2014-01-19 15:52 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-07-14 16:41 - 2014-01-19 15:50 - 00000000 ____D C:\ProgramData\AVAST Software
2016-07-14 16:40 - 2014-01-19 15:52 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-07-14 16:40 - 2014-01-19 15:51 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-26 11:43 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-22 22:33 - 2014-12-30 23:07 - 00000000 ____D C:\Users\oempc
2016-06-22 22:23 - 2014-04-20 11:54 - 00002219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-22 22:23 - 2014-04-20 11:54 - 00002207 _____ C:\Users\Public\Desktop\Google Chrome.lnk
Some files in TEMP:
====================
C:\Users\oempc\AppData\Local\Temp\libeay32.dll
C:\Users\oempc\AppData\Local\Temp\msvcr120.dll
C:\Users\oempc\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-21 11:08
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (7.33 KiB) Staženo 59 x
Re: Preventivní kontrola logu - ntb č.2
Napiste mi velikost adresare plochy (C:\Users\oempc\Plocha) Otevrete si poznamkovy blok a zkopirujte do nej tento skript
Kód: Vybrat vše
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
SearchScopes: HKU\S-1-5-21-676702780-662866294-4191645877-1001 -> DefaultScope {D97B55D8-BDCF-46B8-B35A-C12387DC7C8A} URL =
SearchScopes: HKU\S-1-5-21-676702780-662866294-4191645877-1001 -> {D97B55D8-BDCF-46B8-B35A-C12387DC7C8A} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NAUpdate;Nero Update; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
EndKliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
Per_rhexin
- Návštěvník
- Příspěvky: 17
- Registrován: 18 črc 2016 13:27
Re: Preventivní kontrola logu - ntb č.2
Plocha: 32,9GB (1685 souborů, 46 složek).
Fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-07-2016
Ran by oempc (2016-07-23 23:15:12) Run:1
Running from C:\Users\oempc\Desktop
Loaded Profiles: oempc (Available Profiles: oempc & Bezny uzivatel)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
SearchScopes: HKU\S-1-5-21-676702780-662866294-4191645877-1001 -> DefaultScope {D97B55D8-BDCF-46B8-B35A-C12387DC7C8A} URL =
SearchScopes: HKU\S-1-5-21-676702780-662866294-4191645877-1001 -> {D97B55D8-BDCF-46B8-B35A-C12387DC7C8A} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NAUpdate;Nero Update; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mcui_exe => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Norton Online Backup => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully
HKU\S-1-5-21-676702780-662866294-4191645877-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-676702780-662866294-4191645877-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D97B55D8-BDCF-46B8-B35A-C12387DC7C8A}" => key removed successfully
HKCR\CLSID\{D97B55D8-BDCF-46B8-B35A-C12387DC7C8A} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
NOBU => Service stopped successfully.
NOBU => service removed successfully
NAUpdate => service removed successfully
gupdate => service removed successfully
gupdatem => service removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43585914 B
Java, Flash, Steam htmlcache => 659 B
Windows/system/drivers => 229242735 B
Edge => 0 B
Chrome => 11547063 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 522548 B
NetworkService => 61724 B
oempc => 180095146 B
Bezny uzivatel => 54313533 B
RecycleBin => 1244094724 B
EmptyTemp: => 1.7 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:16:09 ====
Fixlog:
Fix result of Farbar Recovery Scan Tool (x64) Version: 20-07-2016
Ran by oempc (2016-07-23 23:15:12) Run:1
Running from C:\Users\oempc\Desktop
Loaded Profiles: oempc (Available Profiles: oempc & Bezny uzivatel)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
SearchScopes: HKU\S-1-5-21-676702780-662866294-4191645877-1001 -> DefaultScope {D97B55D8-BDCF-46B8-B35A-C12387DC7C8A} URL =
SearchScopes: HKU\S-1-5-21-676702780-662866294-4191645877-1001 -> {D97B55D8-BDCF-46B8-B35A-C12387DC7C8A} URL =
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NAUpdate;Nero Update; c:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-10 144200]
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\mcui_exe => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Norton Online Backup => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => value removed successfully
HKU\S-1-5-21-676702780-662866294-4191645877-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-676702780-662866294-4191645877-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D97B55D8-BDCF-46B8-B35A-C12387DC7C8A}" => key removed successfully
HKCR\CLSID\{D97B55D8-BDCF-46B8-B35A-C12387DC7C8A} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
NOBU => Service stopped successfully.
NOBU => service removed successfully
NAUpdate => service removed successfully
gupdate => service removed successfully
gupdatem => service removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43585914 B
Java, Flash, Steam htmlcache => 659 B
Windows/system/drivers => 229242735 B
Edge => 0 B
Chrome => 11547063 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 522548 B
NetworkService => 61724 B
oempc => 180095146 B
Bezny uzivatel => 54313533 B
RecycleBin => 1244094724 B
EmptyTemp: => 1.7 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:16:09 ====
Re: Preventivní kontrola logu - ntb č.2
Per_rhexin píše:Plocha: 32,9GB (1685 souborů, 46 složek).
Velikost plochy by nemela presahovat 200 - 300 MB! Brzdi to chod pc. Cili ji trosku uklidte a na plochu dejte jen zastupce. Jen pozor na obcasnou chybu, ze uzivatele maji na plose slozku, v ni dalsi a v ni dalsi a do te to schovaji. To je sice hezke, ale plochu to nezmensi, jen je to v jinem supliku 
Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce) vyosek píše:
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remove disinfection tools
- Kliknete na Run
Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)
Defragmentujte disk(y) (SSD Disky ne!)Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.
Pak napiste, jak to s pc vypada.Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
Per_rhexin
- Návštěvník
- Příspěvky: 17
- Registrován: 18 črc 2016 13:27
Re: Preventivní kontrola logu - ntb č.2
Plochu jsem vyčistil, provedl jsem také ostatní doporučení - a vypadá to, že ntb běží dobře . Děkuji za pomoc, podpořím fórum. Jen bych se ještě rád zeptal na jednu věc - na ntb se používá Avast Free Antivirus, který si nedávno sám nainstaloval prohlížeč Avast SafeZone - má používaní tohoto prohlížeče nějaký smysl? Myslím hlavně v něm obsažený "Platební režim" pro internetbanking - je to bezpečnější, nebo je to jen marketing (na netu jsem našel dost rozporuplná hodnocení)?
. Děkuji za pomoc, podpořím fórum. Jen bych se ještě rád zeptal na jednu věc - na ntb se používá Avast Free Antivirus, který si nedávno sám nainstaloval prohlížeč Avast SafeZone - má používaní tohoto prohlížeče nějaký smysl? Myslím hlavně v něm obsažený "Platební režim" pro internetbanking - je to bezpečnější, nebo je to jen marketing (na netu jsem našel dost rozporuplná hodnocení)?Re: Preventivní kontrola logu - ntb č.2
Nemate zac!
Za pripadny prispevek dekujeme
S tim prohlizecem nevim. Taky se mi nainstaloval, ale nepouzivam ho. Teoreticky by mel byt bezpecnejsi, ale prakticky netusim a nemam to jak otestovat. Hodte dotaz treba to sekce Vsehochut, tam se treba ozve nekdo, kdo o tom vi vice
Mejte se a treba zase nekdy
Za pripadny prispevek dekujeme
S tim prohlizecem nevim. Taky se mi nainstaloval, ale nepouzivam ho. Teoreticky by mel byt bezpecnejsi, ale prakticky netusim a nemam to jak otestovat. Hodte dotaz treba to sekce Vsehochut, tam se treba ozve nekdo, kdo o tom vi vice
Mejte se a treba zase nekdy
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?