Prosím o kontrolu logu

-pavelk- · Příspěvekod **-pavelk-** » 29 bře 2017 13:55

ComboFix 17-03-28.01 - můj 29.03.2017 13:31:18.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4003.1879 [GMT 2:00]
Spuštěný z: c:\users\m¨j\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\m¨j\Desktop\CFScript.txt
AV: Avast Antivirus *Disabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Avast Antivirus *Disabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2017-02-28 do 2017-03-29 )))))))))))))))))))))))))))))))
.
.
2017-03-29 11:43 . 2017-03-29 11:43 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2017-03-29 11:43 . 2017-03-29 11:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2017-03-28 12:57 . 2017-03-28 12:57 203680 ----a-w- c:\windows\system32\drivers\zamguard64.sys
2017-03-28 12:57 . 2017-03-28 12:57 203680 ----a-w- c:\windows\system32\drivers\zam64.sys
2017-03-28 12:57 . 2017-03-28 12:58 -------- d-----w- c:\program files (x86)\Zemana AntiMalware
2017-03-28 12:57 . 2017-03-28 12:57 -------- d-----w- c:\users\můj\AppData\Local\Zemana
2017-03-27 06:51 . 2017-03-29 11:20 -------- d-----w- c:\users\můj\AppData\Local\CrashDumps
2017-03-26 21:59 . 2017-03-26 21:23 24064 ----a-w- c:\windows\zoek-delete.exe
2017-03-26 21:59 . 2017-03-29 11:43 -------- d-----w- c:\users\můj\AppData\Local\Temp
2017-03-26 09:57 . 2017-03-26 11:01 -------- d-----w- C:\zoek_backup
2017-03-24 14:22 . 2017-03-25 09:45 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2017-03-24 14:21 . 2017-03-24 15:26 -------- d-----w- c:\programdata\RogueKiller
2017-03-24 13:11 . 2017-03-24 13:11 -------- d-----w- c:\programdata\Sophos
2017-03-24 13:10 . 2017-03-24 13:10 -------- d-----w- c:\program files (x86)\Sophos
2017-03-23 19:43 . 2017-03-23 19:43 -------- d-----w- c:\programdata\Malwarebytes
2017-03-23 19:43 . 2017-03-23 19:43 -------- d-----w- c:\program files\Malwarebytes
2017-03-23 19:28 . 2017-03-23 20:54 -------- d-----w- C:\AdwCleaner
2017-03-22 21:28 . 2017-03-22 21:28 -------- d-----w- c:\users\můj\AppData\Roaming\www.shadowexplorer.com
2017-03-22 20:39 . 2017-03-22 20:39 -------- d-----w- c:\programdata\LHService
2017-03-22 20:36 . 2017-03-22 20:36 -------- d-----w- c:\programdata\LockHunter
2017-03-22 20:22 . 2017-03-22 20:22 -------- d-----w- c:\users\můj\AppData\Roaming\LockHunter
2017-03-22 20:22 . 2017-03-22 21:01 -------- d-----w- c:\program files\LockHunter
2017-03-15 23:25 . 2017-03-19 06:14 527816 ----a-w- c:\program files (x86)\Mozilla Firefox\minidump-analyzer.exe
2017-03-15 10:02 . 2017-03-15 10:02 6847064 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2017-03-14 22:43 . 2017-02-22 23:37 1285632 ----a-w- c:\windows\system32\aeinv.dll
2017-03-14 22:43 . 2017-02-18 14:05 1609216 ----a-w- c:\windows\system32\appraiser.dll
2017-03-14 22:43 . 2016-12-31 15:36 233984 ----a-w- c:\windows\system32\aepic.dll
2017-03-14 22:43 . 2017-02-18 14:05 646656 ----a-w- c:\windows\system32\generaltel.dll
2017-03-14 22:43 . 2016-12-31 15:36 335360 ----a-w- c:\windows\system32\invagent.dll
2017-03-14 22:43 . 2016-12-31 15:36 556544 ----a-w- c:\windows\system32\devinv.dll
2017-03-14 22:43 . 2016-12-31 15:36 293376 ----a-w- c:\windows\system32\centel.dll
2017-03-14 22:43 . 2017-02-22 23:42 84712 ----a-w- c:\windows\system32\CompatTelRunner.exe
2017-03-14 22:43 . 2016-12-31 15:36 133632 ----a-w- c:\windows\system32\acmigration.dll
2017-03-02 10:47 . 2017-03-02 10:45 48528 ----a-w- c:\windows\system32\drivers\aswbuniva.sys
2017-03-02 10:47 . 2017-03-02 10:45 334600 ----a-w- c:\windows\system32\drivers\aswbloga.sys
2017-03-02 10:47 . 2017-03-02 10:45 309272 ----a-w- c:\windows\system32\drivers\aswbidsdrivera.sys
2017-03-02 10:47 . 2017-03-02 10:45 189768 ----a-w- c:\windows\system32\drivers\aswbidsha.sys
2017-03-02 10:45 . 2017-03-02 10:45 398408 ----a-w- c:\windows\system32\aswBoot.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2017-03-21 20:15 . 2012-06-24 13:54 548928 ----a-w- c:\windows\system32\drivers\aswsp.sys
2017-03-15 10:02 . 2012-06-25 05:38 802904 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2017-03-15 10:02 . 2012-06-25 05:38 144472 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2017-03-15 00:00 . 2012-06-26 07:47 138634176 -c--a-w- c:\windows\system32\MRT.exe
2017-03-14 22:23 . 2013-03-16 08:24 337592 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2017-03-02 10:45 . 2014-08-01 18:43 162528 ----a-w- c:\windows\system32\drivers\aswStm.sys
2017-03-02 10:45 . 2014-08-01 18:43 38296 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2017-03-02 10:45 . 2013-03-16 08:24 75704 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2017-03-02 10:45 . 2012-06-24 13:54 100640 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2017-03-02 10:45 . 2012-06-24 13:54 126600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2017-03-02 10:45 . 2012-06-24 13:54 993608 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2017-03-02 10:45 . 2016-03-23 18:19 32088 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2017-02-09 16:32 . 2017-03-14 22:50 345600 ----a-w- c:\windows\system32\schannel.dll
2017-02-09 16:32 . 2017-03-14 22:50 190464 ----a-w- c:\windows\system32\rpchttp.dll
2017-02-09 16:14 . 2017-03-14 22:50 254464 ----a-w- c:\windows\SysWow64\schannel.dll
2017-02-09 16:14 . 2017-03-14 22:50 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2017-02-09 16:14 . 2017-03-14 22:50 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2017-01-06 20:40 . 2010-06-24 10:33 24800 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe" [2011-02-18 845176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2010-08-16 34160]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvLaunch.exe" [2017-03-02 205512]
"EaseUS EPM tray"="c:\program files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe" [2014-11-18 2089056]
"EaseUS EPM Tray Agent"="c:\program files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\TrayTipAgentE.exe" [2014-11-18 255072]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"TOPI.EXE"="c:\program files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe" [2011-02-18 845176]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
3;4 MBAMService;Malwarebytes Service;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe;c:\program files\Malwarebytes\Anti-Malware\mbamservice.exe [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe;c:\program files\AVAST Software\Avast\x64\aswidsagenta.exe [x]
R3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
R3 DxVGrb;DxVGrb;c:\windows\system32\drivers\DxVGrb.sys;c:\windows\SYSNATIVE\drivers\DxVGrb.sys [x]
R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys;c:\windows\SYSNATIVE\epmntdrv.sys [x]
R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys;c:\windows\SYSNATIVE\EuGdiDrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
R3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]
R3 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files (x86)\Windows Live\Mesh\wlcrasvc.exe;c:\program files (x86)\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswbidsh;aswbidsh;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys;c:\windows\\SystemRoot\system32\drivers\aswbidsha.sys [x]
S0 aswblog;aswblog;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys;c:\windows\\SystemRoot\system32\drivers\aswbloga.sys [x]
S0 aswbuniv;aswbuniv;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys;c:\windows\\SystemRoot\system32\drivers\aswbuniva.sys [x]
S0 aswRvrt;aswRvrt;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys;c:\windows\\SystemRoot\system32\drivers\aswRvrt.sys [x]
S0 aswVmm;aswVmm;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys;c:\windows\\SystemRoot\system32\drivers\aswVmm.sys [x]
S0 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys;c:\windows\SYSNATIVE\DRIVERS\thpdrv.sys [x]
S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS;c:\windows\SYSNATIVE\DRIVERS\Thpevm.SYS [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdrivera.sys;c:\windows\SYSNATIVE\drivers\aswbidsdrivera.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\windows\system32\drivers\mbae64.sys;c:\windows\SYSNATIVE\drivers\mbae64.sys [x]
S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x]
S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S2 UDSS;UDSS;c:\program files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe;c:\program files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x]
S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys;c:\windows\SYSNATIVE\DRIVERS\CeKbFilter.sys [x]
S3 DVB7700ALL;TOSHIBA DIB7700 based TV tuner device;c:\windows\system32\Drivers\dvb7700all.sys;c:\windows\SYSNATIVE\Drivers\dvb7700all.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys;c:\windows\SYSNATIVE\DRIVERS\enecirhid.sys [x]
S3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys;c:\windows\SYSNATIVE\DRIVERS\enecirhidma.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 MBAMFarflt;MBAMFarflt;c:\windows\system32\drivers\farflt.sys;c:\windows\SYSNATIVE\drivers\farflt.sys [x]
S3 MBAMProtection;MBAMProtection;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMWebProtection;MBAMWebProtection;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - ESPROTECTIONDRIVER
*NewlyCreated* - MBAMCHAMELEON
*NewlyCreated* - MBAMFARFLT
*NewlyCreated* - MBAMPROTECTION
*NewlyCreated* - MBAMWEBPROTECTION
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2017-02-07 15:57 1368920 ----a-w- c:\program files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A6EADE66-0000-0000-484E-7E8A45000000}]
2016-12-23 18:10 323152 ----a-w- c:\program files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-03-02 10:45 1481016 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00asw]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2017-03-02 10:45 1481016 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ThpSrv"="c:\windows\system32\thpsrv" [X]
"TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
"HSON"="c:\program files (x86)\TOSHIBA\TBS\HSON.exe" [BU]
"TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-05 11780712]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-01 2189416]
"Teco"="c:\program files (x86)\TOSHIBA\TECO\Teco.exe" [BU]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-12-08 710040]
"TosWaitSrv"="c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe" [BU]
"TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
"ZAM"="c:\program files (x86)\Zemana AntiMalware\ZAM.exe" [2017-03-24 14513904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SYSTEM32\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Přidat do aplikace TOSHIBA Bulletin Board - c:\program files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath -
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
AddRemove-YTD_Pepak - c:\program files (x86)\YTD\ytd.exe
AddRemove-{15134cb0-b767-4960-a911-f2d16ae54797} - c:\programdata\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe
AddRemove-{1a413f37-ed88-4fec-9666-997AF4905D9C} - c:\program files (x86)\GreenTree Applications\FLV.com FLV Converter\uninstall.exe
AddRemove-{22154f09-719a-4619-bb71-5b3356999fbf} - c:\programdata\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe
AddRemove-{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f} - c:\programdata\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe
AddRemove-{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6} - c:\programdata\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_25_0_0_127_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_25_0_0_127_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_25_0_0_127_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_25_0_0_127_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.25"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_25_0_0_127.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2017-03-29 13:48:59
ComboFix-quarantined-files.txt 2017-03-29 11:48
ComboFix2.txt 2017-03-28 14:28
.
Před spuštěním: Volných bajtů: 70 350 143 488
Po spuštění: Volných bajtů: 70 020 399 104
.
- - End Of File - - CB6CD8688E659C06AD0E00530515A2FC

Reklama

-pavelk- · Příspěvekod **-pavelk-** » 29 bře 2017 14:00

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:59:49, on 29.3.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18618)

FIREFOX: 52.0.1 (x86 cs)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\TrayTipAgentE.exe
C:\Users\můj\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
O4 - HKLM\..\Run: [EaseUS EPM Tray Agent] "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\TrayTipAgentE.exe"
O4 - HKCU\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe /STARTUP
O4 - HKUS\S-1-5-21-4093128343-277712152-1473002577-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4093128343-277712152-1473002577-1000\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STAR (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4093128343-277712152-1473002577-1000\..\Run: [] (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-4093128343-277712152-1473002577-1000\..\RunOnce: [SysOff] C:\Windows\SysWOW64\SYSPREP\ClosespV.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe /STARTUP (User 'Default user')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do aplikace TOSHIBA Bulletin Board - res://C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Unknown owner - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (file missing)
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: TOSHIBA HDD Protection (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: UDSS - Unknown owner - c:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 12115 bytes

-pavelk- · Příspěvekod **-pavelk-** » 29 bře 2017 14:52

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-03-29 14:02:08
-----------------------------
14:02:08.129 OS Version: Windows x64 6.1.7601 Service Pack 1
14:02:08.129 Number of processors: 4 586 0x2A07
14:02:08.129 ComputerName: MUJ-TOSH UserName: můj
14:02:09.939 Initialize success
14:02:14.291 VM: initialized successfully
14:02:14.291 VM: Intel CPU supported virtualized
14:02:25.960 VM: supported disk I/O iaStor.sys
14:02:35.772 AVAST engine defs: 17032901
14:02:41.045 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:02:41.045 Disk 0 Vendor: TOSHIBA_ GB00 Size: 610480MB BusType: 3
14:02:41.186 VM: Disk 0 MBR read successfully
14:02:41.186 Disk 0 MBR scan
14:02:41.420 Disk 0 Windows VISTA default MBR code
14:02:41.732 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
14:02:41.732 Disk 0 default boot code
14:02:41.856 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 593602 MB offset 3074048
14:02:41.919 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 15377 MB offset 1218770944
14:02:42.153 Disk 0 scanning C:\windows\system32\drivers
14:03:07.222 Service scanning
14:03:57.267 Modules scanning
14:03:57.267 Disk 0 trace - called modules:
14:03:57.329 ntoskrnl.exe CLASSPNP.SYS disk.sys aswSP.sys thpdrv.sys iaStor.sys hal.dll
14:03:57.329 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006444060]
14:03:57.345 3 aswSP.sys[fffff88001d490b6] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa8006443060]
14:03:57.361 5 thpdrv.sys[fffff88001bf6cc0] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004624050]
14:03:58.359 AVAST engine scan C:\windows
14:04:01.900 AVAST engine scan C:\windows\system32
14:07:50.487 AVAST engine scan C:\windows\system32\drivers
14:08:05.900 AVAST engine scan C:\Users\můj
14:31:29.466 File: C:\Users\můj\Desktop\zoek.exe **INFECTED** Win32:Malware-gen
14:38:59.402 AVAST engine scan C:\ProgramData
14:45:40.447 Disk 0 statistics 4720755/0/21142 @ 1,06 MB/s
14:45:40.463 Scan finished successfully
14:51:17.112 Disk 0 MBR has been saved successfully to "C:\Users\můj\Desktop\MBR.dat"
14:51:17.127 The log file has been saved successfully to "C:\Users\můj\Desktop\aswMBR.txt"

Příspěvekod **jaro3** » 29 bře 2017 19:20

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

Vyčisti systém CCleanerem

Stáhni si OTC

na plochu. Poklepej na něj. Potom klikni na Clean up!.
Restartuj PC , pokud Ti bude doporučeno.

Co problémy?

-pavelk- · Příspěvekod **-pavelk-** » 29 bře 2017 20:18

Bohužel se nic nezměnilo. Potíže s externím HDD trvají, samovolně vytvořená složka nejde odstranit a některé původní nejdou otevřít.

Příspěvekod **Orcus** » 29 bře 2017 20:52

Dej sem celý název nebo ideálně cestu ke složce. Smažeme ručně.

-pavelk- · Příspěvekod **-pavelk-** » 29 bře 2017 21:36

Stačí takhle?

Příspěvekod **jaro3** » 29 bře 2017 22:17

Nech připojen ten disk.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

-pavelk- · Příspěvekod **-pavelk-** » 29 bře 2017 23:00

První část logu z FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by můj (administrator) on MUJ-TOSH (29-03-2017 22:51:39)
Running from C:\Users\můj\Desktop
Loaded Profiles: UpdatusUser & můj (Available Profiles: UpdatusUser & můj)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
() C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
() C:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
(Microsoft Corp.) C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe
() C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\TrayTipAgentE.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [296824 2010-09-25] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-16] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-02] (Realtek Semiconductor)
HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1519016 2011-01-28] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711576 2010-12-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [MouseDriver] => C:\windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14513904 2017-03-24] (Copyright 2017.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-03-29] (AVAST Software)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe [2089056 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4093128343-277712152-1473002577-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-4093128343-277712152-1473002577-1000\...\Run: [] => [X]
HKU\S-1-5-21-4093128343-277712152-1473002577-1000\...\RunOnce: [SysOff] => C:\Windows\SysWOW64\SYSPREP\ClosespV.exe
HKU\S-1-5-21-4093128343-277712152-1473002577-1001\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-4093128343-277712152-1473002577-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-4093128343-277712152-1473002577-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [226920 2011-02-22] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [192616 2011-02-22] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-29] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-29] (AVAST Software)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-14]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-14]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{3947458D-9438-42BB-BC54-8DFBF0101568}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{A2D0585B-CDC0-48FC-A99D-1BB746D2253A}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4093128343-277712152-1473002577-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-4093128343-277712152-1473002577-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-4093128343-277712152-1473002577-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKLM -> DefaultScope {9DEAC2A5-455F-4C1E-89BC-30039A54318C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {9DEAC2A5-455F-4C1E-89BC-30039A54318C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {49162ADC-E8FF-4322-B076-C345177872A9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {49162ADC-E8FF-4322-B076-C345177872A9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4093128343-277712152-1473002577-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4093128343-277712152-1473002577-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4093128343-277712152-1473002577-1001 -> {73F6424B-EC2F-4166-A732-C78B3896A6A8} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
SearchScopes: HKU\S-1-5-21-4093128343-277712152-1473002577-1001 -> {74DF117E-94AC-48F8-AF03-93209CA26E23} URL = hxxp://rover.ebay.com/rover/1/710-71511 ... 4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-4093128343-277712152-1473002577-1001 -> {C3803C42-BD98-449B-A6CB-EE4A0E6BF629} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-29] (AVAST Software)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-29] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-03-22] (Sun Microsystems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\můj\AppData\Roaming\Mozilla\Firefox\Profiles\10jmgvq8.default [2017-03-29]
FF NewTab: Mozilla\Firefox\Profiles\10jmgvq8.default -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\10jmgvq8.default -> about:home
FF Extension: (Video DownloadHelper) - C:\Users\můj\AppData\Roaming\Mozilla\Firefox\Profiles\10jmgvq8.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-31]
FF Extension: (Seznam lištička) - C:\Users\můj\AppData\Roaming\Mozilla\Firefox\Profiles\10jmgvq8.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-23]
FF SearchPlugin: C:\Users\můj\AppData\Roaming\Mozilla\Firefox\Profiles\10jmgvq8.default\searchplugins\firmycz.xml [2014-07-19]
FF SearchPlugin: C:\Users\můj\AppData\Roaming\Mozilla\Firefox\Profiles\10jmgvq8.default\searchplugins\mapycz.xml [2014-07-19]
FF SearchPlugin: C:\Users\můj\AppData\Roaming\Mozilla\Firefox\Profiles\10jmgvq8.default\searchplugins\zbocz.xml [2012-06-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-29]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-11-27] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7398336 2017-03-29] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [261712 2017-03-29] (AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 Thpsrv; C:\windows\system32\ThpSrv.exe [526848 2010-12-25] (TOSHIBA Corporation) [File not signed]
R2 UDSS; c:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe [30064 2011-03-11] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 wlcrasvc; C:\Program Files (x86)\Windows Live\Mesh\wlcrasvc.exe [57184 2010-09-22] (Microsoft Corporation)
R2 wlidsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corp.)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [14513904 2017-03-24] (Copyright 2017.)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys [307736 2017-03-29] (AVAST Software s.r.o.)
R0 aswbidsh; C:\windows\system32\drivers\aswbidsha.sys [189768 2017-03-29] (AVAST Software s.r.o.)
R0 aswblog; C:\windows\system32\drivers\aswbloga.sys [334088 2017-03-29] (AVAST Software s.r.o.)
R0 aswbuniv; C:\windows\system32\drivers\aswbuniva.sys [48528 2017-03-29] (AVAST Software s.r.o.)
S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [38296 2017-03-29] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [32600 2017-03-29] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [127112 2017-03-29] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [101152 2017-03-29] (AVAST Software)
R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [75704 2017-03-29] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1005048 2017-03-29] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [556784 2017-03-29] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [164064 2017-03-29] (AVAST Software)
R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [339696 2017-03-29] (AVAST Software)
R1 dtsoftbus01; C:\windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-26] (Disc Soft Ltd)
R3 DVB7700ALL; C:\windows\System32\Drivers\dvb7700all.sys [994304 2011-01-03] (DiBcom)
S3 DxVGrb; C:\windows\System32\drivers\DxVGrb.sys [227456 2014-04-08] (Dexetek )
S3 epmntdrv; C:\windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2012-08-05] (Padus, Inc.) [File not signed]
S3 t_mouse.sys; C:\windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2017-03-28] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2017-03-28] (Zemana Ltd.)
S1 ESProtectionDriver; \??\C:\windows\system32\drivers\mbae64.sys [X]
S3 MBAMFarflt; \??\C:\windows\system32\drivers\farflt.sys [X]
S3 MBAMProtection; \??\C:\windows\system32\drivers\mbam.sys [X]
S0 MBAMSwissArmy; system32\drivers\MBAMSwissArmy.sys [X]
S3 MBAMWebProtection; \??\C:\windows\system32\drivers\mwac.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-29 22:51 - 2017-03-29 22:53 - 00020166 _____ C:\Users\můj\Desktop\FRST.txt
2017-03-29 22:51 - 2017-03-29 22:51 - 00000000 ____D C:\FRST
2017-03-29 22:50 - 2017-03-29 22:50 - 02424832 _____ (Farbar) C:\Users\můj\Desktop\FRST64.exe
2017-03-29 19:54 - 2017-03-29 19:54 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-29 19:48 - 2017-03-29 19:48 - 00201728 _____ (OldTimer Tools) C:\Users\můj\Desktop\OTC.exe
2017-03-29 18:14 - 2017-03-29 18:14 - 00003288 ____N C:\bootsqm.dat
2017-03-29 18:12 - 2017-03-29 18:12 - 00000000 __SHD C:\found.000
2017-03-29 15:01 - 2017-03-29 15:01 - 00399944 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2017-03-29 14:00 - 2017-03-29 14:00 - 00012117 _____ C:\Users\můj\Desktop\HJT.txt
2017-03-29 13:50 - 2017-03-29 13:50 - 00027023 _____ C:\Users\můj\Desktop\cfs.txt
2017-03-29 13:27 - 2017-03-29 13:27 - 00005140 _____ C:\Users\můj\Desktop\CFScript.txt
2017-03-28 16:29 - 2017-03-28 16:29 - 00000000 ____D C:\Users\muj
2017-03-28 16:01 - 2017-03-29 19:37 - 00000000 ____D C:\Qoobox
2017-03-28 16:00 - 2017-03-28 16:26 - 00000000 ____D C:\windows\erdnt
2017-03-28 15:59 - 2017-03-28 15:59 - 00001942 _____ C:\Users\můj\Desktop\zemana2017.03.28-15.00.56-i0-t92-d2.txt
2017-03-28 14:58 - 2017-03-29 22:51 - 00086325 _____ C:\windows\ZAM.krnl.trace
2017-03-28 14:58 - 2017-03-29 22:51 - 00052217 _____ C:\windows\ZAM_Guard.krnl.trace
2017-03-28 14:57 - 2017-03-28 14:58 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-03-28 14:57 - 2017-03-28 14:57 - 00203680 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zamguard64.sys
2017-03-28 14:57 - 2017-03-28 14:57 - 00203680 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zam64.sys
2017-03-28 14:57 - 2017-03-28 14:57 - 00001159 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-03-28 14:57 - 2017-03-28 14:57 - 00000000 ____D C:\Users\můj\AppData\Local\Zemana
2017-03-28 14:57 - 2017-03-28 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-03-28 14:56 - 2017-03-29 14:51 - 00000512 _____ C:\Users\můj\Desktop\MBR.dat
2017-03-28 14:56 - 2017-03-28 14:56 - 00002388 _____ C:\Users\můj\Desktop\2017-03-28 1456aswMBR.txt
2017-03-28 13:43 - 2017-03-28 13:43 - 00000000 ____D C:\Users\můj\Desktop\backups
2017-03-28 13:34 - 2017-03-28 13:36 - 05765792 _____ (Zemana Ltd. ) C:\Users\můj\Desktop\Zemana.AntiMalware.Setup.exe
2017-03-27 08:51 - 2017-03-29 13:20 - 00000000 ____D C:\Users\můj\AppData\Local\CrashDumps
2017-03-26 23:59 - 2017-03-26 23:23 - 00024064 _____ C:\windows\zoek-delete.exe
2017-03-26 11:57 - 2017-03-26 13:01 - 00000000 ____D C:\zoek_backup
2017-03-26 11:57 - 2017-03-26 11:57 - 01309184 _____ C:\Users\můj\Desktop\zoek.exe
2017-03-25 20:05 - 2017-03-25 20:05 - 00000000 ____D C:\Users\můj\Desktop\Nová složka (3)
2017-03-25 11:42 - 2017-03-25 11:42 - 26181704 _____ C:\Users\můj\Desktop\RogueKillerX64.exe
2017-03-24 16:22 - 2017-03-25 11:45 - 00028272 _____ C:\windows\system32\Drivers\TrueSight.sys
2017-03-24 16:21 - 2017-03-24 17:26 - 00000000 ____D C:\ProgramData\RogueKiller
2017-03-24 15:11 - 2017-03-24 15:11 - 00000000 ____D C:\ProgramData\Sophos
2017-03-24 15:10 - 2017-03-24 15:10 - 00002759 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2017-03-24 15:10 - 2017-03-24 15:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-03-24 15:10 - 2017-03-24 15:10 - 00000000 ____D C:\Program Files (x86)\Sophos
2017-03-24 14:55 - 2017-03-24 15:07 - 164979072 _____ (Sophos Limited) C:\Users\můj\Desktop\Sophos Virus Removal Tool.exe
2017-03-24 13:59 - 2017-03-24 13:59 - 01663904 _____ (Malwarebytes) C:\Users\můj\Desktop\JRT.exe
2017-03-24 01:35 - 2017-03-24 01:35 - 00005324 _____ C:\Users\můj\Desktop\AdwCleaner[C0].txt
2017-03-23 21:43 - 2017-03-23 21:43 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-23 21:43 - 2017-03-23 21:43 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-23 21:37 - 2017-03-23 21:41 - 57131432 _____ (Malwarebytes ) C:\Users\můj\Desktop\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-23 21:28 - 2017-03-23 22:54 - 00000000 ____D C:\AdwCleaner
2017-03-23 21:28 - 2017-03-23 21:28 - 04031440 _____ C:\Users\můj\Desktop\AdwCleaner.exe
2017-03-23 21:22 - 2017-03-23 21:22 - 00448512 _____ (OldTimer Tools) C:\Users\můj\Desktop\TFC(1).exe
2017-03-23 20:59 - 2017-03-23 20:59 - 00448512 _____ (OldTimer Tools) C:\Users\můj\Desktop\TFC.exe
2017-03-23 20:54 - 2017-03-23 20:54 - 00050688 _____ (Atribune.org) C:\Users\můj\Desktop\ATF-Cleaner.exe
2017-03-23 20:21 - 2017-03-23 20:21 - 00388608 _____ (Trend Micro Inc.) C:\Users\můj\Desktop\HijackThis.exe
2017-03-22 23:28 - 2017-03-22 23:28 - 00000000 ____D C:\Users\můj\AppData\Roaming\www.shadowexplorer.com
2017-03-22 22:39 - 2017-03-22 22:39 - 00000000 ____D C:\ProgramData\LHService
2017-03-22 22:36 - 2017-03-22 22:36 - 00000000 ____D C:\ProgramData\LockHunter
2017-03-22 22:22 - 2017-03-22 23:01 - 00000000 ____D C:\Program Files\LockHunter
2017-03-22 22:22 - 2017-03-22 22:22 - 00000000 ____D C:\Users\můj\AppData\Roaming\LockHunter
2017-03-15 12:02 - 2017-03-15 12:02 - 06847064 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2017-03-15 00:50 - 2017-03-04 19:24 - 00394448 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2017-03-15 00:50 - 2017-03-04 18:39 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2017-03-15 00:50 - 2017-03-04 10:20 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2017-03-15 00:50 - 2017-03-04 10:20 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2017-03-15 00:50 - 2017-03-04 10:02 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2017-03-15 00:50 - 2017-03-04 10:01 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-03-15 00:50 - 2017-03-04 10:01 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2017-03-15 00:50 - 2017-03-04 10:01 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2017-03-15 00:50 - 2017-03-04 10:01 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2017-03-15 00:50 - 2017-03-04 09:59 - 02895360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2017-03-15 00:50 - 2017-03-04 09:52 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2017-03-15 00:50 - 2017-03-04 09:51 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2017-03-15 00:50 - 2017-03-04 09:48 - 25746944 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-03-15 00:50 - 2017-03-04 09:46 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2017-03-15 00:50 - 2017-03-04 09:45 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2017-03-15 00:50 - 2017-03-04 09:45 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2017-03-15 00:50 - 2017-03-04 09:45 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2017-03-15 00:50 - 2017-03-04 09:44 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-03-15 00:50 - 2017-03-04 09:36 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2017-03-15 00:50 - 2017-03-04 09:32 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2017-03-15 00:50 - 2017-03-04 09:31 - 06045696 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-03-15 00:50 - 2017-03-04 09:23 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2017-03-15 00:50 - 2017-03-04 09:21 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2017-03-15 00:50 - 2017-03-04 09:16 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2017-03-15 00:50 - 2017-03-04 09:16 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2017-03-15 00:50 - 2017-03-04 09:13 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2017-03-15 00:50 - 2017-03-04 09:11 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2017-03-15 00:50 - 2017-03-04 08:57 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2017-03-15 00:50 - 2017-03-04 08:55 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2017-03-15 00:50 - 2017-03-04 08:54 - 00806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-03-15 00:50 - 2017-03-04 08:52 - 02131456 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2017-03-15 00:50 - 2017-03-04 08:52 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2017-03-15 00:50 - 2017-03-04 08:26 - 15259648 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-03-15 00:50 - 2017-03-04 08:25 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-03-15 00:50 - 2017-03-04 08:12 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-03-15 00:50 - 2017-03-04 08:02 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-03-15 00:50 - 2017-03-04 06:18 - 20281856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-03-15 00:50 - 2017-03-02 20:16 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2017-03-15 00:50 - 2017-03-02 20:02 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2017-03-15 00:50 - 2017-03-02 20:01 - 00499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-03-15 00:50 - 2017-03-02 20:01 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2017-03-15 00:50 - 2017-03-02 20:01 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2017-03-15 00:50 - 2017-03-02 20:00 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2017-03-15 00:50 - 2017-03-02 19:55 - 02287104 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2017-03-15 00:50 - 2017-03-02 19:54 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2017-03-15 00:50 - 2017-03-02 19:53 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2017-03-15 00:50 - 2017-03-02 19:51 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2017-03-15 00:50 - 2017-03-02 19:50 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2017-03-15 00:50 - 2017-03-02 19:49 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-03-15 00:50 - 2017-03-02 19:49 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2017-03-15 00:50 - 2017-03-02 19:41 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2017-03-15 00:50 - 2017-03-02 19:36 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-03-15 00:50 - 2017-03-02 19:35 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2017-03-15 00:50 - 2017-03-02 19:32 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2017-03-15 00:50 - 2017-03-02 19:31 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2017-03-15 00:50 - 2017-03-02 19:29 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2017-03-15 00:50 - 2017-03-02 19:28 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2017-03-15 00:50 - 2017-03-02 19:22 - 04604416 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-03-15 00:50 - 2017-03-02 19:21 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2017-03-15 00:50 - 2017-03-02 19:19 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-03-15 00:50 - 2017-03-02 19:17 - 02055680 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2017-03-15 00:50 - 2017-03-02 19:17 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2017-03-15 00:50 - 2017-03-02 19:11 - 13654528 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-03-15 00:50 - 2017-03-02 18:53 - 02767360 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-03-15 00:50 - 2017-03-02 18:50 - 01312768 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-03-15 00:50 - 2017-03-02 18:50 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-03-15 00:50 - 2017-02-11 17:58 - 00462848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-03-15 00:50 - 2017-02-11 17:58 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-03-15 00:50 - 2017-02-11 17:58 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-03-15 00:50 - 2017-02-10 18:32 - 00803328 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2017-03-15 00:50 - 2017-02-10 18:32 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-03-15 00:50 - 2017-02-10 18:17 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2017-03-15 00:50 - 2017-02-10 18:17 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-03-15 00:50 - 2017-02-10 16:33 - 01251328 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-03-15 00:50 - 2017-02-09 18:36 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-03-15 00:50 - 2017-02-09 18:35 - 05548264 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-03-15 00:50 - 2017-02-09 18:35 - 00706792 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-03-15 00:50 - 2017-02-09 18:35 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2017-03-15 00:50 - 2017-02-09 18:35 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2017-03-15 00:50 - 2017-02-09 18:33 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00040960 _____ (Microsoft Corporation) C:\windows\system32\WcsPlugInService.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2017-03-15 00:50 - 2017-02-09 18:32 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00625664 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\icm32.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:19 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2017-03-15 00:50 - 2017-02-09 18:19 - 03945192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2017-03-15 00:50 - 2017-02-09 18:16 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00481792 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00215040 _____ (Microsoft Corporation) C:\windows\SysWOW64\icm32.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 18:03 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2017-03-15 00:50 - 2017-02-09 18:03 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2017-03-15 00:50 - 2017-02-09 18:03 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2017-03-15 00:50 - 2017-02-09 18:02 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2017-03-15 00:50 - 2017-02-09 18:00 - 03220480 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-03-15 00:50 - 2017-02-09 17:59 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2017-03-15 00:50 - 2017-02-09 17:58 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2017-03-15 00:50 - 2017-02-09 17:55 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2017-03-15 00:50 - 2017-02-09 17:55 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2017-03-15 00:50 - 2017-02-09 17:55 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2017-03-15 00:50 - 2017-02-09 17:54 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2017-03-15 00:50 - 2017-02-09 17:54 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2017-03-15 00:50 - 2017-02-09 17:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2017-03-15 00:50 - 2017-02-09 17:51 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\WcsPlugInService.dll
2017-03-15 00:50 - 2017-02-09 17:50 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2017-03-15 00:50 - 2017-02-09 17:50 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2017-03-15 00:50 - 2017-02-09 17:50 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2017-03-15 00:50 - 2017-02-09 17:50 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2017-03-15 00:50 - 2017-02-09 17:49 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2017-03-15 00:50 - 2017-02-09 17:49 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 17:49 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 17:49 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 17:49 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-03-15 00:50 - 2017-02-09 16:06 - 01648128 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-03-15 00:50 - 2017-02-09 16:06 - 01180160 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-03-15 00:50 - 2017-02-06 18:14 - 00733696 _____ (Microsoft Corporation) C:\windows\HelpPane.exe
2017-03-15 00:50 - 2017-01-13 20:00 - 00976896 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-03-15 00:50 - 2017-01-13 20:00 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\INETRES.dll
2017-03-15 00:50 - 2017-01-13 19:45 - 00741888 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-03-15 00:50 - 2017-01-13 19:45 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\INETRES.dll
2017-03-15 00:50 - 2017-01-11 20:01 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2017-03-15 00:50 - 2017-01-11 20:01 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2017-03-15 00:50 - 2017-01-11 19:43 - 01241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2017-03-15 00:50 - 2017-01-11 19:43 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2017-03-15 00:50 - 2017-01-06 20:00 - 01574912 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2017-03-15 00:50 - 2017-01-06 19:44 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2017-03-15 00:43 - 2017-02-23 01:42 - 00084712 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-03-15 00:43 - 2017-02-23 01:37 - 01285632 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-03-15 00:43 - 2017-02-18 16:05 - 01609216 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-03-15 00:43 - 2017-02-18 16:05 - 00646656 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-03-15 00:43 - 2016-12-31 17:36 - 00556544 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-03-15 00:43 - 2016-12-31 17:36 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-03-15 00:43 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2017-03-15 00:43 - 2016-12-31 17:36 - 00233984 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-03-15 00:43 - 2016-12-31 17:36 - 00133632 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-03-02 15:58 - 2017-03-29 18:21 - 00003892 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1458757209
2017-03-02 12:47 - 2017-03-29 15:01 - 00003914 _____ C:\windows\System32\Tasks\Avast Emergency Update
2017-03-02 12:47 - 2017-03-29 15:00 - 00334088 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbloga.sys
2017-03-02 12:47 - 2017-03-29 15:00 - 00307736 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsdrivera.sys
2017-03-02 12:47 - 2017-03-29 15:00 - 00189768 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsha.sys
2017-03-02 12:47 - 2017-03-29 15:00 - 00048528 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbuniva.sys

==================== One Month Modified files and folders ========

-pavelk- · Příspěvekod **-pavelk-** » 29 bře 2017 23:01

pokračování logu z FRST:
(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-29 22:51 - 2016-11-20 01:40 - 00000000 ____D C:\Users\můj\AppData\LocalLow\Mozilla
2017-03-29 19:53 - 2009-07-14 06:45 - 00025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-29 19:53 - 2009-07-14 06:45 - 00025120 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-29 19:39 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2017-03-29 15:55 - 2011-02-14 10:37 - 00678270 _____ C:\windows\system32\perfh005.dat
2017-03-29 15:55 - 2011-02-14 10:37 - 00146898 _____ C:\windows\system32\perfc005.dat
2017-03-29 15:55 - 2009-07-14 07:13 - 01613488 _____ C:\windows\system32\PerfStringBackup.INI
2017-03-29 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2017-03-29 15:01 - 2014-08-01 20:43 - 00164064 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2017-03-29 15:01 - 2014-08-01 20:43 - 00038296 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2017-03-29 15:01 - 2013-03-16 10:24 - 00339696 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2017-03-29 15:01 - 2013-03-16 10:24 - 00075704 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2017-03-29 15:01 - 2012-06-24 15:54 - 00556784 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2017-03-29 15:01 - 2012-06-24 15:54 - 00127112 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2017-03-29 15:01 - 2012-06-24 15:54 - 00101152 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2017-03-29 15:00 - 2016-03-23 20:19 - 00032600 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2017-03-29 15:00 - 2012-06-24 15:54 - 01005048 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2017-03-29 13:43 - 2009-07-14 04:34 - 00000215 _____ C:\windows\system.ini
2017-03-28 16:35 - 2015-02-19 22:35 - 00002046 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-03-28 16:29 - 2009-07-14 07:09 - 00000000 ____D C:\windows\System32\Tasks\WPD
2017-03-28 15:58 - 2011-05-14 12:41 - 00000788 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recovery Media Creator Help.lnk
2017-03-28 15:00 - 2012-06-05 13:46 - 00000000 ____D C:\Users\můj
2017-03-27 04:53 - 2012-06-14 00:00 - 00000000 ____D C:\Program Files (x86)\The KMPlayer
2017-03-26 13:01 - 2013-02-02 19:28 - 00000000 ____D C:\Users\můj\Desktop\inst. programy
2017-03-26 13:01 - 2009-07-14 05:20 - 00000000 ___HD C:\windows\system32\GroupPolicy
2017-03-24 19:07 - 2012-07-02 15:07 - 00000000 ___RD C:\Users\můj\Desktop\lsc
2017-03-23 22:11 - 2012-07-24 20:37 - 00000000 ____D C:\Users\můj\AppData\Local\ApplicationHistory
2017-03-22 22:27 - 2015-02-23 23:32 - 00018944 ___SH C:\Users\můj\Documents\Thumbs.db
2017-03-22 21:24 - 2011-05-14 12:12 - 00000000 ____D C:\Users\UpdatusUser
2017-03-20 11:56 - 2012-06-06 00:57 - 00000000 ____D C:\Users\můj\AppData\Roaming\SoftGrid Client
2017-03-19 16:00 - 2016-11-20 01:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-19 16:00 - 2015-02-27 23:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-17 17:47 - 2012-09-11 22:44 - 00000000 ____D C:\Users\můj\AppData\Roaming\CENZURA
2017-03-15 19:31 - 2009-07-14 05:20 - 00000000 ____D C:\windows\rescache
2017-03-15 12:03 - 2012-06-25 07:38 - 00004396 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-03-15 12:02 - 2012-06-25 07:38 - 00802904 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-03-15 12:02 - 2012-06-25 07:38 - 00144472 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-15 12:02 - 2012-06-25 07:38 - 00000000 ____D C:\windows\system32\Macromed
2017-03-15 12:02 - 2011-05-14 12:40 - 00000000 ____D C:\windows\SysWOW64\Macromed
2017-03-15 11:51 - 2009-07-14 06:45 - 00443048 _____ C:\windows\system32\FNTCACHE.DAT
2017-03-15 11:48 - 2014-12-11 21:39 - 00000000 ____D C:\windows\system32\appraiser
2017-03-15 11:48 - 2014-05-07 00:42 - 00000000 ___SD C:\windows\system32\CompatTel
2017-03-15 11:48 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-15 02:03 - 2013-08-14 23:38 - 00000000 ____D C:\windows\system32\MRT
2017-03-15 02:00 - 2012-06-26 09:47 - 138634176 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-03-12 22:27 - 2012-07-04 13:45 - 00000000 ____D C:\Users\můj\Documents\SDH Mašov
2017-03-12 21:02 - 2015-06-07 16:59 - 00000000 ____D C:\Users\můj\Desktop\lišta
2017-03-08 16:59 - 2014-10-14 12:28 - 00000000 ____D C:\Users\můj\Desktop\adata
2017-03-06 18:05 - 2012-06-24 15:53 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-02 16:03 - 2013-08-29 15:37 - 00000000 ____D C:\temp

==================== Files in the root of some directories =======

2012-08-12 20:01 - 2012-08-12 20:01 - 0003584 _____ () C:\Users\můj\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-24 20:37 - 2012-07-24 20:37 - 0000091 _____ () C:\Users\můj\AppData\Local\fusioncache.dat
2012-07-24 19:59 - 2013-09-15 09:26 - 0004141 _____ () C:\ProgramData\hpzinstall.log
2012-06-25 07:05 - 2016-12-02 21:13 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-24 01:24

-pavelk- · Příspěvekod **-pavelk-** » 29 bře 2017 23:02

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by můj (29-03-2017 22:53:43)
Running from C:\Users\můj\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-06-05 11:46:28)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-4093128343-277712152-1473002577-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4093128343-277712152-1473002577-1003 - Limited - Enabled)
Guest (S-1-5-21-4093128343-277712152-1473002577-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4093128343-277712152-1473002577-1005 - Limited - Enabled)
můj (S-1-5-21-4093128343-277712152-1473002577-1001 - Administrator - Enabled) => C:\Users\můj
UpdatusUser (S-1-5-21-4093128343-277712152-1473002577-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACDSee Pro (HKLM-x32\...\{F99F74B4-972B-4B06-B893-6B3B0DB0128B}) (Version: 8.1.99 - ACD Systems Ltd.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
AiO_Scan (x32 Version: 43.0.217.000 - Hewlett-Packard) Hidden
AiOSoftware (x32 Version: 43.0.217.000 - Hewlett-Packard) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.0004 - Atheros Communications)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2290 - AVAST Software)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.05(T) - TOSHIBA CORPORATION)
BufferChm (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Conexant Polaris Unused CIR Function (HKLM\...\VID_1D19&PID_6109&MI_00) (Version: 1.0.0.0 - Conexant Systems)
Content Manager (HKLM-x32\...\Content Manager) (Version: 3.18.5.639191 - NNG Llc.)
ContentHD (x32 Version: 1.00.0002 - Corel Corporation) Hidden
Contents (x32 Version: 1.5.10.332 - Corel Corporation) Hidden
ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
Copy (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
Corel Digital Studio SE (HKLM-x32\...\_{E185BD5C-0E10-479F-AF44-63D3A068446A}) (Version: 1.5.10.332 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.822 - Corel Inc.)
CreativeProjects (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
CreativeProjectsTemplates (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
CueTour (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.4930 - CyberLink Corp.)
CyberLink PowerDirector 11 (Version: 11.0.0.4930 - Název společnosti:) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Destinations (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
DeviceIO (x32 Version: 1.5.10.332 - Corel Corporation) Hidden
DFPro (x32 Version: 1.5.10.332 - Corel Corporation) Hidden
Director (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 4.0.0.0 - Hewlett-Packard) Hidden
DocumentViewer (x32 Version: 43.0.217.000 - Hewlett-Packard) Hidden
Doplnok programu Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
EaseUS Partition Master 10.2 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
ENE CIR Receiver Driver (HKLM\...\2C293EC1A06665BB961CBA4EC7AFF4BF2BEAD042) (Version: 2.7.4.1 - ENE)
Fax (x32 Version: 43.0.217.000 - Hewlett-Packard) Hidden
FLV.com FLV Converter 4.4 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-997AF4905D9C}) (Version: - GreenTree Applications SRL)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HD Tune 2.50 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HP Image Zone 4.2 (HKLM-x32\...\HP Photo & Imaging) (Version: 4.2 - HP)
HP PSC & OfficeJet 4.2 (HKLM-x32\...\{A1062847-0846-427A-92A1-BB8251A91E91}) (Version: - HP)
HPSystemDiagnostics (x32 Version: 1.5.0.0 - Your Company Name) Hidden
ICA (x32 Version: 1.5.10.332 - Corel Corporation) Hidden
InstantShare (x32 Version: 4.0.0.40 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.80.1213 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
IPM_OEM (x32 Version: 1.53 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.5.10.332 - Corel Corporation) Hidden
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.57.2 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 10.6.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
Label@Once 1.0 (x32 Version: 1.0 - Corel) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger kísérő (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Czech Language Pack (HKLM-x32\...\{5E65E94D-69F2-4850-9E93-6459C53A0F50}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4999.1042 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MLE (x32 Version: 1.0.0.60 - Corel Corporation) Hidden
Mozilla Firefox 52.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 cs)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.6.11500.16.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10500.1.102 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.2.10400.5.100 - Nero AG)
Nero MediaHome Free (HKLM-x32\...\{B0AE1850-DA08-4E88-BC39-3D3BCCCEFF37}) (Version: 16.0.01500 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}) (Version: 10.5.14800 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.2.10800.9.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG)
NVIDIA 3D Vision Controller Driver 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 267.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 267.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 267.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)
Overland (x32 Version: 2.1.5 - Hewlett-Packard) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PhotoGallery (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocnik Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 16.0.0003 - Nero AG) Hidden
PrintScreen (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
PureHD (x32 Version: 1.5.10.332 - Corel Corporation) Hidden
QFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
QuickProjects (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 4.80 - Philipp Winterberg)
Readme (x32 Version: 43.0.217.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6323 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.42 - Piriform)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden
Scan (x32 Version: 4.1.0.0 - Hewlett-Packard) Hidden
Setup (x32 Version: 1.5.10.332 - Corel Corporation) Hidden
Share (x32 Version: 1.5.10.332 - Corel Corporation) Hidden
Share64 (Version: 1.5.10.332 - Corel Corporation) Hidden
SkinsHP1 (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{229C190B-7690-40B7-8680-42530179F3E9}) (Version: 2.0.16.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{D5AEEAA2-184E-4A2A-BAA3-6225EA4B9516}) (Version: 8.0.37 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.6 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.24.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.9.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.12C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.1.34C - TOSHIBA CORPORATION)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.1.13 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.7 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.86.2 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.6.1 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.00.0008 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.4.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)
TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.6.1 - TOSHIBA CORPORATION)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.0 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.7 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.51.2C - TOSHIBA CORPORATION)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.0.19 - TOSHIBA Corporation)
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{CA5CF466-CAE3-4D99-8BB4-C80F4AC55028}) (Version: 1.0.2 - TOSHIBA CORPORATION)
TrayApp (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
Unload (x32 Version: 4.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Utility Common Driver (x32 Version: 1.0.52.2C - TOSHIBA) Hidden
Video Grabber (HKLM\...\VID_1D19&PID_6109&MI_01) (Version: 1.0.0.0 - Conexant Systems)
VideoReDo TVSuite Version 5.1.3.741 (HKLM-x32\...\VideoReDo5_is1) (Version: - DRD Systems, Inc.)
VIO (x32 Version: 1.5.10.332 - Corel Corporation) Hidden
WebReg (x32 Version: 43.1.5.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
YTD (pepak) (HKLM-x32\...\YTD_Pepak) (Version: - )
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.72.0.327 - Zemana Ltd.)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4093128343-277712152-1473002577-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\můj\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4093128343-277712152-1473002577-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\můj\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4093128343-277712152-1473002577-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\můj\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4093128343-277712152-1473002577-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\můj\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0031D0E0-ACCE-4E5D-966B-5ABBAD9BBD27} - System32\Tasks\{EB40B8F4-69AD-485C-AB4C-F5D3CBB3777C} => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgalry.exe [2004-05-28] (Hewlett-Packard Co.)
Task: {037AB59D-102C-4DDB-A190-A2D64F0B1317} - System32\Tasks\{9911AD95-72A0-4072-A061-3ECFB37C0473} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall ENTERPRISER /dll OSETUP.DLL
Task: {0787EC53-1586-4C7C-A2D7-9A710A04EA6D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {0B4F9443-8D3B-4973-BAEC-D724EFCAE00B} - System32\Tasks\{D5B85F56-16BE-4E5D-B40B-03A44D3C5573} => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgalry.exe [2004-05-28] (Hewlett-Packard Co.)
Task: {140DB71A-CE57-4EE1-A1AD-9AF78F2837CD} - System32\Tasks\{FCE7E848-F9A4-4EC9-8046-A168DBE1E6DA} => D:\Setup.exe
Task: {1413CCB9-70A5-4408-9D0F-10BBCB331B8F} - System32\Tasks\{7B2A8C37-4B72-43A1-A916-027E41BDDA05} => C:\Program Files (x86)\Convar\SmartRecovery\SMR.exe
Task: {145E3C45-CBAF-4A5E-810C-FAEFB699055F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-29] (AVAST Software)
Task: {1C2CE53F-89B1-48C0-A8F0-9F762064FFDD} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4093128343-277712152-1473002577-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {1D6E7A80-C911-475B-A742-C1E626CD3860} - System32\Tasks\{6B639580-79B7-4D53-98D0-B5DD5271E14A} => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgalry.exe [2004-05-28] (Hewlett-Packard Co.)
Task: {20D6A597-FD7A-48B4-ABD4-64F8B806618B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {2399BDCF-2A06-4FF9-B376-63A4E26B41BC} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-15] (Adobe Systems Incorporated)
Task: {294A6B15-0517-45CA-95E9-05B75074CFA6} - System32\Tasks\{1F7B3997-E2D8-4F80-A986-EF97F34EA158} => pcalua.exe -a C:\Users\můj\Desktop\instalace\ytd-1.15.exe -d C:\Users\můj\Desktop\instalace
Task: {32D0300A-9759-4093-80E9-D42109684F9B} - System32\Tasks\{2AC4A94B-39E8-482F-B3C4-4FB96410FEC5} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2004-05-28] (Hewlett-Packard Co.)
Task: {376767D9-0C8E-4D82-A5CF-2D59B6AE2571} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {3AA81FD6-D37B-48E6-8A75-BB6994090516} - System32\Tasks\{10BD1D2B-71AB-48A2-A75A-3F04F9E1960E} => pcalua.exe -a C:\Users\můj\Desktop\zipeg-setup.exe -d C:\Users\můj\Desktop
Task: {40BF3438-440E-46E5-BCFE-3F307289D282} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {447F2766-FA45-4061-A772-A8C866515FE4} - System32\Tasks\{4BA24C10-3506-445D-A2B8-B63DA10B5E0D} => C:\Users\můj\Desktop\instalace\ACDSee-Pro-photo-manager-8.1.99-cz\ACDSee Pro photo manager 8.1.99 cz\Czech.exe
Task: {45CA6D64-A263-41A2-BB84-1689C81DCC8A} - System32\Tasks\{A44DCD37-404D-492A-88D5-05950E7B9E48} => C:\Users\můj\Desktop\instalace\ACDSee-Pro-photo-manager-8.1.99-cz\ACDSee Pro photo manager 8.1.99 cz\Czech.exe
Task: {51AACFEC-FB6E-449E-800D-585C36E0E244} - System32\Tasks\{9F0AAA2D-1CCD-46C2-9EB3-28E86CA51D16} => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgalry.exe [2004-05-28] (Hewlett-Packard Co.)
Task: {554D5172-C3A4-4640-A21F-98CADB58F0CE} - System32\Tasks\{74B0FD3A-696B-40B0-8F5D-A776A218767F} => C:\Users\můj\Desktop\instalace\ytd-1.15.exe
Task: {5E211B89-0334-42AF-9C04-3F2BCC961113} - System32\Tasks\{A0772205-81C8-415A-A05C-F9492660E82F} => C:\Users\můj\Desktop\instalace\ytd-1.15.exe
Task: {5ED73462-9E67-45BA-8A14-1FFA1B50184D} - System32\Tasks\{524CA069-39C6-4212-9FBD-D129C33C0D76} => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgalry.exe [2004-05-28] (Hewlett-Packard Co.)
Task: {610DA82C-8672-4BAE-8816-DD060ADC9D33} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4093128343-277712152-1473002577-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {7511D1D3-C3CF-4FDB-9380-10BD142D1F0B} - System32\Tasks\{7B73F384-808F-45EB-800C-7F62AACB7FFF} => C:\Users\můj\Desktop\instalace\ytd-1.15.exe
Task: {780383E8-8966-4E6C-97EA-8D209C61C166} - System32\Tasks\SafeZone scheduled Autoupdate 1458757209 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software)
Task: {8D49988C-9312-4B46-88A8-06F274212437} - System32\Tasks\{4B8C2B38-83DF-4F54-8313-D7181A4F2A8E} => C:\Program Files (x86)\Convar\SmartRecovery\SMR.exe
Task: {979B944E-026D-4399-99CA-1CC52C7A10D9} - System32\Tasks\{BBF23F94-1D3C-4089-9863-9913867CFA4E} => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqthb08.exe [2004-05-28] (Hewlett-Packard Co.)
Task: {A388DE91-32E8-449A-B962-D03DD1F89A98} - System32\Tasks\{21CD46FB-42C4-4424-B991-E9249749911C} => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgalry.exe [2004-05-28] (Hewlett-Packard Co.)
Task: {AE612012-621D-4DAF-9FF9-60E378590C4D} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION)
Task: {B3BAF50E-E021-4A98-9C25-E6BA38DED883} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {B42BEC20-2114-46A1-8DD5-AFD6FC9DAAF3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {C79C7AD6-B65A-42D4-9245-34D07748DEFE} - System32\Tasks\{466D8E68-77C5-4A30-9806-A2D182888717} => C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe [2004-05-28] (Hewlett-Packard Co.)
Task: {CA7046D2-CD20-4AE0-9ABB-3FC398F260A3} - System32\Tasks\{CDFB765A-2E33-499A-87DE-5344519FDF45} => pcalua.exe -a C:\Users\můj\AppData\Local\Zipeg\Application\zipeg.exe -c -uninstall
Task: {E26748FE-3C89-4367-9697-870521276A90} - System32\Tasks\{6C6A521A-176C-4DC5-A3F3-CCD3009E4804} => pcalua.exe -a C:\Users\můj\Desktop\revouninstaller\revouninstaller-portable\Revouninstaller.exe -d C:\Users\můj\Desktop\revouninstaller\revouninstaller-portable
Task: {E4835D2A-9D1F-457B-AF36-4E6A90BD7200} - System32\Tasks\{D7CDFFF4-2788-49C7-89F5-9A411548FED7} => pcalua.exe -a "C:\Users\můj\Desktop\inst. programy\hdtune_250.exe" -d "C:\Users\můj\Desktop\inst. programy"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2010-11-19 02:18 - 2010-11-19 02:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2010-11-30 19:37 - 2010-11-30 19:37 - 00048504 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-12-16 00:19 - 2010-12-16 00:19 - 00124320 _____ () C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
2011-02-23 04:22 - 2011-02-23 04:22 - 00429432 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
2015-09-27 21:25 - 2013-03-06 14:42 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2011-03-11 23:14 - 2011-03-11 23:14 - 00030064 _____ () c:\Program Files (x86)\Common Files\Ulead Systems\UDSS\UDSS.exe
2015-02-18 21:38 - 2014-11-18 15:44 - 00255072 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\TrayTipAgentE.exe
2017-03-29 15:00 - 2017-03-29 15:00 - 00162024 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-03-29 15:00 - 2017-03-29 15:00 - 00790544 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-03-29 15:00 - 2017-03-29 15:00 - 00275776 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2010-12-09 00:42 - 2010-12-09 00:42 - 00079264 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2017-03-28 14:58 - 2017-03-28 14:58 - 00154480 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2017-03-29 15:00 - 2017-03-29 15:00 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-29 15:00 - 2017-03-29 15:00 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-03-29 15:00 - 2017-03-29 15:00 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-29 15:00 - 2017-03-29 15:00 - 00230632 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-03-29 19:47 - 2017-03-29 19:47 - 05898752 _____ () C:\Program Files\AVAST Software\Avast\defs\17032902\algo.dll
2016-07-09 15:56 - 2016-07-09 15:56 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-29 15:00 - 2017-03-29 15:00 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2015-02-18 21:38 - 2014-02-13 16:27 - 00222792 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\traynet.dll
2015-02-18 21:38 - 2014-02-13 16:27 - 00275528 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\libcurl.dll
2015-02-18 21:38 - 2014-02-13 16:27 - 00113166 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\zlib1.dll
2015-02-18 21:38 - 2014-02-13 16:27 - 00249928 _____ () C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\TrayPopupE\uexper.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0888F409 [156]
AlternateDataStreams: C:\ProgramData\Temp:3440EB47 [150]
AlternateDataStreams: C:\ProgramData\Temp:66633281 [139]
AlternateDataStreams: C:\ProgramData\Temp:93433455 [162]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2017-03-29 13:43 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4093128343-277712152-1473002577-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\můj\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\windows\pss\Bluetooth Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Rychlé spuštění aplikace HP Image Zone.lnk => C:\windows\pss\Rychlé spuštění aplikace HP Image Zone.lnk.CommonStartup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: HP Component Manager => "C:\Program Files (x86)\HP\hpcoretech\hpcmpmgr.exe"
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CC735AF1-83FD-460C-B7AE-D72A1C85477D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{DD681A63-7988-4A6F-A767-8852F470B6EA}] => (Allow) LPort=2869
FirewallRules: [{DF8A2127-8692-48CB-A979-0CC9A3D64A29}] => (Allow) LPort=1900
FirewallRules: [{9D493FAE-4F95-4674-A245-EDA21A05311B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{B4F3AD2A-68A4-4429-AA64-766DE4BB04EB}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6EDFF60A-5424-4EBD-9F85-3E6B96A153E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{F69E6CB8-8A5B-4614-B453-0149B3C8B309}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{DE25488B-B0D7-4CA5-9838-0CD532EA643C}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{8A3D4B1C-1FC9-4D31-B426-4BDFCC878BB2}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [{BC21653D-5A16-4738-931F-C256991E5B45}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C9DE6EA8-8A8C-42DB-88DF-34714179890D}] => (Allow) C:\Program Files (x86)\Nero\Nero 10\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{70948405-CB73-42E6-B27B-2ACA93B7D024}] => (Allow) C:\Program Files (x86)\Nero\Nero 10\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{ABD5945C-9E0C-4260-A70A-A960FCE27630}] => (Allow) C:\Program Files (x86)\Nero\Nero 10\KM\NMDllHost.exe
FirewallRules: [{9933363D-A24E-49ED-B877-16ED572127D3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1048AB2F-B801-42AD-B484-AB8DBAAC6F41}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AB566395-28A7-4364-B392-E3F57A8E8FF9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BB25E659-8977-4CBB-BE48-19E5E96A65B8}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
FirewallRules: [{888C0567-A052-4EAE-BC9E-C33444887672}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe

==================== Restore Points =========================

15-03-2017 01:55:05 Windows Update
22-03-2017 05:17:54 Naplánovaný kontrolní bod
24-03-2017 14:04:16 JRT Pre-Junkware Removal
24-03-2017 15:09:24 Installed Sophos Virus Removal Tool.
26-03-2017 12:02:44 zoek.exe restore point
28-03-2017 15:57:41 Zemana AntiMalware 28.3.2017 15:57:32

==================== Faulty Device Manager Devices =============

Name: Malwarebytes Anti-Exploit
Description: Malwarebytes Anti-Exploit
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ESProtectionDriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/29/2017 08:12:37 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5692. Message ID: [0x2509].

Error: (03/29/2017 08:11:24 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 4652. Message ID: [0x2509].

Error: (03/29/2017 08:01:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Explorer.EXE verze 6.1.7601.23537 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 6b8

Čas spuštění: 01d2a8b368920e21

Čas ukončení: 109

Cesta k aplikaci: C:\windows\Explorer.EXE

ID hlášení: c4ed2d59-14a9-11e7-8e73-b870f4608010

Error: (03/29/2017 07:40:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/29/2017 06:17:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/29/2017 04:16:24 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek TI30763200B (C:) nebyl defragmentován, protože byla zjištěna chyba: Na tomto svazku je nastaven nevyřízený bit. (0x89000015).

Error: (03/29/2017 01:20:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 3.0.0.912, časové razítko: 0x58811d74
Název chybujícího modulu: mbamtray.exe, verze: 3.0.0.912, časové razítko: 0x58811d74
Kód výjimky: 0xc0000005
Posun chyby: 0x00054645
ID chybujícího procesu: 0x1a38
Čas spuštění chybující aplikace: 0x01d2a87e626e1120
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
ID zprávy: aea322cd-1471-11e7-869c-b870f4608010

Error: (03/29/2017 12:54:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/28/2017 04:17:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (03/28/2017 01:56:41 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
(Patch task for {90140011-0066-0405-0000-0000000FF1CE}): DownloadLatest Failed:

System errors:
=============
Error: (03/29/2017 10:41:48 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR4 má chybný blok.

Error: (03/29/2017 10:41:43 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR4 má chybný blok.

Error: (03/29/2017 10:10:24 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (03/29/2017 10:10:19 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (03/29/2017 10:10:14 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (03/29/2017 10:10:09 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (03/29/2017 10:10:04 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (03/29/2017 10:09:59 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (03/29/2017 10:09:54 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

Error: (03/29/2017 10:09:49 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR2 má chybný blok.

CodeIntegrity:
===================================
Date: 2017-03-29 13:42:13.723
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-29 13:42:13.582
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-29 13:42:13.442
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-29 13:42:13.301
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-28 16:13:56.908
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-28 16:13:56.768
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-28 16:12:04.105
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MJ0F56~1\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-28 16:12:03.964
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MJ0F56~1\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-28 16:12:03.824
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MJ0F56~1\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-03-28 16:12:03.683
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\MJ0F56~1\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 47%
Total physical RAM: 4002.69 MB
Available physical RAM: 2100.02 MB
Total Virtual: 8003.56 MB
Available Virtual: 6071.72 MB

==================== Drives ================================

Drive c: (TI30763200B) (Fixed) (Total:579.69 GB) (Free:64.47 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (VERBATIM HD) (Fixed) (Total:1863.01 GB) (Free:1089.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 56268BA7)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=579.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=17)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: F38DB80D)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Příspěvekod **jaro3** » 30 bře 2017 09:39

Odinstaluj:
Seznam lištička

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-4093128343-277712152-1473002577-1000\...\Run: [] => [X]
HKU\S-1-5-21-4093128343-277712152-1473002577-1000\...\RunOnce: [SysOff] => C:\Windows\SysWOW64\SYSPREP\ClosespV.exe
HKU\S-1-5-21-4093128343-277712152-1473002577-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4093128343-277712152-1473002577-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {9DEAC2A5-455F-4C1E-89BC-30039A54318C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {9DEAC2A5-455F-4C1E-89BC-30039A54318C} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {49162ADC-E8FF-4322-B076-C345177872A9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {49162ADC-E8FF-4322-B076-C345177872A9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4093128343-277712152-1473002577-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4093128343-277712152-1473002577-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4093128343-277712152-1473002577-1001 -> {73F6424B-EC2F-4166-A732-C78B3896A6A8} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keywords={searchTerms}&tag=tochibauk-win7-ie-search-21&index=blended&linkCode=ur2
SearchScopes: HKU\S-1-5-21-4093128343-277712152-1473002577-1001 -> {74DF117E-94AC-48F8-AF03-93209CA26E23} URL = hxxp://rover.ebay.com/rover/1/710-71511 ... 4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-4093128343-277712152-1473002577-1001 -> {C3803C42-BD98-449B-A6CB-EE4A0E6BF629} URL = hxxp://www.bing.com/search?q={searchTerms}&form=TSHMDF&pc=MATM&src=IE-SearchBox
FF Extension: (Seznam lištička) - C:\Users\můj\AppData\Roaming\Mozilla\Firefox\Profiles\10jmgvq8.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-02-23]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
C:\found.000
C:\Qoobox
C:\ProgramData\KGyGaAvL.sys
AlternateDataStreams: C:\ProgramData\Temp:0888F409 [156]
AlternateDataStreams: C:\ProgramData\Temp:3440EB47 [150]
AlternateDataStreams: C:\ProgramData\Temp:66633281 [139]
AlternateDataStreams: C:\ProgramData\Temp:93433455 [162]

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Drive c: (TI30763200B) (Fixed) (Total:579.69 GB) (Free:64.47 GB)
Totální nedostatek volného místa na disku!! Něco odinstaluj , smaž. Máš mít nejméně 15-20% volného místa na syst. disku , pro zajištění bezproblémového chodu windows!!

Tohle použij:
http://wintip.cz/569-jak-vycistit-pevny-disk

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

Pak mi vypiš přesný název té složky.

Prosím o kontrolu logu Vyřešeno

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Kdo je online