Kontrola logu - problém s WU Vyřešeno

[Tomister]

ComboFix 16-06-01.01 - Tomáš 14.06.2016 17:46:39.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.1028 [GMT 2:00]
Spuštěný z: C:\Users\TomßÜ\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))


C:\Program Files (x86)\Common Files\ASPG_icon.ico
C:\Windows\PFRO.log


((((((((((((((((((((((((( Soubory vytvořené od 2016-05-14 do 2016-06-14 )))))))))))))))))))))))))))))))


2016-06-14 15:55:10 . 2016-06-14 15:55:10 -------- d-----w- C:\Users\Default\AppData\Local\temp
2016-06-14 15:33:46 . 2016-06-14 15:02:09 24064 ----a-w- C:\Windows\zoek-delete.exe
2016-06-14 15:33:45 . 2016-06-14 15:55:10 -------- d-----w- C:\Users\Tomáš\AppData\Local\Temp
2016-06-14 15:02:10 . 2016-06-14 15:27:11 -------- d-----w- C:\zoek_backup
2016-06-14 14:39:54 . 2016-06-14 14:39:54 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2016-06-14 14:39:45 . 2016-06-14 14:39:45 483952 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2016-06-13 15:43:18 . 2016-06-14 14:41:15 28272 ----a-w- C:\Windows\system32\drivers\TrueSight.sys
2016-06-13 15:42:39 . 2016-06-13 16:00:24 -------- d-----w- C:\ProgramData\RogueKiller
2016-06-11 14:47:04 . 2016-06-14 15:38:42 192216 ----a-w- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2016-06-11 14:45:48 . 2016-06-11 14:45:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-11 14:45:48 . 2016-06-11 14:45:48 -------- d-----w- C:\ProgramData\Malwarebytes
2016-06-11 14:45:48 . 2016-03-10 12:09:06 64896 ----a-w- C:\Windows\system32\drivers\mwac.sys
2016-06-11 14:45:48 . 2016-03-10 12:08:58 140672 ----a-w- C:\Windows\system32\drivers\mbamchameleon.sys
2016-06-11 14:45:48 . 2016-03-10 12:08:54 27008 ----a-w- C:\Windows\system32\drivers\mbam.sys
2016-06-11 14:37:09 . 2016-06-11 16:29:29 -------- d-----w- C:\AdwCleaner
2016-06-11 06:21:50 . 2016-06-11 06:21:51 -------- d-----w- C:\4755185b54cbfbb51a24b72584448559
2016-06-10 16:47:08 . 2016-06-10 16:47:09 -------- d-----w- C:\62cef08e7ef9a2fd990ea2
2016-06-09 17:39:35 . 2016-06-09 17:39:35 -------- d-----w- C:\a84d57cc48e54ca19b
2016-06-09 17:00:21 . 2013-10-14 16:00:00 28368 ----a-w- C:\Windows\system32\IEUDINIT.EXE
2016-06-09 16:26:59 . 2016-06-09 16:26:59 950784 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2016-06-09 16:24:23 . 2016-06-09 16:24:23 859648 ----a-w- C:\Windows\system32\tdh.dll
2016-06-09 16:23:18 . 2016-06-09 16:23:18 497152 ----a-w- C:\Windows\system32\drivers\afd.sys
2016-06-09 16:23:18 . 2016-06-09 16:23:18 376688 ----a-w- C:\Windows\system32\drivers\netio.sys
2016-06-09 16:23:18 . 2016-06-09 16:23:18 327168 ----a-w- C:\Windows\system32\mswsock.dll
2016-06-09 16:23:18 . 2016-06-09 16:23:18 288088 ----a-w- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-06-09 16:23:18 . 2016-06-09 16:23:18 1903552 ----a-w- C:\Windows\system32\drivers\tcpip.sys
2016-06-09 16:23:17 . 2016-06-09 16:23:17 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2016-06-09 16:22:45 . 2016-06-09 16:22:45 68608 ----a-w- C:\Windows\system32\taskhost.exe
2016-06-09 16:12:32 . 2016-06-09 16:12:32 1887232 ----a-w- C:\Windows\system32\d3d11.dll
2016-06-09 16:12:32 . 2016-06-09 16:12:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
2016-06-08 15:57:35 . 2016-06-08 15:57:35 -------- d-----w- C:\Users\Tomáš\aTubeCatcher
2016-06-08 15:34:25 . 2008-08-18 17:18:44 77824 ----a-w- C:\Windows\SysWow64\fmcodec.DLL
2016-06-08 15:34:19 . 2016-06-08 15:34:19 -------- d-----w- C:\Program Files (x86)\DsNET Corp
2016-06-08 15:33:23 . 2016-06-08 15:33:24 -------- d-----w- C:\Users\Tomáš\AppData\Local\Programs
2016-05-15 18:09:24 . 2016-05-15 18:09:24 48648 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2016-05-15 18:09:20 . 2016-05-15 18:09:20 483952 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.


(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))

2016-06-09 16:24:20 . 2016-06-09 16:24:20 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2016-04-20 16:46:29 . 2009-07-14 02:36:51 175616 ----a-w- C:\Windows\system32\msclmd.dll
2016-04-20 16:46:29 . 2009-07-14 02:36:51 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2016-04-17 12:38:09 . 2016-04-17 12:38:01 135176864 ----a-w- C:\Windows\system32\MRT.exe
2016-04-17 11:53:13 . 2016-04-17 11:53:15 37144 ----a-w- C:\Windows\system32\drivers\aswKbd.sys
2016-04-17 11:49:29 . 2016-04-17 11:49:02 287528 ----a-w- C:\Windows\system32\drivers\aswvmm.sys
2016-04-17 11:48:30 . 2016-04-17 11:49:02 166432 ----a-w- C:\Windows\system32\drivers\aswStm.sys
2016-04-17 11:48:30 . 2016-04-17 11:49:01 465792 ----a-w- C:\Windows\system32\drivers\aswSP.sys
2016-04-17 11:48:30 . 2016-04-17 11:49:00 74544 ----a-w- C:\Windows\system32\drivers\aswRvrt.sys
2016-04-17 11:48:30 . 2016-04-17 11:49:00 107792 ----a-w- C:\Windows\system32\drivers\aswMonFlt.sys
2016-04-17 11:48:30 . 2016-04-17 11:48:59 37656 ----a-w- C:\Windows\system32\drivers\aswHwid.sys
2016-04-17 11:48:30 . 2016-04-17 11:48:58 103064 ----a-w- C:\Windows\system32\drivers\aswRdr2.sys
2016-04-17 11:48:30 . 2016-04-17 11:48:38 398152 ----a-w- C:\Windows\system32\aswBoot.exe
2016-04-17 11:48:21 . 2016-04-17 11:48:21 52184 ----a-w- C:\Windows\avastSS.scr
2016-04-17 11:48:13 . 2016-04-17 11:48:55 1070904 ----a-w- C:\Windows\system32\drivers\aswSnx.sys
2016-04-17 11:48:05 . 2016-04-17 11:48:54 536312 ----a-w- C:\Windows\system32\drivers\aswNetSec.sys
2016-04-17 11:48:05 . 2016-04-17 11:48:05 28312 ----a-w- C:\Windows\system32\drivers\aswNetNd6.sys
2016-03-30 16:53:32 . 2016-03-30 16:53:32 963232 ----a-w- C:\Windows\system32\msvcr120.dll
2016-03-30 16:53:32 . 2016-03-30 16:53:32 660128 ----a-w- C:\Windows\system32\msvcp120.dll
2016-03-30 16:53:32 . 2016-03-30 16:53:32 356528 ----a-w- C:\Windows\system32\vccorlib120.dll
2009-04-08 18:31:56 . 2009-04-08 18:31:56 106496 ----a-w- C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45:20 . 2008-08-12 05:45:20 155648 ----a-w- C:\Program Files (x86)\Common Files\MSIactionall.dll


(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))


*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08:18 143360 ----a-w- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 06:16:16 222504]
"UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 06:15:16 218408]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 02:05:12 98304]
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 18:29:42 105016]
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 17:58:46 6859392]
"HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 02:54:55 2244096]
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 19:09:30 159744]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" [2016-04-17 11:49:33 7390608]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe -d [2009-11-5 12862]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv

R2 aswStm;aswStm;C:\Windows\system32\drivers\aswStm.sys;C:\Windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\system32\IEEtwCollector.exe;C:\Windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;C:\Windows\system32\drivers\mbam.sys;C:\Windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\system32\drivers\mwac.sys;C:\Windows\SYSNATIVE\drivers\mwac.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys;C:\Windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 lullaby;lullaby;C:\Windows\system32\DRIVERS\lullaby.sys;C:\Windows\SYSNATIVE\DRIVERS\lullaby.sys [x]
S1 aswKbd;aswKbd;C:\Windows\system32\drivers\aswKbd.sys;C:\Windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswNetSec;aswNetSec;C:\Windows\system32\drivers\aswNetSec.sys;C:\Windows\SYSNATIVE\drivers\aswNetSec.sys [x]
S1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys;C:\Windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys;C:\Windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AFBAgent;AFBAgent;C:\Windows\system32\FBAgent.exe;C:\Windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe;C:\Windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys;C:\Program Files\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;C:\Windows\system32\drivers\aswHwid.sys;C:\Windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;C:\Windows\system32\drivers\aswMonFlt.sys;C:\Windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;Avast Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe;C:\Program Files\AVAST Software\Avast\afwServ.exe [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe;C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [x]
S2 SRS_VolSync_Service;SRS Volume Sync Service;C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe;C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 aswNetNd6;Avast Firewall NDIS6 Helper;C:\Windows\system32\DRIVERS\aswNetNd6.sys;C:\Windows\SYSNATIVE\DRIVERS\aswNetNd6.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;C:\Windows\system32\DRIVERS\ETD.sys;C:\Windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys;C:\Windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;C:\Windows\system32\drivers\srs_PremiumSound_amd64.sys;C:\Windows\SYSNATIVE\drivers\srs_PremiumSound_amd64.sys [x]
S3 usbfilter;AMD USB Filter Driver;C:\Windows\system32\DRIVERS\usbfilter.sys;C:\Windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys;C:\Windows\SYSNATIVE\drivers\viahduaa.sys [x]


[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-06-09 16:05:45 1245848 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\Installer\chrmstp.exe

Obsah adresáře 'Naplánované úlohy'

2016-06-14 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17 11:53:50 . 2016-04-17 11:59:23]

2016-06-14 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17 11:53:50 . 2016-04-17 11:59:23]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-04-17 11:48:30 920784 ----a-w- C:\Program Files\AVAST Software\Avast\ashShA64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52:58 159744 ----a-w- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2010-11-05 01:57:11 444752 ----a-w- C:\Windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2010-11-05 01:57:11 444752 ----a-w- C:\Windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"="C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe" [2009-08-25 07:47:10 947472]
"ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe" [2009-06-12 11:36:19 619392]
"Logitech Download Assistant"="C:\Windows\System32\LogiLDA.dll" [2012-09-20 14:02:06 1832760]

------- Doplňkový sken -------

uLocal Page = C:\Windows\system32\blank.htm
mLocal Page = C:\Windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138

- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

Toolbar-Locked - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - C:\Windows\System32\SPReview\SPReview.exe
Toolbar-Locked - (no file)

[Reklama]

[jaro3]

Chybí Ti tam konec logu..

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Otevři si Poznámkový blok (Start -> Spustit... a napiš do okna Notepad a dej Ok.
Zkopíruj do něj následující celý text označený zeleně:

Kód: Vybrat vše

ClearJavaCache::
KillAll::
File::
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

Folder::
C:\Program Files (x86)\Google\Update

DirLook::
C:\4755185b54cbfbb51a24b72584448559
C:\62cef08e7ef9a2fd990ea2
C:\a84d57cc48e54ca19b

Zvol možnost Soubor -> Uložit jako... a nastav tyto parametry:
Název souboru: zde napiš: CFScript.txt
Uložit jako typ: tak tam vyber Všechny soubory
Ulož soubor na plochu.
Ukonči všechna aktivní okna.

Uchop myší vytvořený skript CFScript.txt, přemísti ho nad stažený program ComboFix.exe a když se oba soubory překryjí, skript upusť.
- Automaticky se spustí ComboFix
- Vlož sem log, který vyběhne v závěru čistícího procesu + nový log z HJT

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

Stáhni si aswMBR
na svojí plochu. Uzavři všechna okna , programy a prohlížeče. Poklepej na aswMBR.exe. Pokud se objeví hláška o možnosti stáhnutí databáze Avastu , klikni na NE. Poté klikni na „Scan“ . Po skenu klikni na „Save Log“ a ulož si log na plochu .Zkopíruj sem celý obsah toho logu. Pak klikni na „Exit“ k zavření programu.

[Tomister]

ComboFix 16-06-01.01 - Tomáš 15.06.2016 12:26:22.2.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.1910 [GMT 2:00]
Spuštěný z: c:\users\Tomáš\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Předchozí spuštění -------
.
c:\program files (x86)\Common Files\ASPG_icon.ico
c:\windows\PFRO.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-05-15 do 2016-06-15 )))))))))))))))))))))))))))))))
.
.
2016-06-15 10:34 . 2016-06-15 10:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-06-14 15:33 . 2016-06-14 15:02 24064 ----a-w- c:\windows\zoek-delete.exe
2016-06-14 15:33 . 2016-06-15 10:34 -------- d-----w- c:\users\Tomáš\AppData\Local\Temp
2016-06-14 15:02 . 2016-06-14 15:27 -------- d-----w- C:\zoek_backup
2016-06-14 14:39 . 2016-06-14 14:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2016-06-14 14:39 . 2016-06-14 14:39 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2016-06-13 15:43 . 2016-06-14 14:41 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-06-13 15:42 . 2016-06-13 16:00 -------- d-----w- c:\programdata\RogueKiller
2016-06-11 14:47 . 2016-06-14 16:03 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-06-11 14:45 . 2016-06-11 14:45 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-06-11 14:45 . 2016-06-11 14:45 -------- d-----w- c:\programdata\Malwarebytes
2016-06-11 14:45 . 2016-03-10 12:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-06-11 14:45 . 2016-03-10 12:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-06-11 14:45 . 2016-03-10 12:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-06-11 14:37 . 2016-06-11 16:29 -------- d-----w- C:\AdwCleaner
2016-06-11 06:21 . 2016-06-11 06:21 -------- d-----w- C:\4755185b54cbfbb51a24b72584448559
2016-06-10 16:47 . 2016-06-10 16:47 -------- d-----w- C:\62cef08e7ef9a2fd990ea2
2016-06-09 17:39 . 2016-06-09 17:39 -------- d-----w- C:\a84d57cc48e54ca19b
2016-06-09 17:00 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2016-06-09 16:26 . 2016-06-09 16:26 950784 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2016-06-09 16:24 . 2016-06-09 16:24 859648 ----a-w- c:\windows\system32\tdh.dll
2016-06-09 16:23 . 2016-06-09 16:23 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2016-06-09 16:23 . 2016-06-09 16:23 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2016-06-09 16:23 . 2016-06-09 16:23 327168 ----a-w- c:\windows\system32\mswsock.dll
2016-06-09 16:23 . 2016-06-09 16:23 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2016-06-09 16:23 . 2016-06-09 16:23 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2016-06-09 16:23 . 2016-06-09 16:23 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2016-06-09 16:22 . 2016-06-09 16:22 68608 ----a-w- c:\windows\system32\taskhost.exe
2016-06-09 16:12 . 2016-06-09 16:12 1887232 ----a-w- c:\windows\system32\d3d11.dll
2016-06-09 16:12 . 2016-06-09 16:12 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2016-06-08 15:57 . 2016-06-08 15:57 -------- d-----w- c:\users\Tomáš\aTubeCatcher
2016-06-08 15:34 . 2008-08-18 17:18 77824 ----a-w- c:\windows\SysWow64\fmcodec.DLL
2016-06-08 15:34 . 2016-06-08 15:34 -------- d-----w- c:\program files (x86)\DsNET Corp
2016-06-08 15:33 . 2016-06-08 15:33 -------- d-----w- c:\users\Tomáš\AppData\Local\Programs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-06-09 16:24 . 2016-06-09 16:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-05-15 18:09 . 2016-05-15 18:09 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2016-05-15 18:09 . 2016-05-15 18:09 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2016-04-20 16:46 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2016-04-20 16:46 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2016-04-17 12:38 . 2016-04-17 12:38 135176864 ----a-w- c:\windows\system32\MRT.exe
2016-04-17 11:53 . 2016-04-17 11:53 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-04-17 11:49 . 2016-04-17 11:49 287528 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-04-17 11:48 . 2016-04-17 11:49 166432 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-04-17 11:48 . 2016-04-17 11:49 465792 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-04-17 11:48 . 2016-04-17 11:49 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-04-17 11:48 . 2016-04-17 11:49 107792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-04-17 11:48 . 2016-04-17 11:48 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-04-17 11:48 . 2016-04-17 11:48 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-04-17 11:48 . 2016-04-17 11:48 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-04-17 11:48 . 2016-04-17 11:48 52184 ----a-w- c:\windows\avastSS.scr
2016-04-17 11:48 . 2016-04-17 11:48 1070904 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-04-17 11:48 . 2016-04-17 11:48 536312 ----a-w- c:\windows\system32\drivers\aswNetSec.sys
2016-04-17 11:48 . 2016-04-17 11:48 28312 ----a-w- c:\windows\system32\drivers\aswNetNd6.sys
2016-03-30 16:53 . 2016-03-30 16:53 963232 ----a-w- c:\windows\system32\msvcr120.dll
2016-03-30 16:53 . 2016-03-30 16:53 660128 ----a-w- c:\windows\system32\msvcp120.dll
2016-03-30 16:53 . 2016-03-30 16:53 356528 ----a-w- c:\windows\system32\vccorlib120.dll
2009-04-08 18:31 . 2009-04-08 18:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 . 2008-08-12 05:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-04-17 7390608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [BU]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe -d [2009-11-5 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys;c:\windows\SYSNATIVE\DRIVERS\lullaby.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswNetSec;aswNetSec;c:\windows\system32\drivers\aswNetSec.sys;c:\windows\SYSNATIVE\drivers\aswNetSec.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;Avast Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [x]
S2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 aswNetNd6;Avast Firewall NDIS6 Helper;c:\windows\system32\DRIVERS\aswNetNd6.sys;c:\windows\SYSNATIVE\DRIVERS\aswNetNd6.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\srs_PremiumSound_amd64.sys;c:\windows\SYSNATIVE\drivers\srs_PremiumSound_amd64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-06-09 16:05 1245848 ----a-w- c:\program files (x86)\Google\Chrome\Application\51.0.2704.84\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17 11:59]
.
2016-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17 11:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-04-17 11:48 920784 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"="c:\program files (x86)\ASUS\Asus WebStorage\BackupService.exe" [2009-08-25 947472]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-06-15 12:37:58
ComboFix-quarantined-files.txt 2016-06-15 10:37
.
Před spuštěním: Volných bajtů: 88 965 226 496
Po spuštění: Volných bajtů: 88 673 251 328
.
- - End Of File - - 0348A9B4A1ACD4B77DA3013271CC2392

[Tomister]

ComboFix 16-06-01.01 - Tomáš 15.06.2016 17:04:10.3.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.1891 [GMT 2:00]
Spuštěný z: c:\users\TomßÜ\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\TomßÜ\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-05-15 do 2016-06-15 )))))))))))))))))))))))))))))))
.
.
2016-06-15 15:12 . 2016-06-15 15:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-06-14 15:33 . 2016-06-14 15:02 24064 ----a-w- c:\windows\zoek-delete.exe
2016-06-14 15:33 . 2016-06-15 15:12 -------- d-----w- c:\users\Tomáš\AppData\Local\Temp
2016-06-14 15:02 . 2016-06-14 15:27 -------- d-----w- C:\zoek_backup
2016-06-14 14:39 . 2016-06-14 14:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2016-06-14 14:39 . 2016-06-14 14:39 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2016-06-13 15:43 . 2016-06-14 14:41 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-06-13 15:42 . 2016-06-13 16:00 -------- d-----w- c:\programdata\RogueKiller
2016-06-11 14:47 . 2016-06-15 14:53 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-06-11 14:45 . 2016-06-11 14:45 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-06-11 14:45 . 2016-06-11 14:45 -------- d-----w- c:\programdata\Malwarebytes
2016-06-11 14:45 . 2016-03-10 12:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-06-11 14:45 . 2016-03-10 12:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-06-11 14:45 . 2016-03-10 12:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-06-11 14:37 . 2016-06-11 16:29 -------- d-----w- C:\AdwCleaner
2016-06-11 06:21 . 2016-06-11 06:21 -------- d-----w- C:\4755185b54cbfbb51a24b72584448559
2016-06-10 16:47 . 2016-06-10 16:47 -------- d-----w- C:\62cef08e7ef9a2fd990ea2
2016-06-09 17:39 . 2016-06-09 17:39 -------- d-----w- C:\a84d57cc48e54ca19b
2016-06-09 17:00 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2016-06-09 16:26 . 2016-06-09 16:26 950784 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2016-06-09 16:24 . 2016-06-09 16:24 859648 ----a-w- c:\windows\system32\tdh.dll
2016-06-09 16:23 . 2016-06-09 16:23 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2016-06-09 16:23 . 2016-06-09 16:23 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2016-06-09 16:23 . 2016-06-09 16:23 327168 ----a-w- c:\windows\system32\mswsock.dll
2016-06-09 16:23 . 2016-06-09 16:23 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2016-06-09 16:23 . 2016-06-09 16:23 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2016-06-09 16:23 . 2016-06-09 16:23 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2016-06-09 16:22 . 2016-06-09 16:22 68608 ----a-w- c:\windows\system32\taskhost.exe
2016-06-09 16:12 . 2016-06-09 16:12 1887232 ----a-w- c:\windows\system32\d3d11.dll
2016-06-09 16:12 . 2016-06-09 16:12 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2016-06-08 15:57 . 2016-06-08 15:57 -------- d-----w- c:\users\Tomáš\aTubeCatcher
2016-06-08 15:34 . 2008-08-18 17:18 77824 ----a-w- c:\windows\SysWow64\fmcodec.DLL
2016-06-08 15:34 . 2016-06-08 15:34 -------- d-----w- c:\program files (x86)\DsNET Corp
2016-06-08 15:33 . 2016-06-08 15:33 -------- d-----w- c:\users\Tomáš\AppData\Local\Programs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-06-09 16:24 . 2016-06-09 16:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-05-15 18:09 . 2016-05-15 18:09 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2016-05-15 18:09 . 2016-05-15 18:09 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2016-04-20 16:46 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2016-04-20 16:46 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2016-04-17 12:38 . 2016-04-17 12:38 135176864 ----a-w- c:\windows\system32\MRT.exe
2016-04-17 11:53 . 2016-04-17 11:53 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-04-17 11:49 . 2016-04-17 11:49 287528 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-04-17 11:48 . 2016-04-17 11:49 166432 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-04-17 11:48 . 2016-04-17 11:49 465792 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-04-17 11:48 . 2016-04-17 11:49 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-04-17 11:48 . 2016-04-17 11:49 107792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-04-17 11:48 . 2016-04-17 11:48 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-04-17 11:48 . 2016-04-17 11:48 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-04-17 11:48 . 2016-04-17 11:48 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-04-17 11:48 . 2016-04-17 11:48 52184 ----a-w- c:\windows\avastSS.scr
2016-04-17 11:48 . 2016-04-17 11:48 1070904 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-04-17 11:48 . 2016-04-17 11:48 536312 ----a-w- c:\windows\system32\drivers\aswNetSec.sys
2016-04-17 11:48 . 2016-04-17 11:48 28312 ----a-w- c:\windows\system32\drivers\aswNetNd6.sys
2016-03-30 16:53 . 2016-03-30 16:53 963232 ----a-w- c:\windows\system32\msvcr120.dll
2016-03-30 16:53 . 2016-03-30 16:53 660128 ----a-w- c:\windows\system32\msvcp120.dll
2016-03-30 16:53 . 2016-03-30 16:53 356528 ----a-w- c:\windows\system32\vccorlib120.dll
2009-04-08 18:31 . 2009-04-08 18:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 . 2008-08-12 05:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-04-17 7390608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [BU]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe -d [2009-11-5 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys;c:\windows\SYSNATIVE\DRIVERS\lullaby.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswNetSec;aswNetSec;c:\windows\system32\drivers\aswNetSec.sys;c:\windows\SYSNATIVE\drivers\aswNetSec.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;Avast Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [x]
S2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 aswNetNd6;Avast Firewall NDIS6 Helper;c:\windows\system32\DRIVERS\aswNetNd6.sys;c:\windows\SYSNATIVE\DRIVERS\aswNetNd6.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\srs_PremiumSound_amd64.sys;c:\windows\SYSNATIVE\drivers\srs_PremiumSound_amd64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-06-09 16:05 1245848 ----a-w- c:\program files (x86)\Google\Chrome\Application\51.0.2704.84\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17 11:59]
.
2016-06-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17 11:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-04-17 11:48 920784 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"="c:\program files (x86)\ASUS\Asus WebStorage\BackupService.exe" [2009-08-25 947472]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-06-15 17:16:01
ComboFix-quarantined-files.txt 2016-06-15 15:16
ComboFix2.txt 2016-06-15 10:37
.
Před spuštěním: Volných bajtů: 88 799 543 296
Po spuštění: Volných bajtů: 88 736 587 776
.
- - End Of File - - 2F48530A3219D2B035AAA461DC5BDD70

[Tomister]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:24:17, on 15.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Tomáš\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: FancyStart daemon.lnk = ?
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 1080893825
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8772 bytes

[Tomister]

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-06-15 17:31:56
-----------------------------
17:31:56.615 OS Version: Windows x64 6.1.7601 Service Pack 1
17:31:56.615 Number of processors: 2 586 0x301
17:31:56.615 ComputerName: ASUS UserName:
17:31:57.941 Initialize success
17:31:57.956 VM: initialized successfully
17:31:57.956 VM: Amd CPU supported virtualized
17:32:01.310 AVAST engine defs: 16061500
17:32:09.984 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005c
17:32:09.984 Disk 0 Vendor: ST950032 0002 Size: 476940MB BusType: 11
17:32:10.156 Disk 0 MBR read successfully
17:32:10.156 Disk 0 MBR scan
17:32:10.156 Disk 0 Windows VISTA default MBR code
17:32:10.561 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 14998 MB offset 2048
17:32:10.577 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 119235 MB offset 30717952
17:32:10.577 Disk 0 default boot code
17:32:10.592 Disk 0 Partition - 00 0F Extended LBA 342705 MB offset 274911232
17:32:10.624 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 342704 MB offset 274913280
17:32:10.733 Disk 0 scanning C:\Windows\system32\drivers
17:32:23.431 Service scanning
17:32:48.173 Modules scanning
17:32:48.173 Disk 0 trace - called modules:
17:32:48.235 ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys
17:32:48.251 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80048db3c0]
17:32:48.251 3 CLASSPNP.SYS[fffff8800195a43f] -> nt!IofCallDriver -> [0xfffffa8004863040]
17:32:48.266 5 amdxata.sys[fffff880010a3917] -> nt!IofCallDriver -> \Device\0000005c[0xfffffa800485f060]
17:32:48.750 AVAST engine scan C:\Windows
17:32:51.527 AVAST engine scan C:\Windows\system32
17:36:12.689 AVAST engine scan C:\Windows\system32\drivers
17:36:28.305 AVAST engine scan C:\Users\Tomáš
17:37:30.720 AVAST engine scan C:\ProgramData
17:37:51.297 Disk 0 statistics 3109637/0/0 @ 8,27 MB/s
17:37:51.297 Scan finished successfully
17:38:04.713 Disk 0 MBR has been saved successfully to "C:\Users\Tomáš\Desktop\MBR.dat"
17:38:04.744 The log file has been saved successfully to "C:\Users\Tomáš\Desktop\aswMBR.txt"

[jaro3]

Ten script udělej znovu v nouz. režimu.

[Tomister]

ComboFix 16-06-01.01 - Tomáš 16.06.2016 11:07:01.4.2 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4095.2995 [GMT 2:00]
Spuštěný z: c:\users\TomßÜ\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\TomßÜ\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-05-16 do 2016-06-16 )))))))))))))))))))))))))))))))
.
.
2016-06-16 09:13 . 2016-06-16 09:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-06-14 15:33 . 2016-06-14 15:02 24064 ----a-w- c:\windows\zoek-delete.exe
2016-06-14 15:33 . 2016-06-16 09:13 -------- d-----w- c:\users\Tomáš\AppData\Local\Temp
2016-06-14 15:02 . 2016-06-14 15:27 -------- d-----w- C:\zoek_backup
2016-06-14 14:39 . 2016-06-14 14:39 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\Markup.dll
2016-06-14 14:39 . 2016-06-14 14:39 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2016-06-13 15:43 . 2016-06-14 14:41 28272 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2016-06-13 15:42 . 2016-06-13 16:00 -------- d-----w- c:\programdata\RogueKiller
2016-06-11 14:47 . 2016-06-16 08:59 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-06-11 14:45 . 2016-06-11 14:45 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2016-06-11 14:45 . 2016-06-11 14:45 -------- d-----w- c:\programdata\Malwarebytes
2016-06-11 14:45 . 2016-03-10 12:09 64896 ----a-w- c:\windows\system32\drivers\mwac.sys
2016-06-11 14:45 . 2016-03-10 12:08 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2016-06-11 14:45 . 2016-03-10 12:08 27008 ----a-w- c:\windows\system32\drivers\mbam.sys
2016-06-11 14:37 . 2016-06-11 16:29 -------- d-----w- C:\AdwCleaner
2016-06-11 06:21 . 2016-06-11 06:21 -------- d-----w- C:\4755185b54cbfbb51a24b72584448559
2016-06-10 16:47 . 2016-06-10 16:47 -------- d-----w- C:\62cef08e7ef9a2fd990ea2
2016-06-09 17:39 . 2016-06-09 17:39 -------- d-----w- C:\a84d57cc48e54ca19b
2016-06-09 17:00 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2016-06-09 16:26 . 2016-06-09 16:26 950784 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2016-06-09 16:24 . 2016-06-09 16:24 859648 ----a-w- c:\windows\system32\tdh.dll
2016-06-09 16:23 . 2016-06-09 16:23 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2016-06-09 16:23 . 2016-06-09 16:23 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2016-06-09 16:23 . 2016-06-09 16:23 327168 ----a-w- c:\windows\system32\mswsock.dll
2016-06-09 16:23 . 2016-06-09 16:23 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2016-06-09 16:23 . 2016-06-09 16:23 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2016-06-09 16:23 . 2016-06-09 16:23 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2016-06-09 16:22 . 2016-06-09 16:22 68608 ----a-w- c:\windows\system32\taskhost.exe
2016-06-09 16:12 . 2016-06-09 16:12 1887232 ----a-w- c:\windows\system32\d3d11.dll
2016-06-09 16:12 . 2016-06-09 16:12 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2016-06-08 15:57 . 2016-06-08 15:57 -------- d-----w- c:\users\Tomáš\aTubeCatcher
2016-06-08 15:34 . 2008-08-18 17:18 77824 ----a-w- c:\windows\SysWow64\fmcodec.DLL
2016-06-08 15:34 . 2016-06-08 15:34 -------- d-----w- c:\program files (x86)\DsNET Corp
2016-06-08 15:33 . 2016-06-08 15:33 -------- d-----w- c:\users\Tomáš\AppData\Local\Programs
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-06-09 16:24 . 2016-06-09 16:24 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-05-15 18:09 . 2016-05-15 18:09 48648 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\Markup.dll
2016-05-15 18:09 . 2016-05-15 18:09 483952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2016-04-20 16:46 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2016-04-20 16:46 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2016-04-17 12:38 . 2016-04-17 12:38 135176864 ----a-w- c:\windows\system32\MRT.exe
2016-04-17 11:53 . 2016-04-17 11:53 37144 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2016-04-17 11:49 . 2016-04-17 11:49 287528 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-04-17 11:48 . 2016-04-17 11:49 166432 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-04-17 11:48 . 2016-04-17 11:49 465792 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-04-17 11:48 . 2016-04-17 11:49 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-04-17 11:48 . 2016-04-17 11:49 107792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-04-17 11:48 . 2016-04-17 11:48 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-04-17 11:48 . 2016-04-17 11:48 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-04-17 11:48 . 2016-04-17 11:48 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-04-17 11:48 . 2016-04-17 11:48 52184 ----a-w- c:\windows\avastSS.scr
2016-04-17 11:48 . 2016-04-17 11:48 1070904 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-04-17 11:48 . 2016-04-17 11:48 536312 ----a-w- c:\windows\system32\drivers\aswNetSec.sys
2016-04-17 11:48 . 2016-04-17 11:48 28312 ----a-w- c:\windows\system32\drivers\aswNetNd6.sys
2016-03-30 16:53 . 2016-03-30 16:53 963232 ----a-w- c:\windows\system32\msvcr120.dll
2016-03-30 16:53 . 2016-03-30 16:53 660128 ----a-w- c:\windows\system32\msvcp120.dll
2016-03-30 16:53 . 2016-03-30 16:53 356528 ----a-w- c:\windows\system32\vccorlib120.dll
2009-04-08 18:31 . 2009-04-08 18:31 106496 ----a-w- c:\program files (x86)\Common Files\CPInstallAction.dll
2008-08-12 05:45 . 2008-08-12 05:45 155648 ----a-w- c:\program files (x86)\Common Files\MSIactionall.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 01:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-12-04 218408]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-06-26 98304]
"HControlUser"="c:\program files (x86)\ASUS\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"ATKOSD2"="c:\program files (x86)\ASUS\ATKOSD2\ATKOSD2.exe" [2009-08-17 6859392]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-13 2244096]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Media\DMedia.exe" [2009-04-20 159744]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2016-04-17 7390608]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="c:\windows\System32\SPReview\SPReview.exe" [BU]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe -d [2009-11-5 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R0 aswRvrt;avast! Revert; [x]
R0 aswVmm;avast! VM Monitor; [x]
R1 aswNetSec;aswNetSec;c:\windows\system32\drivers\aswNetSec.sys;c:\windows\SYSNATIVE\drivers\aswNetSec.sys [x]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
R2 ASMMAP64;ASMMAP64;c:\program files\ATKGFNEX\ASMMAP64.sys;c:\program files\ATKGFNEX\ASMMAP64.sys [x]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 avast! Firewall;Avast Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe;c:\program files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [x]
R2 SRS_VolSync_Service;SRS Volume Sync Service;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe;c:\program files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [x]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
R3 aswNetNd6;Avast Firewall NDIS6 Helper;c:\windows\system32\DRIVERS\aswNetNd6.sys;c:\windows\SYSNATIVE\DRIVERS\aswNetNd6.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 SRS_PremiumSound_Service;SRS Labs Premium Sound;c:\windows\system32\drivers\srs_PremiumSound_amd64.sys;c:\windows\SYSNATIVE\drivers\srs_PremiumSound_amd64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S0 lullaby;lullaby;c:\windows\system32\DRIVERS\lullaby.sys;c:\windows\SYSNATIVE\DRIVERS\lullaby.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-06-09 16:05 1245848 ----a-w- c:\program files (x86)\Google\Chrome\Application\51.0.2704.84\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17 11:59]
.
2016-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17 11:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-04-17 11:48 920784 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EeeStorageBackup"="c:\program files (x86)\ASUS\Asus WebStorage\BackupService.exe" [2009-08-25 947472]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-06-12 619392]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10c.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10c.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2016-06-16 11:16:01
ComboFix-quarantined-files.txt 2016-06-16 09:16
ComboFix2.txt 2016-06-15 15:16
ComboFix3.txt 2016-06-15 10:37
.
Před spuštěním: Volných bajtů: 88 876 855 296
Po spuštění: Volných bajtů: 88 721 772 544
.
- - End Of File - - FADD1A3BCCCDE2327F91DCE5B39AD381

[Tomister]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:23:55, on 16.6.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Tomáš\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Global Startup: FancyStart daemon.lnk = ?
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/ ... 1080893825
O23 - Service: ADSM Service (ADSMService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SRS Volume Sync Service (SRS_VolSync_Service) - SRS Labs, Inc. - C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8779 bytes

[Orcus]

Tak bohužel ani tak se skript neprovedl.

Koukni co je v těchto složkách:
C:\4755185b54cbfbb51a24b72584448559
C:\62cef08e7ef9a2fd990ea2
C:\a84d57cc48e54ca19b

+

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[Tomister]

Obsah složek

[Tomister]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
Ran by Tomáš (administrator) on ASUS (17-06-2016 17:51:26)
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš (Available Profiles: Tomáš)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\ASUS\Game Park\GameConsole\OberonGameConsoleService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ECAREME) C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDECK.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [EeeStorageBackup] => C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [947472 2009-08-25] (ECAREME)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [619392 2009-06-12] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-04] (CyberLink Corp.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-06-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2244096 2009-07-13] (VIA)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744 2009-04-20] (ASUS)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7390608 2016-04-17] (AVAST Software)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-04-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-04-17] (AVAST Software)
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-02] ()
ShellIconOverlayIdentifiers: [OverlayIconExtension1] -> {fe25455d-b4c2-4e32-97d2-92632ec1c224} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayIconExtension2] -> {1fae2d88-a78e-4f03-909f-be818a3c1ce6} => C:\Windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll [2007-06-15] ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [2007-06-02] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2009-11-05]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}\_A1DDD39913A1970387B7B3.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{71EAEFD9-DA29-4DDD-842E-590DB1D9D615}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2271334985-86060569-3810018651-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-2271334985-86060569-3810018651-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-2271334985-86060569-3810018651-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-17] (AVAST Software)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll [2008-12-04] (Microsoft Corp.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-17] (AVAST Software)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO-x32: Windows Live Toolbar Helper -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll [2008-12-08] (Microsoft Corporation)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/ ... 1080893825
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-15] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-04-17]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-04-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-14]
CHR Extension: (Dokumenty Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-14]
CHR Extension: (Disk Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-14]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-14]
CHR Extension: (Tabulky Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-14]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-14]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2016-04-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-04-17]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-04-17] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [370656 2016-04-17] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 OberonGameConsoleService; C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [44312 2009-09-15] ()
R2 SRS_VolSync_Service; C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe [128224 2009-07-10] (SRS Labs, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-04-17] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-04-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-04-17] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [28312 2016-04-17] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [536312 2016-04-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-04-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-04-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-04-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-04-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-04-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-04-17] (AVAST Software)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-16] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
R3 SRS_PremiumSound_Service; C:\Windows\System32\drivers\srs_PremiumSound_amd64.sys [343592 2009-05-18] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 tmlwf; no ImagePath
U3 tmwfp; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-17 17:51 - 2016-06-17 17:51 - 00015951 _____ C:\Users\Tomáš\Desktop\FRST.txt
2016-06-17 17:50 - 2016-06-17 17:51 - 00000000 ____D C:\FRST
2016-06-17 17:50 - 2016-06-17 17:49 - 02386944 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2016-06-17 17:49 - 2016-06-17 17:49 - 02386944 _____ (Farbar) C:\Users\Tomáš\Downloads\FRST64.exe
2016-06-16 20:06 - 2016-06-16 20:06 - 00039936 _____ C:\Users\Tomáš\Downloads\ppm_217_ DC_colli_P6 (1).xls
2016-06-16 11:24 - 2016-06-16 11:24 - 00008780 _____ C:\Users\Tomáš\Desktop\hijackthis3.txt
2016-06-16 11:16 - 2016-06-16 11:16 - 00019260 _____ C:\ComboFix.txt
2016-06-16 11:03 - 2016-06-16 11:16 - 00161398 _____ C:\Windows\ntbtlog.txt
2016-06-15 17:38 - 2016-06-15 17:38 - 00002295 _____ C:\Users\Tomáš\Desktop\aswMBR.txt
2016-06-15 17:38 - 2016-06-15 17:38 - 00000512 _____ C:\Users\Tomáš\Desktop\MBR.dat
2016-06-15 17:31 - 2016-06-15 17:30 - 05200384 _____ (AVAST Software) C:\Users\Tomáš\Desktop\aswmbr.exe
2016-06-15 17:30 - 2016-06-15 17:30 - 05200384 _____ (AVAST Software) C:\Users\Tomáš\Downloads\aswmbr.exe
2016-06-15 17:24 - 2016-06-15 17:24 - 00008773 _____ C:\Users\Tomáš\Desktop\hijackthis2.txt
2016-06-15 17:24 - 2016-06-11 09:08 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tomáš\Desktop\HijackThis.exe
2016-06-15 17:15 - 2016-06-16 11:16 - 00000000 ____D C:\Users\Tomáš\Desktop\Nová složka (2)
2016-06-15 16:59 - 2016-06-15 16:59 - 00000283 _____ C:\Users\Tomáš\Desktop\CFScript.txt
2016-06-15 14:40 - 2016-06-15 14:41 - 00000000 ____D C:\Users\Tomáš\Desktop\Nová složka
2016-06-14 17:43 - 2016-06-16 11:16 - 00000000 ____D C:\Qoobox
2016-06-14 17:43 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-06-14 17:43 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-06-14 17:43 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-06-14 17:43 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-06-14 17:43 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-06-14 17:43 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-06-14 17:43 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-06-14 17:43 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-06-14 17:42 - 2016-06-14 17:56 - 00000000 ____D C:\Windows\erdnt
2016-06-14 17:33 - 2016-06-14 17:02 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-06-14 17:02 - 2016-06-14 17:27 - 00000000 ____D C:\zoek_backup
2016-06-14 16:59 - 2016-06-14 16:59 - 05659224 ____R (Swearware) C:\Users\Tomáš\Desktop\ComboFix.exe
2016-06-14 16:59 - 2016-06-14 16:59 - 01309184 _____ C:\Users\Tomáš\Desktop\zoek.exe
2016-06-13 18:22 - 2016-06-13 18:22 - 00005926 _____ C:\Users\Tomáš\Desktop\rk_D6A5.tmp.txt
2016-06-13 17:43 - 2016-06-14 16:41 - 00028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-06-13 17:42 - 2016-06-13 18:00 - 00000000 ____D C:\ProgramData\RogueKiller
2016-06-13 17:42 - 2016-06-13 17:42 - 24206920 _____ C:\Users\Tomáš\Desktop\RogueKillerX64.exe
2016-06-13 17:41 - 2016-06-13 17:42 - 24206920 _____ C:\Users\Tomáš\Downloads\RogueKillerX64.exe
2016-06-11 18:47 - 2016-06-11 18:47 - 00001872 _____ C:\Users\Tomáš\Desktop\JRT.txt
2016-06-11 18:34 - 2016-06-11 18:34 - 01610816 _____ (Malwarebytes) C:\Users\Tomáš\Desktop\JRT.exe
2016-06-11 16:47 - 2016-06-16 20:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-11 16:45 - 2016-06-11 16:45 - 00001104 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-11 16:45 - 2016-06-11 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-11 16:45 - 2016-06-11 16:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-11 16:45 - 2016-06-11 16:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-11 16:45 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-11 16:45 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-11 16:45 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-11 16:43 - 2016-06-11 16:43 - 22851472 _____ (Malwarebytes ) C:\Users\Tomáš\Desktop\mbam-setup-2.2.1.1043.exe
2016-06-11 16:37 - 2016-06-11 18:29 - 00000000 ____D C:\AdwCleaner
2016-06-11 16:36 - 2016-06-11 16:36 - 03677248 _____ C:\Users\Tomáš\Desktop\adwcleaner_5.119.exe
2016-06-11 16:28 - 2016-06-11 16:28 - 00448512 _____ (OldTimer Tools) C:\Users\Tomáš\Downloads\TFC.exe
2016-06-11 16:23 - 2016-06-11 16:23 - 00050688 _____ (Atribune.org) C:\Users\Tomáš\Downloads\ATF-Cleaner.exe
2016-06-11 16:22 - 2016-06-11 16:22 - 00050688 _____ (Atribune.org) C:\Users\Tomáš\Downloads\Nepotvrzeno 253848.crdownload
2016-06-11 09:40 - 2016-06-11 09:40 - 00003120 _____ C:\Windows\System32\Tasks\{8510B40E-8800-4EE2-96A7-B8BF207E1CC6}
2016-06-11 09:08 - 2016-06-11 09:08 - 00388608 _____ (Trend Micro Inc.) C:\Users\Tomáš\Downloads\HijackThis.exe
2016-06-11 08:21 - 2016-06-11 08:21 - 00000000 ____D C:\4755185b54cbfbb51a24b72584448559
2016-06-10 18:47 - 2016-06-10 18:47 - 00000000 ____D C:\62cef08e7ef9a2fd990ea2
2016-06-10 18:46 - 2016-06-10 18:46 - 03328910 _____ C:\Users\Tomáš\Downloads\Windows6.1-KB3102810-x64.msu
2016-06-09 19:39 - 2016-06-09 19:39 - 00000000 ____D C:\a84d57cc48e54ca19b
2016-06-09 19:00 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2016-06-09 18:27 - 2016-06-09 18:27 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-09 18:27 - 2016-06-09 18:27 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-09 18:27 - 2016-06-09 18:27 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-09 18:27 - 2016-06-09 18:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-09 18:27 - 2016-06-09 18:27 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2016-06-09 18:27 - 2016-06-09 18:27 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2016-06-09 18:27 - 2016-06-09 18:27 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-09 18:27 - 2016-06-09 18:27 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-09 18:27 - 2016-06-09 18:27 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2016-06-09 18:27 - 2016-06-09 18:27 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2016-06-09 18:27 - 2016-06-09 18:27 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-09 18:27 - 2016-06-09 18:27 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2016-06-09 18:27 - 2016-06-09 18:27 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2016-06-09 18:27 - 2016-06-09 18:27 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2016-06-09 18:27 - 2016-06-09 18:27 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2016-06-09 18:27 - 2016-06-09 18:27 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2016-06-09 18:27 - 2016-06-09 18:27 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2016-06-09 18:27 - 2016-06-09 18:27 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2016-06-09 18:27 - 2016-06-09 18:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2016-06-09 18:27 - 2016-06-09 18:27 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-06-09 18:27 - 2016-06-09 18:27 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2016-06-09 18:26 - 2016-06-09 18:26 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-09 18:26 - 2016-06-09 18:26 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-09 18:26 - 2016-06-09 18:26 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2016-06-09 18:26 - 2016-06-09 18:26 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-09 18:26 - 2016-06-09 18:26 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2016-06-09 18:26 - 2016-06-09 18:26 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-09 18:26 - 2016-06-09 18:26 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2016-06-09 18:26 - 2016-06-09 18:26 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-06-09 18:26 - 2016-06-09 18:26 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-09 18:24 - 2016-06-09 18:24 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-06-09 18:24 - 2016-06-09 18:24 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-06-09 18:24 - 2016-06-09 18:24 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-06-09 18:24 - 2016-06-09 18:24 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-06-09 18:24 - 2016-06-09 18:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-06-09 18:24 - 2016-06-09 18:24 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-06-09 18:24 - 2016-06-09 18:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-06-09 18:24 - 2016-06-09 18:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-06-09 18:23 - 2016-06-09 18:23 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-06-09 18:23 - 2016-06-09 18:23 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-06-09 18:23 - 2016-06-09 18:23 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-06-09 18:23 - 2016-06-09 18:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-09 18:23 - 2016-06-09 18:23 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-06-09 18:23 - 2016-06-09 18:23 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-09 18:22 - 2016-06-09 18:22 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2016-06-09 18:17 - 2016-06-09 18:17 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-06-09 18:17 - 2016-06-09 18:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2016-06-09 18:12 - 2016-06-09 18:12 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2016-06-09 18:12 - 2016-06-09 18:12 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2016-06-09 18:07 - 2016-06-09 18:07 - 00000000 ___SD C:\Users\Tomáš\AppData\LocalLow\Temp
2016-06-08 17:57 - 2016-06-08 17:57 - 00000000 ____D C:\Users\Tomáš\aTubeCatcher
2016-06-08 17:55 - 2016-06-08 21:14 - 00000000 ____D C:\Users\Tomáš\Desktop\Hudba
2016-06-08 17:34 - 2016-06-08 17:34 - 00001188 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2016-06-08 17:34 - 2016-06-08 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2016-06-08 17:34 - 2016-06-08 17:34 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2016-06-08 17:34 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2016-06-08 17:32 - 2016-06-08 17:32 - 24664544 _____ C:\Users\Tomáš\Downloads\aTubeCatcher.exe
2016-06-07 19:55 - 2016-06-07 19:55 - 00313366 _____ C:\Users\Tomáš\Downloads\WindowsUpdateDiagnostic.diagcab
2016-06-07 19:09 - 2016-06-07 19:10 - 11313360 _____ (Microsoft Corporation) C:\Users\Tomáš\Downloads\WindowsUpdateAgent-7.6-x64.exe
2016-06-06 19:03 - 2016-06-06 19:03 - 01891635 _____ C:\Users\Tomáš\Downloads\netopyr.pdf
2016-06-06 19:02 - 2016-06-06 19:02 - 01327364 _____ C:\Users\Tomáš\Downloads\netopyr (1).epub
2016-06-06 19:00 - 2016-06-06 19:01 - 00000000 ____D C:\Users\Tomáš\Desktop\Knihy
2016-06-06 19:00 - 2016-06-06 19:00 - 00991812 _____ C:\Users\Tomáš\Downloads\pentagram.epub
2016-06-06 19:00 - 2016-06-06 19:00 - 00971922 _____ C:\Users\Tomáš\Downloads\nemesis.epub
2016-06-06 19:00 - 2016-06-06 19:00 - 00963086 _____ C:\Users\Tomáš\Downloads\spasitel.epub
2016-06-06 18:59 - 2016-06-06 19:00 - 01423514 _____ C:\Users\Tomáš\Downloads\cervenka.epub
2016-06-06 18:59 - 2016-06-06 18:59 - 01327364 _____ C:\Users\Tomáš\Downloads\netopyr.epub
2016-06-06 18:59 - 2016-06-06 18:59 - 01217076 _____ C:\Users\Tomáš\Downloads\svabi.epub
2016-06-01 19:19 - 2016-06-01 19:19 - 00038912 _____ C:\Users\Tomáš\Downloads\ppm_217_ DC_colli_P6.xls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-17 17:51 - 2016-04-17 13:54 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-17 17:37 - 2016-04-17 13:54 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-16 20:03 - 2009-08-03 22:00 - 00631292 _____ C:\Windows\system32\perfh005.dat
2016-06-16 20:03 - 2009-08-03 22:00 - 00121914 _____ C:\Windows\system32\perfc005.dat
2016-06-16 20:03 - 2009-07-14 07:13 - 01470062 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-16 20:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-16 11:53 - 2009-07-14 06:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-16 11:53 - 2009-07-14 06:45 - 00010016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-16 11:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-16 11:13 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-06-11 18:32 - 2009-11-05 14:09 - 00001363 _____ C:\Windows\system32\ServiceFilter.ini
2016-06-11 07:43 - 2016-05-01 10:07 - 00000000 ____D C:\Users\Tomáš\AppData\Local\ElevatedDiagnostics
2016-06-09 19:16 - 2016-04-17 12:36 - 00001415 _____ C:\Users\Tomáš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-06-09 19:12 - 2009-07-14 06:45 - 00472560 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-09 19:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-06-09 18:07 - 2016-04-17 13:57 - 00002197 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-08 20:35 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-06-08 17:57 - 2016-04-17 12:22 - 00000000 ____D C:\Users\Tomáš
2016-06-07 20:07 - 2016-04-17 13:53 - 00000000 ____D C:\Program Files (x86)\Google
2016-06-07 19:18 - 2016-04-17 15:07 - 00000000 ____D C:\Users\Tomáš\AppData\Local\Google
2016-06-07 19:15 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

==================== Files in the root of some directories =======

2008-05-22 18:35 - 2008-05-22 18:35 - 0051962 _____ () C:\Program Files (x86)\Common Files\banner.jpg
2009-04-08 20:31 - 2009-04-08 20:31 - 0106496 _____ () C:\Program Files (x86)\Common Files\CPInstallAction.dll
2008-08-12 07:45 - 2008-08-12 07:45 - 0155648 _____ (ASUS) C:\Program Files (x86)\Common Files\MSIactionall.dll
2009-11-05 14:10 - 2009-09-10 19:06 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2009-11-05 14:06 - 2009-11-05 14:06 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-11-05 14:05 - 2009-11-05 14:06 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-08 17:19

==================== End of FRST.txt ============================