Zdravím, Potřeboval bych pomoct s vyčištěním počítače od spywaru a malwaru atd. zatím jsem našel: trojan.Dialer, dialer.chivio, attirepage, elex hijacker, NiceSearches.com, piesearches,Yes Searches.com, Search.mpc.am, Youndoo.com, Adware helpers, Mindspark toolbars, PUP.Corner Sunshine, PUP.MixVideoPlayer, PUP.MPC Cleaner, PUP.WINzipper a Uncheckit. Spoustu už jsem toho smazal ale tyhle se vrací pořád dokola. Předem dík
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2016
Ran by Elen (administrator) on ELEN (29-08-2016 19:40:01)
Running from C:\Users\Elen\Desktop
Loaded Profiles: Elen (Available Profiles: Elen)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Jamben\Application\chrome.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Qksee Pvt Ltd.) C:\Program Files (x86)\qksee\qkseeSvc.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\WinSaber\WinSaber.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Windows\System32\igfxTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
(Google Inc.) C:\Users\Elen\AppData\Local\Google\Update\GoogleUpdate.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\Firefox\bin\FirefoxCommand.exe
() C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
() C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe
() C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe
() C:\Program Files (x86)\Lenovo\LocationAware\lpdagent.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\tpknrres.exe
(Google Inc.) C:\Program Files (x86)\Jamben\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Jamben\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Jamben\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Jamben\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Jamben\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Jamben\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Jamben\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-21] (Lenovo Group Limited)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [LMCSSTART1] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,InitSubsystemProcesses
HKLM\...\Run: [LMCSSTART2] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libstartstub2.dll,ProxyStart
HKLM\...\Run: [LMCSSTART3] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,SetupCamplusDrop
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3952800 2015-09-01] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2013-12-06] (Lenovo)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9103976 2016-08-28] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\Run: [Google Update] => C:\Users\Elen\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-03-11] (Google Inc.)
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office 15\root\office15\lync.exe [24095432 2016-07-12] (Microsoft Corporation)
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {7246a63c-2f04-11e6-bee0-c45444015bc3} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {7c29a45f-6dd4-11e6-bef3-8056f2eedc96} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {891449b4-0413-11e6-bed5-c45444015bc3} - "E:\autorun.exe"
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {9a8ebfb2-6076-11e5-bea9-8056f2eedc96} - "E:\Lenovo_Suite.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-28] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserMixVideoPlayer.lnk [2016-02-17]
ShortcutTarget: WebBrowserMixVideoPlayer.lnk -> C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe ()
Startup: C:\Users\Elen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2015-08-07]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0723e06d-b8a7-4dfa-84a4-160beed85e5c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8d295080-6f70-4c66-bc88-6df8bc37116a}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=14 ... earchTerms}
SearchScopes: HKU\S-1-5-21-320534150-331334849-3461560898-1001 -> {A9EAE5EF-3906-42E0-BD9F-CAC89E0B5D5C} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-07-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-07-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-320534150-331334849-3461560898-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=146580494 ... XXW371C58Y
FireFox:
========
FF ProfilePath: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF NewTab: hxxp://www.nicesearches.com?type=hp&ts=1463385 ... 9bdw3e6t2m
FF DefaultSearchEngine: yessearches
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: yessearches
FF Homepage: search.mpc.am
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-320534150-331334849-3461560898-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Elen\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-320534150-331334849-3461560898-1001: @talk.google.com/O1DPlugin -> C:\Users\Elen\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-320534150-331334849-3461560898-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Elen\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-320534150-331334849-3461560898-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Elen\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Elen\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Elen\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\attirerpage.xml [2016-06-27]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\google-avast.xml [2015-01-24]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\nuesearch.xml [2016-08-04]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\piesearch.xml [2016-04-24]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\seznam-avast.xml [2016-05-18]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml [2016-02-17]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\google-avast.xml [2015-01-24]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\nice-.xml [2016-05-16]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\seznam-avast.xml [2016-05-18]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\v9.xml [2016-04-12]
FF Extension: (No Name) - C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\arthurj8283@gmail.com [not found]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-28]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [arthurj8283@gmail.com] - C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\extensions\arthurj8283@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
Chrome:
=======
CHR HomePage: Default -> search.mpc.am
CHR StartupUrls: Default -> "search.mpc.am"
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searc ... &mode=nnnb
CHR DefaultSearchKeyword: Default -> yessearches
CHR Profile: C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Dokumenty Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-02-03]
CHR Extension: (Tabulky Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-30]
CHR Extension: (Avast Online Security) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-28] (AVAST Software)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-01-21] (Lenovo Corporation)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-05] (Microsoft Corporation)
R2 CommandHandler; C:\Program Files (x86)\Firefox\bin\FirefoxCommand.exe [253312 2016-08-22] ()
S2 DeskTop_F; C:\ProgramData\desktopfind\desktop244.exe [236728 2016-03-16] (DeskTopService)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-12-06] (Lenovo)
R2 FirefoxU; C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe [604032 2016-08-22] ()
S2 ggbugreport; C:\Program Files (x86)\SearchesToYesbnd\bugreport.exe [1588408 2016-02-05] ()
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2013-07-26] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016472 2015-01-23] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [626120 2015-01-21] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
R2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [22576 2014-02-21] (Lenovo)
R2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
R2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-01-09] ()
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-03-16] (DotC United Inc)
R2 qkseeService; C:\Program Files (x86)\qksee\qkseeSvc.exe [706200 2016-04-08] (Qksee Pvt Ltd.)
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-10-01] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [328488 2014-10-01] (Lenovo Group Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-08-28] (Enigma Software Group USA, LLC.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-05-25] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [247968 2015-09-01] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
R2 winsaber; C:\Program Files (x86)\WinSaber\WinSaber.exe [422168 2016-07-19] ()
S2 Winsere; C:\Program Files (x86)\Winsere\Winsere\Winsere.exe [316984 2016-03-23] ()
S2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5573632 2013-12-06] (Broadcom Corporation) [File not signed]
S2 cktSvc; "C:\Program Files (x86)\Uncheckit\cktSvc.exe" {92E162D7-70FD-48F7-A779-91154F8FD518} [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [83312 2016-08-02] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-28] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-08-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-28] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-08-28] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-08-28] ()
S3 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2013-12-06] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [74344 2013-07-03] (Intel Corporation)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-03-16] (DotC United Inc)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44192 2015-09-01] (Synaptics Incorporated)
R1 SMIDriver; C:\Windows\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1065472 2013-09-05] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xtouch; C:\Windows\System32\drivers\xtouch.sys [173080 2015-08-07] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-29 19:30 - 2016-08-29 19:41 - 00031900 _____ C:\Users\Elen\Desktop\FRST.txt
2016-08-29 19:24 - 2016-08-29 19:25 - 00067233 _____ C:\Users\Elen\Desktop\FRST3.txt
2016-08-29 19:23 - 2016-08-29 19:27 - 00055834 _____ C:\Users\Elen\Desktop\Addition.txt
2016-08-29 19:20 - 2016-08-29 19:40 - 00000000 ____D C:\FRST
2016-08-29 19:15 - 2016-08-29 19:20 - 02396672 _____ (Farbar) C:\Users\Elen\Desktop\FRST64.exe
2016-08-29 18:54 - 2016-08-29 18:54 - 01883147 _____ C:\Users\Elen\Desktop\SmitFraudFix_2.423.exe.crdownload
2016-08-29 18:52 - 2016-08-29 18:52 - 01478763 _____ C:\Users\Elen\Desktop\SmitfraudFix.exe.crdownload
2016-08-29 18:44 - 2016-08-29 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-08-29 16:47 - 2016-08-29 12:38 - 00002024 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160829-164748.backup
2016-08-29 16:34 - 2016-08-29 16:34 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-29 16:34 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-08-29 16:32 - 2016-08-29 16:32 - 01884291 _____ C:\Users\Elen\Downloads\smitfraudfix-2.418.exe
2016-08-29 16:24 - 2016-08-29 16:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-29 16:23 - 2016-08-29 18:59 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-29 16:23 - 2016-08-29 18:57 - 00001471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-29 16:23 - 2016-08-29 18:57 - 00001459 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-29 16:23 - 2016-08-29 18:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-29 16:23 - 2016-08-29 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-29 16:23 - 2015-06-16 17:32 - 00020760 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2016-08-29 16:19 - 2016-08-29 16:21 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Elen\Downloads\spybot-2.4.exe
2016-08-29 16:11 - 2016-08-29 16:13 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-29 16:11 - 2016-08-29 16:11 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-08-28 22:54 - 2016-08-29 12:18 - 00000402 _____ C:\WINDOWS\Tasks\SpyHunter4.job
2016-08-28 22:54 - 2016-08-28 22:54 - 00003252 _____ C:\WINDOWS\System32\Tasks\SpyHunter4
2016-08-28 22:45 - 2016-08-29 19:40 - 00001324 _____ C:\Users\Elen\Desktop\SpyHunter.lnk
2016-08-28 22:45 - 2016-08-28 22:45 - 00003394 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2016-08-28 22:45 - 2016-08-28 22:45 - 00000000 ____D C:\Users\Elen\AppData\Roaming\Enigma Software Group
2016-08-28 22:45 - 2016-08-28 22:45 - 00000000 _____ C:\autoexec.bat
2016-08-28 22:44 - 2016-08-28 22:45 - 00000000 ____D C:\sh4ldr
2016-08-28 22:44 - 2016-08-28 22:44 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-08-28 22:44 - 2016-08-28 22:44 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-08-28 21:05 - 2016-08-29 18:44 - 00001809 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-08-28 21:02 - 2016-08-28 21:01 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-08-28 21:01 - 2016-08-28 21:01 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-08-28 20:57 - 2016-08-28 22:44 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\Elen\Downloads\SpyHunter-Installer.exe
2016-08-27 22:33 - 2016-08-28 14:30 - 00000000 ____D C:\Users\Elen\Desktop\libez 2016 vybrane
2016-08-26 18:20 - 2016-08-26 18:20 - 00003316 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-26 14:22 - 2016-08-26 14:22 - 00000000 ____D C:\Users\Elen\AppData\Roaming\Skype
2016-08-25 23:05 - 2016-08-28 22:29 - 00000001 _____ C:\WINDOWS\SysWOW64\en.html
2016-08-25 21:23 - 2016-08-25 21:23 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-08-25 14:26 - 2016-08-28 21:09 - 00000000 ____D C:\ProgramData\Jamben
2016-08-25 14:24 - 2016-08-25 14:24 - 00000000 ____D C:\Users\Elen\AppData\Local\Firefox
2016-08-25 14:23 - 2016-08-25 14:23 - 00002010 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-25 14:23 - 2016-08-25 14:23 - 00000000 ____D C:\Users\Elen\AppData\Roaming\Firefox
2016-08-25 14:23 - 2016-08-25 14:23 - 00000000 ____D C:\Users\Elen\AppData\Local\Jamben
2016-08-25 14:23 - 2016-08-25 14:23 - 00000000 ____D C:\Program Files (x86)\Jamben
2016-08-25 14:23 - 2016-08-25 14:23 - 00000000 ____D C:\Program Files (x86)\Firefox
2016-08-25 14:22 - 2016-08-29 19:06 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-08-25 14:22 - 2016-08-27 10:46 - 00000000 _____ C:\Users\Public\Documents\report1.dat
2016-08-12 11:08 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-12 11:08 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-12 11:08 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-12 11:08 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-12 11:08 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-12 11:08 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-12 11:08 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-12 11:08 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-12 11:08 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-12 11:08 - 2016-08-03 11:41 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-08-12 11:08 - 2016-08-03 11:41 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-12 11:08 - 2016-08-03 11:40 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-12 11:08 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-12 11:08 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-12 11:08 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-12 11:08 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-12 11:08 - 2016-08-03 11:29 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-12 11:08 - 2016-08-03 11:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-12 11:08 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-12 11:08 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-12 11:08 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-12 11:08 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-12 11:08 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-12 11:08 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-12 11:08 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-12 11:08 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-12 11:08 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-12 11:08 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-12 11:08 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-12 11:08 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-12 11:08 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-12 11:07 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-12 11:07 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-12 11:07 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-12 11:07 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-12 11:07 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-12 11:07 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-12 11:07 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-12 11:07 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-12 11:07 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-12 11:07 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-12 11:07 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-12 11:07 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-12 11:07 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-12 11:07 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-12 11:07 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-12 11:07 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-12 11:07 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-12 11:07 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-12 11:07 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-12 11:07 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-12 11:07 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-12 11:07 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-12 11:07 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-12 11:07 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-12 11:07 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-12 11:07 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-12 11:07 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-12 11:07 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-12 11:07 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-12 11:07 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-12 11:07 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-12 11:07 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-12 11:07 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-12 11:07 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-12 11:07 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-12 11:07 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-12 11:07 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-12 11:07 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-12 11:07 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-12 11:07 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-12 11:07 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-12 11:07 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-12 11:07 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-12 11:07 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-12 11:07 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-12 11:07 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-12 11:07 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-12 11:07 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-12 11:07 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-12 11:07 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-12 11:07 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-12 11:07 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-12 11:07 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-12 11:07 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-12 11:07 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-12 11:07 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-12 11:07 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-12 11:07 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-12 11:07 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-12 11:07 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-12 11:07 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-12 11:07 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-12 11:07 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-12 11:07 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-12 11:07 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-12 11:07 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-12 11:07 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-12 11:07 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-12 11:07 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-12 11:07 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-12 11:07 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-12 11:07 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-12 11:07 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-12 11:07 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-12 11:07 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-12 11:07 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-12 11:07 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-12 11:07 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-12 11:07 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-12 11:07 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-12 11:07 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-12 11:07 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-12 11:07 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-12 11:07 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-12 11:07 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-12 11:07 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-12 11:07 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-12 11:07 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-12 11:07 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-12 11:07 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-12 11:07 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-12 11:07 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-12 11:07 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-12 11:06 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-12 11:06 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-12 11:06 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-12 11:06 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-12 11:06 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-12 11:06 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-12 11:06 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-12 11:06 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-12 11:06 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-12 11:06 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-04 11:29 - 2016-08-04 11:29 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345175312.html
2016-08-04 11:29 - 2016-08-04 11:29 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345174531.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345144421.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345144281.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345143421.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345143296.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345139546.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345139421.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345127828.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345127703.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345126234.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345126125.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345116515.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\en_345116312.html
2016-08-02 21:58 - 2016-08-02 14:22 - 00083312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-29 18:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-29 18:45 - 2015-12-13 16:35 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-29 18:45 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-29 18:45 - 2015-08-07 09:17 - 00000000 __SHD C:\Users\Elen\IntelGraphicsProfiles
2016-08-29 18:45 - 2014-11-18 10:52 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-29 18:43 - 2016-04-08 18:52 - 00000000 ____D C:\Program Files (x86)\qksee
2016-08-29 18:43 - 2015-12-13 16:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-29 18:43 - 2014-12-21 18:05 - 00000000 ____D C:\ProgramData\Synaptics
2016-08-29 18:40 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-08-29 18:32 - 2015-12-13 16:39 - 00000000 ____D C:\Users\Elen
2016-08-29 18:32 - 2014-11-20 21:26 - 00000000 __RDO C:\Users\Elen\OneDrive
2016-08-29 17:45 - 2014-11-18 10:52 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-29 17:09 - 2016-02-17 00:18 - 00000000 ____D C:\Program Files (x86)\SearchesToYesbnd
2016-08-29 16:59 - 2016-02-17 00:18 - 00000000 ____D C:\Program Files (x86)\MixVideoPlayer
2016-08-29 16:56 - 2016-02-17 00:19 - 00002041 _____ C:\Users\Elen\Desktop\MixVideoPlayer.lnk
2016-08-29 16:29 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-29 16:12 - 2015-07-17 16:39 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-29 16:11 - 2013-12-06 13:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-29 16:10 - 2013-12-06 13:11 - 00000000 ____D C:\ProgramData\Adobe
2016-08-29 14:03 - 2014-12-22 18:55 - 00002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-29 14:03 - 2014-11-18 10:53 - 00002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-29 14:03 - 2014-11-18 10:53 - 00002174 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-28 22:50 - 2016-07-25 16:23 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-08-28 22:50 - 2016-06-13 10:03 - 00000000 ____D C:\Program Files (x86)\SFK
2016-08-28 22:50 - 2016-06-01 09:25 - 00000000 ____D C:\Users\Elen\AppData\Roaming\TSv
2016-08-28 21:06 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-28 21:04 - 2016-07-19 12:17 - 00000000 ____D C:\ProgramData\ChelfNotify
2016-08-28 21:04 - 2016-07-15 09:45 - 00003998 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1468568750
2016-08-28 21:04 - 2016-07-15 09:45 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-28 21:02 - 2014-11-23 20:51 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-08-28 21:01 - 2016-07-14 22:06 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-08-28 21:01 - 2014-11-18 10:43 - 00000000 ____D C:\Users\Elen\AppData\Local\Packages
2016-08-28 11:26 - 2015-10-30 20:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-28 11:26 - 2015-10-30 20:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-28 11:26 - 2015-08-06 22:38 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-26 18:20 - 2015-08-07 09:21 - 00002395 _____ C:\Users\Elen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-25 14:33 - 2016-01-03 12:59 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-25 12:18 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-25 12:17 - 2016-07-19 12:17 - 00003516 _____ C:\WINDOWS\System32\Tasks\ChelfNotify Task
2016-08-25 12:16 - 2014-11-17 19:17 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-08-24 17:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-24 16:55 - 2014-11-17 23:57 - 00000000 ____D C:\Users\Elen\AppData\Roaming\vlc
2016-08-24 14:16 - 2013-12-06 13:11 - 839110656 ___SH C:\WINDOWS\lenovo_fastboot.img
2016-08-12 16:31 - 2014-11-18 10:25 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-12 16:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-12 15:25 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-12 15:25 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-12 15:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-12 14:39 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-12 14:38 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-12 14:38 - 2014-11-20 13:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-12 12:02 - 2014-11-20 13:07 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-04 11:28 - 2016-07-25 15:17 - 00000000 ____D C:\WINDOWS\SysWOW64\_SSpm
==================== Files in the root of some directories =======
2016-06-29 07:10 - 2016-07-29 10:37 - 2964374 _____ (Update) C:\Program Files (x86)\SSFK.exe
2014-11-18 10:44 - 2014-12-09 22:47 - 0008280 _____ () C:\Users\Elen\AppData\Roaming\AbsoluteReminder.xml
2014-11-17 23:55 - 2014-12-07 18:41 - 0004608 _____ () C:\Users\Elen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-18 10:44 - 2014-11-23 21:32 - 0000377 _____ () C:\Users\Elen\AppData\Local\RegisteredPackageInformation.xml
2016-05-17 13:27 - 2016-05-17 13:27 - 0000000 _____ () C:\Users\Elen\AppData\Local\{5D225686-919B-4288-8D6F-410BBB3D6DAD}
2015-12-13 16:36 - 2015-12-13 16:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-06 13:15 - 2013-12-06 13:15 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2013-12-06 13:12 - 2013-12-06 13:13 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-12-06 13:13 - 2013-12-06 13:14 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2013-12-06 13:14 - 2013-12-06 13:15 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-24 17:03
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zavirované pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirované pc
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirované pc
tady to je:
# AdwCleaner v6.010 - Log soubor vytvořen 29/08/2016 na 21:01:52
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-08-28.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Elen - ELEN
# Beží od : C:\Users\Elen\Desktop\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[-] Služby smazány:MPCProtectService
[-] Služby smazány:MPCKpt
[-] Služby smazány:ggbugreport
[-] Služby smazány:Winsere
[-] Služby smazány:qkseeService
[-] Služby smazány:DeskTop_F
[-] Služby smazány:winsaber
[-] Služby smazány:cktSvc
[-] Služby smazány:CommandHandler
[-] Služby smazány:FirefoxU
***** [ Adresáře ] *****
[-] Adresář smazán:C:\ProgramData\cwinpc
[-] Adresář smazán:C:\ProgramData\jwinpj
[-] Adresář smazán:C:\ProgramData\pwinpp
[-] Adresář smazán:C:\ProgramData\twinpt
[-] Adresář smazán:C:\ProgramData\UwinpU
[-] Adresář smazán:C:\ProgramData\XwinpX
[-] Adresář smazán:C:\ProgramData\zwinpz
[-] Adresář smazán:C:\Users\Elen\AppData\Local\BrowserWeb
[-] Adresář smazán:C:\Users\Elen\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\TSv
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\qksee
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\WinZiper
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\MCorp
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\Uncheckit
[-] Adresář smazán:C:\ProgramData\desktopfind
[-] Adresář smazán:C:\ProgramData\Uncheckit
[-] Adresář smazán:C:\ProgramData\ChelfNotify
[-] Adresář smazán:C:\ProgramData\uckt
[-] Adresář smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[-] Adresář smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
[#] Adresář nelze smazat:C:\Program Files (x86)\MPC Cleaner
[-] Adresář smazán:C:\Program Files (x86)\SFK
[-] Adresář smazán:C:\Program Files (x86)\WinZipper
[-] Adresář smazán:C:\Program Files (x86)\SearchesToYesbnd
[-] Adresář smazán:C:\Program Files (x86)\TData
[-] Adresář smazán:C:\Program Files (x86)\Winsere
[-] Adresář smazán:C:\Program Files (x86)\WinTaske
[-] Adresář smazán:C:\Program Files (x86)\qksee
[-] Adresář smazán:C:\Program Files (x86)\QQBrowser
[-] Adresář smazán:C:\Program Files (x86)\TXQQBrowser
[-] Adresář smazán:C:\Program Files (x86)\WinSaber
[#] Adresář nelze smazat:C:\Program Files (x86)\winsaber
[-] Adresář smazán:C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit
[-] Adresář smazán:C:\Users\Public\Documents\dmp
[-] Adresář smazán:C:\Users\Elen\AppData\Local\com
[#] Adresář nelze smazat:C:\Users\Elen\AppData\Roaming\MCorp
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
[-] Adresář smazán:C:\Program Files (x86)\Firefox
***** [ Soubory ] *****
[-] Soubor smazán:C:\Users\Elen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\qksee.lnk
[-] Soubor smazán:C:\Users\Elen\Desktop\MixVideoPlayer.lnk
[-] Soubor smazán:C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[#] Soubor smazán:C:\WINDOWS\SysNative\drivers\MPCKpt.sys
[-] Soubor smazán:C:\Users\Public\Desktop\MPC Cleaner.lnk
[-] Soubor smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserMixVideoPlayer.lnk
[#] Soubor smazán:C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\v9.xml
[-] Soubor smazán:C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\piesearch.xml
[#] Soubor smazán:C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\dd1b66d4.xml
[-] Soubor smazán:C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\nuesearch.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.001
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.z
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdMan
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Klíč smazán:HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Klíč smazán:HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.bmp
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.gif
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.ico
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.jpeg
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.jpg
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.png
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.tif
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč smazán:HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč smazán:HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč smazán:HKLM\SOFTWARE\hdcode
[-] Klíč smazán:HKLM\SOFTWARE\MixVideoPlayer
[-] Klíč smazán:HKLM\SOFTWARE\MPC
[-] Klíč smazán:HKLM\SOFTWARE\yessearchesSoftware
[-] Klíč smazán:HKLM\SOFTWARE\qkseeSvc
[-] Klíč smazán:HKLM\SOFTWARE\qksee
[-] Klíč smazán:HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč smazán:HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\MaxPower
[-] Klíč smazán:HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qksee
[-] Data obnovena:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\adnetworkperformance.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\azlyrics.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\adnetworkperformance.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\azlyrics.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Applications\MixVideoPlayer.exe
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [BrowserWeb.exe]
[-] Klíč smazán:HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč smazán:HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Hodnota smazána:HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[#] Hodnota smazána po restartování:HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[#] Hodnota smazána po restartování:HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
***** [ Prohlížeče ] *****
[-] Firefox nastavení vyčištěno:"browser.search.searchengine.iconURL" - "hxxp://www.nicesearches.com/favicon.ico?t=1"
[-] Firefox nastavení vyčištěno:"browser.search.searchengine.url" - "hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}"
[-] Firefox nastavení vyčištěno:"browser.startup.homepage" - "hxxp://www.nicesearches.com?type=hp&ts=1463385 ... 9bdw3e6t2m"
[-] Firefox nastavení vyčištěno:"browser.newtab.url" - "hxxp://www.nicesearches.com?type=hp&ts=1463385 ... 9bdw3e6t2m"
[-] [yessearches] [Search Provider] Smazání:yessearches
[-] [google] [Search Provider] Smazání:google
[-] [C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Smazání:search.mpc.am
[-] [C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:bopakagnckmlgajfccecajhnimjiiedh
[-] [C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default] [homepage] Smazání:search.mpc.am
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [14084 Bajtů] - [29/08/2016 21:01:52]
C:\AdwCleaner\AdwCleaner[S0].txt - [16282 Bajtů] - [29/08/2016 20:55:00]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [14234 Bajtů] ##########
# AdwCleaner v6.010 - Log soubor vytvořen 29/08/2016 na 21:01:52
# Aktualizováno dne 12/08/2016 z ToolsLib
# Databáze : 2016-08-28.2 [Server]
# Operační systém : Windows 10 Home (X64)
# Uživatelské jméno : Elen - ELEN
# Beží od : C:\Users\Elen\Desktop\adwcleaner_6.010.exe
# Mod: Čištění
# Podpora : https://toolslib.net/forum
***** [ Služby ] *****
[-] Služby smazány:MPCProtectService
[-] Služby smazány:MPCKpt
[-] Služby smazány:ggbugreport
[-] Služby smazány:Winsere
[-] Služby smazány:qkseeService
[-] Služby smazány:DeskTop_F
[-] Služby smazány:winsaber
[-] Služby smazány:cktSvc
[-] Služby smazány:CommandHandler
[-] Služby smazány:FirefoxU
***** [ Adresáře ] *****
[-] Adresář smazán:C:\ProgramData\cwinpc
[-] Adresář smazán:C:\ProgramData\jwinpj
[-] Adresář smazán:C:\ProgramData\pwinpp
[-] Adresář smazán:C:\ProgramData\twinpt
[-] Adresář smazán:C:\ProgramData\UwinpU
[-] Adresář smazán:C:\ProgramData\XwinpX
[-] Adresář smazán:C:\ProgramData\zwinpz
[-] Adresář smazán:C:\Users\Elen\AppData\Local\BrowserWeb
[-] Adresář smazán:C:\Users\Elen\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\TSv
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\qksee
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\WinZiper
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\MCorp
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\Uncheckit
[-] Adresář smazán:C:\ProgramData\desktopfind
[-] Adresář smazán:C:\ProgramData\Uncheckit
[-] Adresář smazán:C:\ProgramData\ChelfNotify
[-] Adresář smazán:C:\ProgramData\uckt
[-] Adresář smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[-] Adresář smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
[#] Adresář nelze smazat:C:\Program Files (x86)\MPC Cleaner
[-] Adresář smazán:C:\Program Files (x86)\SFK
[-] Adresář smazán:C:\Program Files (x86)\WinZipper
[-] Adresář smazán:C:\Program Files (x86)\SearchesToYesbnd
[-] Adresář smazán:C:\Program Files (x86)\TData
[-] Adresář smazán:C:\Program Files (x86)\Winsere
[-] Adresář smazán:C:\Program Files (x86)\WinTaske
[-] Adresář smazán:C:\Program Files (x86)\qksee
[-] Adresář smazán:C:\Program Files (x86)\QQBrowser
[-] Adresář smazán:C:\Program Files (x86)\TXQQBrowser
[-] Adresář smazán:C:\Program Files (x86)\WinSaber
[#] Adresář nelze smazat:C:\Program Files (x86)\winsaber
[-] Adresář smazán:C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit
[-] Adresář smazán:C:\Users\Public\Documents\dmp
[-] Adresář smazán:C:\Users\Elen\AppData\Local\com
[#] Adresář nelze smazat:C:\Users\Elen\AppData\Roaming\MCorp
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[-] Adresář smazán:C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
[-] Adresář smazán:C:\Program Files (x86)\Firefox
***** [ Soubory ] *****
[-] Soubor smazán:C:\Users\Elen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\qksee.lnk
[-] Soubor smazán:C:\Users\Elen\Desktop\MixVideoPlayer.lnk
[-] Soubor smazán:C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
[#] Soubor smazán:C:\WINDOWS\SysNative\drivers\MPCKpt.sys
[-] Soubor smazán:C:\Users\Public\Desktop\MPC Cleaner.lnk
[-] Soubor smazán:C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WebBrowserMixVideoPlayer.lnk
[#] Soubor smazán:C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\v9.xml
[-] Soubor smazán:C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\piesearch.xml
[#] Soubor smazán:C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\dd1b66d4.xml
[-] Soubor smazán:C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\nuesearch.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.001
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.7z
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.arj
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.bz2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.bzip2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.cab
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.cpio
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.deb
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.dmg
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.fat
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.gz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.gzip
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.hfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.iso
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lha
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lzh
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.lzma
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.ntfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.rar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.rpm
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.squashfs
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.swm
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.taz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tbz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tbz2
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tgz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.tpz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.txz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.vhd
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.wim
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.xar
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.xz
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.z
[-] Klíč smazán:HKLM\SOFTWARE\Classes\WinZippers.zip
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\WdMan
[-] Klíč smazán:HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
[-] Klíč smazán:HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Klíč smazán:HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.bmp
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.gif
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.ico
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.jpeg
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.jpg
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.png
[-] Klíč smazán:HKLM\SOFTWARE\Classes\qkseeViewer.tif
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Klíč smazán:HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč smazán:[x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč smazán:HKU\.DEFAULT\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč smazán:HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[#] Klíč smazán po restartování:HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč smazán:HKLM\SOFTWARE\hdcode
[-] Klíč smazán:HKLM\SOFTWARE\MixVideoPlayer
[-] Klíč smazán:HKLM\SOFTWARE\MPC
[-] Klíč smazán:HKLM\SOFTWARE\yessearchesSoftware
[-] Klíč smazán:HKLM\SOFTWARE\qkseeSvc
[-] Klíč smazán:HKLM\SOFTWARE\qksee
[-] Klíč smazán:HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}
[-] Klíč smazán:HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\{G6276374-DEEE-4AAA-A355-9016A2F98A2D}
[-] Klíč smazán:HKLM\SOFTWARE\MaxPower
[-] Klíč smazán:HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qksee
[-] Data obnovena:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Klíč smazán:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena:[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč smazán:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data obnovena:HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Microsoft\Internet Explorer\DOMStorage\search.mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\adnetworkperformance.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\azlyrics.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\foxi69.tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\search.mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\adnetworkperformance.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\azlyrics.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\foxi69.tlscdn.com
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\mpc.am
[-] Klíč smazán:HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\search.mpc.am
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Applications\MixVideoPlayer.exe
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
[-] Klíč smazán:HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper
[-] Hodnota smazána:HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [BrowserWeb.exe]
[-] Klíč smazán:HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klíč smazán:HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Hodnota smazána:HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[#] Hodnota smazána po restartování:HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
[#] Hodnota smazána po restartování:HKLM\SOFTWARE\Mozilla\Firefox\Extensions [arthurj8283@gmail.com]
***** [ Prohlížeče ] *****
[-] Firefox nastavení vyčištěno:"browser.search.searchengine.iconURL" - "hxxp://www.nicesearches.com/favicon.ico?t=1"
[-] Firefox nastavení vyčištěno:"browser.search.searchengine.url" - "hxxp://www.nicesearches.com/search.php?type=ds ... earchTerms}"
[-] Firefox nastavení vyčištěno:"browser.startup.homepage" - "hxxp://www.nicesearches.com?type=hp&ts=1463385 ... 9bdw3e6t2m"
[-] Firefox nastavení vyčištěno:"browser.newtab.url" - "hxxp://www.nicesearches.com?type=hp&ts=1463385 ... 9bdw3e6t2m"
[-] [yessearches] [Search Provider] Smazání:yessearches
[-] [google] [Search Provider] Smazání:google
[-] [C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Smazání:search.mpc.am
[-] [C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:bopakagnckmlgajfccecajhnimjiiedh
[-] [C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default] [homepage] Smazání:search.mpc.am
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [14084 Bajtů] - [29/08/2016 21:01:52]
C:\AdwCleaner\AdwCleaner[S0].txt - [16282 Bajtů] - [29/08/2016 20:55:00]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [14234 Bajtů] ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirované pc
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zavirované pc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-08-2016
Ran by Elen (administrator) on ELEN (29-08-2016 22:40:07)
Running from C:\Users\Elen\Desktop
Loaded Profiles: Elen (Available Profiles: Elen)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Jamben\Application\chrome.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\System32\igfxTray.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Lenovo Corporation) C:\Windows\SysWOW64\lmcfrundll.exe
(Google Inc.) C:\Users\Elen\AppData\Local\Google\Update\GoogleUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.486_none_7640e086266ea227\TiWorker.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-21] (Lenovo Group Limited)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [LMCSSTART1] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,InitSubsystemProcesses
HKLM\...\Run: [LMCSSTART2] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libstartstub2.dll,ProxyStart
HKLM\...\Run: [LMCSSTART3] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,SetupCamplusDrop
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3952800 2015-09-01] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2013-12-06] (Lenovo)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9103976 2016-08-28] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\Run: [Google Update] => C:\Users\Elen\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-03-11] (Google Inc.)
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office 15\root\office15\lync.exe [24095432 2016-07-12] (Microsoft Corporation)
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {7246a63c-2f04-11e6-bee0-c45444015bc3} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {7c29a45f-6dd4-11e6-bef3-8056f2eedc96} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {891449b4-0413-11e6-bed5-c45444015bc3} - "E:\autorun.exe"
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {9a8ebfb2-6076-11e5-bea9-8056f2eedc96} - "E:\Lenovo_Suite.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-28] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
Startup: C:\Users\Elen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2015-08-07]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0723e06d-b8a7-4dfa-84a4-160beed85e5c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8d295080-6f70-4c66-bc88-6df8bc37116a}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-320534150-331334849-3461560898-1001 -> {A9EAE5EF-3906-42E0-BD9F-CAC89E0B5D5C} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-07-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-07-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-320534150-331334849-3461560898-1001 -> hxxp://www.google.com/
FireFox:
========
FF ProfilePath: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-320534150-331334849-3461560898-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Elen\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-320534150-331334849-3461560898-1001: @talk.google.com/O1DPlugin -> C:\Users\Elen\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-320534150-331334849-3461560898-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Elen\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-320534150-331334849-3461560898-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Elen\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Elen\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Elen\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\attirerpage.xml [2016-06-27]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\google-avast.xml [2015-01-24]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\seznam-avast.xml [2016-05-18]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-28]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
Chrome:
=======
CHR HomePage: Default -> search.mpc.am
CHR StartupUrls: Default -> "search.mpc.am"
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searc ... &mode=nnnb
CHR DefaultSearchKeyword: Default -> yessearches
CHR Profile: C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Dokumenty Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-02-03]
CHR Extension: (Tabulky Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-30]
CHR Extension: (Avast Online Security) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-28] (AVAST Software)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-01-21] (Lenovo Corporation)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-05] (Microsoft Corporation)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-12-06] (Lenovo)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2013-07-26] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016472 2015-01-23] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [626120 2015-01-21] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
S2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [22576 2014-02-21] (Lenovo)
S2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
S2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-01-09] ()
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-03-16] (DotC United Inc) <==== ATTENTION
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-10-01] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [328488 2014-10-01] (Lenovo Group Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-08-28] (Enigma Software Group USA, LLC.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-05-25] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [247968 2015-09-01] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5573632 2013-12-06] (Broadcom Corporation) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [83312 2016-08-02] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-28] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-08-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-28] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-08-28] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-08-28] ()
S3 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2013-12-06] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [74344 2013-07-03] (Intel Corporation)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-03-16] (DotC United Inc) <==== ATTENTION
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44192 2015-09-01] (Synaptics Incorporated)
R1 SMIDriver; C:\Windows\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1065472 2013-09-05] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xtouch; C:\Windows\System32\drivers\xtouch.sys [173080 2015-08-07] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-29 22:39 - 2016-08-29 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-08-29 22:31 - 2016-08-29 22:31 - 00000000 ____D C:\Users\Elen\Desktop\FRST-OlderVersion
2016-08-29 21:12 - 2016-08-29 21:12 - 00000000 ____D C:\Users\Elen\AppData\Roaming\MCorp
2016-08-29 21:06 - 2016-08-29 22:39 - 00001809 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-08-29 20:51 - 2016-08-29 21:01 - 00000000 ____D C:\AdwCleaner
2016-08-29 20:50 - 2016-08-29 20:51 - 03826240 _____ C:\Users\Elen\Desktop\adwcleaner_6.010.exe
2016-08-29 20:04 - 2016-08-29 20:04 - 00014466 _____ C:\Users\Elen\Desktop\Addition.zip
2016-08-29 20:01 - 2016-08-29 20:01 - 01378550 _____ (Igor Pavlov) C:\Users\Elen\Downloads\7z1602-x64.exe
2016-08-29 20:01 - 2016-08-29 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-08-29 20:01 - 2016-08-29 20:01 - 00000000 ____D C:\Program Files\7-Zip
2016-08-29 19:30 - 2016-08-29 22:40 - 00025830 _____ C:\Users\Elen\Desktop\FRST.txt
2016-08-29 19:24 - 2016-08-29 19:25 - 00067233 _____ C:\Users\Elen\Desktop\FRST3.txt
2016-08-29 19:23 - 2016-08-29 22:36 - 00058994 _____ C:\Users\Elen\Desktop\Addition.txt
2016-08-29 19:20 - 2016-08-29 22:40 - 00000000 ____D C:\FRST
2016-08-29 19:15 - 2016-08-29 22:31 - 02397696 _____ (Farbar) C:\Users\Elen\Desktop\FRST64.exe
2016-08-29 18:54 - 2016-08-29 18:54 - 01883147 _____ C:\Users\Elen\Desktop\SmitFraudFix_2.423.exe.crdownload
2016-08-29 18:52 - 2016-08-29 18:52 - 01478763 _____ C:\Users\Elen\Desktop\SmitfraudFix.exe.crdownload
2016-08-29 16:47 - 2016-08-29 12:38 - 00002024 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160829-164748.backup
2016-08-29 16:34 - 2016-08-29 16:34 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-29 16:34 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-08-29 16:32 - 2016-08-29 16:32 - 01884291 _____ C:\Users\Elen\Downloads\smitfraudfix-2.418.exe
2016-08-29 16:24 - 2016-08-29 16:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-29 16:23 - 2016-08-29 18:59 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-29 16:23 - 2016-08-29 18:57 - 00001471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-29 16:23 - 2016-08-29 18:57 - 00001459 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-29 16:23 - 2016-08-29 18:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-29 16:23 - 2016-08-29 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-29 16:23 - 2015-06-16 17:32 - 00020760 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2016-08-29 16:19 - 2016-08-29 16:21 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Elen\Downloads\spybot-2.4.exe
2016-08-29 16:11 - 2016-08-29 16:13 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-29 16:11 - 2016-08-29 16:11 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-08-28 22:54 - 2016-08-29 12:18 - 00000402 _____ C:\WINDOWS\Tasks\SpyHunter4.job
2016-08-28 22:54 - 2016-08-28 22:54 - 00003252 _____ C:\WINDOWS\System32\Tasks\SpyHunter4
2016-08-28 22:45 - 2016-08-29 19:40 - 00001324 _____ C:\Users\Elen\Desktop\SpyHunter.lnk
2016-08-28 22:45 - 2016-08-28 22:45 - 00003394 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2016-08-28 22:45 - 2016-08-28 22:45 - 00000000 ____D C:\Users\Elen\AppData\Roaming\Enigma Software Group
2016-08-28 22:45 - 2016-08-28 22:45 - 00000000 _____ C:\autoexec.bat
2016-08-28 22:44 - 2016-08-28 22:45 - 00000000 ____D C:\sh4ldr
2016-08-28 22:44 - 2016-08-28 22:44 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-08-28 22:44 - 2016-08-28 22:44 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-08-28 21:02 - 2016-08-28 21:01 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-08-28 21:01 - 2016-08-28 21:01 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-08-28 20:57 - 2016-08-28 22:44 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\Elen\Downloads\SpyHunter-Installer.exe
2016-08-27 22:33 - 2016-08-28 14:30 - 00000000 ____D C:\Users\Elen\Desktop\libez 2016 vybrane
2016-08-26 18:20 - 2016-08-26 18:20 - 00003316 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-26 14:22 - 2016-08-26 14:22 - 00000000 ____D C:\Users\Elen\AppData\Roaming\Skype
2016-08-25 23:05 - 2016-08-28 22:29 - 00000001 _____ C:\WINDOWS\SysWOW64\en.html
2016-08-25 21:23 - 2016-08-25 21:23 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-08-25 14:26 - 2016-08-28 21:09 - 00000000 ____D C:\ProgramData\Jamben
2016-08-25 14:24 - 2016-08-25 14:24 - 00000000 ____D C:\Users\Elen\AppData\Local\Firefox
2016-08-25 14:23 - 2016-08-25 14:23 - 00002010 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-25 14:23 - 2016-08-25 14:23 - 00000000 ____D C:\Users\Elen\AppData\Roaming\Firefox
2016-08-25 14:23 - 2016-08-25 14:23 - 00000000 ____D C:\Users\Elen\AppData\Local\Jamben
2016-08-25 14:23 - 2016-08-25 14:23 - 00000000 ____D C:\Program Files (x86)\Jamben
2016-08-25 14:22 - 2016-08-29 20:47 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-08-25 14:22 - 2016-08-27 10:46 - 00000000 _____ C:\Users\Public\Documents\report1.dat
2016-08-12 11:08 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-12 11:08 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-12 11:08 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-12 11:08 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-12 11:08 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-12 11:08 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-12 11:08 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-12 11:08 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-12 11:08 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-12 11:08 - 2016-08-03 11:41 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-08-12 11:08 - 2016-08-03 11:41 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-12 11:08 - 2016-08-03 11:40 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-12 11:08 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-12 11:08 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-12 11:08 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-12 11:08 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-12 11:08 - 2016-08-03 11:29 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-12 11:08 - 2016-08-03 11:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-12 11:08 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-12 11:08 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-12 11:08 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-12 11:08 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-12 11:08 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-12 11:08 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-12 11:08 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-12 11:08 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-12 11:08 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-12 11:08 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-12 11:08 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-12 11:08 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-12 11:08 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-12 11:07 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-12 11:07 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-12 11:07 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-12 11:07 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-12 11:07 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-12 11:07 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-12 11:07 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-12 11:07 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-12 11:07 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-12 11:07 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-12 11:07 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-12 11:07 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-12 11:07 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-12 11:07 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-12 11:07 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-12 11:07 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-12 11:07 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-12 11:07 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-12 11:07 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-12 11:07 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-12 11:07 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-12 11:07 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-12 11:07 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-12 11:07 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-12 11:07 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-12 11:07 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-12 11:07 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-12 11:07 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-12 11:07 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-12 11:07 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-12 11:07 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-12 11:07 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-12 11:07 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-12 11:07 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-12 11:07 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-12 11:07 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-12 11:07 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-12 11:07 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-12 11:07 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-12 11:07 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-12 11:07 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-12 11:07 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-12 11:07 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-12 11:07 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-12 11:07 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-12 11:07 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-12 11:07 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-12 11:07 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-12 11:07 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-12 11:07 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-12 11:07 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-12 11:07 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-12 11:07 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-12 11:07 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-12 11:07 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-12 11:07 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-12 11:07 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-12 11:07 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-12 11:07 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-12 11:07 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-12 11:07 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-12 11:07 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-12 11:07 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-12 11:07 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-12 11:07 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-12 11:07 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-12 11:07 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-12 11:07 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-12 11:07 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-12 11:07 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-12 11:07 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-12 11:07 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-12 11:07 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-12 11:07 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-12 11:07 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-12 11:07 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-12 11:07 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-12 11:07 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-12 11:07 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-12 11:07 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-12 11:07 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-12 11:07 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-12 11:07 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-12 11:07 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-12 11:07 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-12 11:07 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-12 11:07 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-12 11:07 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-12 11:07 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-12 11:07 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-12 11:07 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-12 11:07 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-12 11:07 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-12 11:06 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-12 11:06 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-12 11:06 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-12 11:06 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-12 11:06 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-12 11:06 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-12 11:06 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-12 11:06 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-12 11:06 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-12 11:06 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-04 11:29 - 2016-08-04 11:29 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345175312.html
2016-08-04 11:29 - 2016-08-04 11:29 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345174531.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345144421.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345144281.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345143421.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345143296.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345139546.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345139421.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345127828.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345127703.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345126234.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345126125.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345116515.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\en_345116312.html
2016-08-02 21:58 - 2016-08-02 14:22 - 00083312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-29 22:39 - 2015-08-07 09:17 - 00000000 __SHD C:\Users\Elen\IntelGraphicsProfiles
2016-08-29 22:39 - 2014-11-18 10:52 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-29 22:38 - 2015-12-13 16:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-29 22:38 - 2015-12-13 16:39 - 00000000 ____D C:\Users\Elen
2016-08-29 22:38 - 2015-12-13 16:35 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-29 22:38 - 2014-12-21 18:05 - 00000000 ____D C:\ProgramData\Synaptics
2016-08-29 21:43 - 2014-11-18 10:52 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-29 21:25 - 2014-11-18 10:43 - 00000000 ____D C:\Users\Elen\AppData\Local\Packages
2016-08-29 21:05 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-08-29 21:01 - 2016-03-29 22:38 - 00000000 ____D C:\WINDOWS\system32\log
2016-08-29 18:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-29 18:45 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-29 18:32 - 2014-11-20 21:26 - 00000000 __RDO C:\Users\Elen\OneDrive
2016-08-29 16:59 - 2016-02-17 00:18 - 00000000 ____D C:\Program Files (x86)\MixVideoPlayer
2016-08-29 16:29 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-29 16:12 - 2015-07-17 16:39 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-29 16:11 - 2013-12-06 13:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-29 16:10 - 2013-12-06 13:11 - 00000000 ____D C:\ProgramData\Adobe
2016-08-29 14:03 - 2014-12-22 18:55 - 00002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-29 14:03 - 2014-11-18 10:53 - 00002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-29 14:03 - 2014-11-18 10:53 - 00002174 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-28 21:06 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-28 21:04 - 2016-07-15 09:45 - 00003998 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1468568750
2016-08-28 21:04 - 2016-07-15 09:45 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-28 21:02 - 2014-11-23 20:51 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-08-28 21:01 - 2016-07-14 22:06 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-08-28 11:26 - 2015-10-30 20:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-28 11:26 - 2015-10-30 20:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-28 11:26 - 2015-08-06 22:38 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-26 18:20 - 2015-08-07 09:21 - 00002395 _____ C:\Users\Elen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-25 14:33 - 2016-01-03 12:59 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-25 12:18 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-25 12:16 - 2014-11-17 19:17 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-08-24 17:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-24 16:55 - 2014-11-17 23:57 - 00000000 ____D C:\Users\Elen\AppData\Roaming\vlc
2016-08-24 14:16 - 2013-12-06 13:11 - 839110656 ___SH C:\WINDOWS\lenovo_fastboot.img
2016-08-12 16:31 - 2014-11-18 10:25 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-12 16:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-12 15:25 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-12 15:25 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-12 15:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-12 14:39 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-12 14:38 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-12 14:38 - 2014-11-20 13:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-12 12:02 - 2014-11-20 13:07 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-04 11:28 - 2016-07-25 15:17 - 00000000 ____D C:\WINDOWS\SysWOW64\_SSpm
==================== Files in the root of some directories =======
2016-06-29 07:10 - 2016-07-29 10:37 - 2964374 _____ (Update) C:\Program Files (x86)\SSFK.exe
2014-11-18 10:44 - 2014-12-09 22:47 - 0008280 _____ () C:\Users\Elen\AppData\Roaming\AbsoluteReminder.xml
2014-11-17 23:55 - 2014-12-07 18:41 - 0004608 _____ () C:\Users\Elen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-18 10:44 - 2014-11-23 21:32 - 0000377 _____ () C:\Users\Elen\AppData\Local\RegisteredPackageInformation.xml
2016-05-17 13:27 - 2016-05-17 13:27 - 0000000 _____ () C:\Users\Elen\AppData\Local\{5D225686-919B-4288-8D6F-410BBB3D6DAD}
2015-12-13 16:36 - 2015-12-13 16:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-06 13:15 - 2013-12-06 13:15 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2013-12-06 13:12 - 2013-12-06 13:13 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-12-06 13:13 - 2013-12-06 13:14 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2013-12-06 13:14 - 2013-12-06 13:15 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
Some files in TEMP:
====================
C:\Users\Elen\AppData\Local\Temp\libeay32.dll
C:\Users\Elen\AppData\Local\Temp\msvcr120.dll
C:\Users\Elen\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-24 17:03
==================== End of FRST.txt ============================
Ran by Elen (administrator) on ELEN (29-08-2016 22:40:07)
Running from C:\Users\Elen\Desktop
Loaded Profiles: Elen (Available Profiles: Elen)
Platform: Windows 10 Home Version 1511 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Jamben\Application\chrome.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo Corporation) C:\Program Files\Lenovo\Communications Utility\avfaudiosw.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\System32\igfxTray.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\mkrmsg.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\extapsup.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Lenovo Corporation) C:\Windows\SysWOW64\lmcfrundll.exe
(Google Inc.) C:\Users\Elen\AppData\Local\Google\Update\GoogleUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.486_none_7640e086266ea227\TiWorker.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [402344 2015-12-19] ()
HKLM\...\Run: [LenovoOptMouseUpdate] => C:\Program Files\Lenovo\HOTKEY\extapsup.exe [255480 2013-06-21] (Lenovo Group Limited)
HKLM\...\Run: [LnvMobHotspotClient] => C:\Program Files\Lenovo\Lenovo Mobile Hotspot\MobileHotspotclient.exe [937968 2014-08-12] (Lenovo)
HKLM\...\Run: [LMCSSTART1] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,InitSubsystemProcesses
HKLM\...\Run: [LMCSSTART2] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libstartstub2.dll,ProxyStart
HKLM\...\Run: [LMCSSTART3] => C:\WINDOWS\SysWOW64\lmcfrundll.exe C:\Program Files\Lenovo\Communications Utility\libmcsrdllb.dll,SetupCamplusDrop
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3952800 2015-09-01] (Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [738032 2013-12-06] (Lenovo)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9103976 2016-08-28] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\Run: [Google Update] => C:\Users\Elen\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-03-11] (Google Inc.)
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office 15\root\office15\lync.exe [24095432 2016-07-12] (Microsoft Corporation)
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8722136 2016-06-01] (Piriform Ltd)
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {7246a63c-2f04-11e6-bee0-c45444015bc3} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {7c29a45f-6dd4-11e6-bef3-8056f2eedc96} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {891449b4-0413-11e6-bed5-c45444015bc3} - "E:\autorun.exe"
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {9a8ebfb2-6076-11e5-bea9-8056f2eedc96} - "E:\Lenovo_Suite.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-28] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-09-19] (SugarSync, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
Startup: C:\Users\Elen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2015-08-07]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0723e06d-b8a7-4dfa-84a4-160beed85e5c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{8d295080-6f70-4c66-bc88-6df8bc37116a}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-320534150-331334849-3461560898-1001 -> {A9EAE5EF-3906-42E0-BD9F-CAC89E0B5D5C} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-07-12] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-07-12] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-320534150-331334849-3461560898-1001 -> hxxp://www.google.com/
FireFox:
========
FF ProfilePath: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-320534150-331334849-3461560898-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Elen\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-320534150-331334849-3461560898-1001: @talk.google.com/O1DPlugin -> C:\Users\Elen\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-320534150-331334849-3461560898-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Elen\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin HKU\S-1-5-21-320534150-331334849-3461560898-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Elen\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Elen\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Elen\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\attirerpage.xml [2016-06-27]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\google-avast.xml [2015-01-24]
FF SearchPlugin: C:\Users\Elen\AppData\Roaming\Mozilla\Firefox\Profiles\i3ecfj22.default\searchplugins\seznam-avast.xml [2016-05-18]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-28]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
Chrome:
=======
CHR HomePage: Default -> search.mpc.am
CHR StartupUrls: Default -> "search.mpc.am"
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searc ... &mode=nnnb
CHR DefaultSearchKeyword: Default -> yessearches
CHR Profile: C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Dokumenty Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Disk Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-02-03]
CHR Extension: (Tabulky Google) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Dokumenty Google offline) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-30]
CHR Extension: (Avast Online Security) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-07-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Elen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-28] (AVAST Software)
R2 AVControlCenter; C:\Program Files\Lenovo\Communications Utility\AVControlCenter32.exe [560584 2015-01-21] (Lenovo Corporation)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-05] (Microsoft Corporation)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [140016 2013-12-06] (Lenovo)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2013-07-26] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 Lenovo Settings Service; C:\Program Files\Lenovo\SettingsDependency\SettingsService.exe [2016472 2015-01-23] (Lenovo Group Limited)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
S3 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [626120 2015-01-21] (Lenovo Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [115184 2014-07-08] (Lenovo Group Limited)
S2 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [22576 2014-02-21] (Lenovo)
S2 LnvHotSpotSvc; C:\Program Files\Lenovo\Lenovo Mobile Hotspot\LnvHotSpotSvc.exe [474608 2014-08-12] (Lenovo)
S2 LocationTaskManager; C:\Program Files (x86)\Lenovo\LocationAware\loctaskmgr.exe [469720 2015-01-09] ()
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-03-16] (DotC United Inc) <==== ATTENTION
S2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-10-01] (Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [328488 2014-10-01] (Lenovo Group Limited)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2102496 2015-06-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-08-28] (Enigma Software Group USA, LLC.)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [21536 2016-05-25] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [247968 2015-09-01] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [86544 2016-07-13] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\Windows\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Synaptics Incorporated)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5573632 2013-12-06] (Broadcom Corporation) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [83312 2016-08-02] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-28] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-28] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-28] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-08-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-28] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7585280 2015-10-30] (Broadcom Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-08-28] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-08-28] ()
S3 Fastboot; C:\Windows\System32\DRIVERS\fastboot.sys [66288 2013-12-06] (Windows (R) Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [74344 2013-07-03] (Intel Corporation)
R3 LnvHIDHW; C:\Windows\System32\drivers\LnvHIDHW.sys [29496 2014-04-07] (Lenovo)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-03-16] (DotC United Inc) <==== ATTENTION
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44192 2015-09-01] (Synaptics Incorporated)
R1 SMIDriver; C:\Windows\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1065472 2013-09-05] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xtouch; C:\Windows\System32\drivers\xtouch.sys [173080 2015-08-07] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-29 22:39 - 2016-08-29 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-08-29 22:31 - 2016-08-29 22:31 - 00000000 ____D C:\Users\Elen\Desktop\FRST-OlderVersion
2016-08-29 21:12 - 2016-08-29 21:12 - 00000000 ____D C:\Users\Elen\AppData\Roaming\MCorp
2016-08-29 21:06 - 2016-08-29 22:39 - 00001809 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-08-29 20:51 - 2016-08-29 21:01 - 00000000 ____D C:\AdwCleaner
2016-08-29 20:50 - 2016-08-29 20:51 - 03826240 _____ C:\Users\Elen\Desktop\adwcleaner_6.010.exe
2016-08-29 20:04 - 2016-08-29 20:04 - 00014466 _____ C:\Users\Elen\Desktop\Addition.zip
2016-08-29 20:01 - 2016-08-29 20:01 - 01378550 _____ (Igor Pavlov) C:\Users\Elen\Downloads\7z1602-x64.exe
2016-08-29 20:01 - 2016-08-29 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-08-29 20:01 - 2016-08-29 20:01 - 00000000 ____D C:\Program Files\7-Zip
2016-08-29 19:30 - 2016-08-29 22:40 - 00025830 _____ C:\Users\Elen\Desktop\FRST.txt
2016-08-29 19:24 - 2016-08-29 19:25 - 00067233 _____ C:\Users\Elen\Desktop\FRST3.txt
2016-08-29 19:23 - 2016-08-29 22:36 - 00058994 _____ C:\Users\Elen\Desktop\Addition.txt
2016-08-29 19:20 - 2016-08-29 22:40 - 00000000 ____D C:\FRST
2016-08-29 19:15 - 2016-08-29 22:31 - 02397696 _____ (Farbar) C:\Users\Elen\Desktop\FRST64.exe
2016-08-29 18:54 - 2016-08-29 18:54 - 01883147 _____ C:\Users\Elen\Desktop\SmitFraudFix_2.423.exe.crdownload
2016-08-29 18:52 - 2016-08-29 18:52 - 01478763 _____ C:\Users\Elen\Desktop\SmitfraudFix.exe.crdownload
2016-08-29 16:47 - 2016-08-29 12:38 - 00002024 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160829-164748.backup
2016-08-29 16:34 - 2016-08-29 16:34 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-29 16:34 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-08-29 16:32 - 2016-08-29 16:32 - 01884291 _____ C:\Users\Elen\Downloads\smitfraudfix-2.418.exe
2016-08-29 16:24 - 2016-08-29 16:24 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-08-29 16:23 - 2016-08-29 18:59 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-29 16:23 - 2016-08-29 18:57 - 00001471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-29 16:23 - 2016-08-29 18:57 - 00001459 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-29 16:23 - 2016-08-29 18:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-29 16:23 - 2016-08-29 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-29 16:23 - 2015-06-16 17:32 - 00020760 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2016-08-29 16:19 - 2016-08-29 16:21 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Elen\Downloads\spybot-2.4.exe
2016-08-29 16:11 - 2016-08-29 16:13 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-29 16:11 - 2016-08-29 16:11 - 00002135 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-08-28 22:54 - 2016-08-29 12:18 - 00000402 _____ C:\WINDOWS\Tasks\SpyHunter4.job
2016-08-28 22:54 - 2016-08-28 22:54 - 00003252 _____ C:\WINDOWS\System32\Tasks\SpyHunter4
2016-08-28 22:45 - 2016-08-29 19:40 - 00001324 _____ C:\Users\Elen\Desktop\SpyHunter.lnk
2016-08-28 22:45 - 2016-08-28 22:45 - 00003394 _____ C:\WINDOWS\System32\Tasks\SpyHunter4Startup
2016-08-28 22:45 - 2016-08-28 22:45 - 00000000 ____D C:\Users\Elen\AppData\Roaming\Enigma Software Group
2016-08-28 22:45 - 2016-08-28 22:45 - 00000000 _____ C:\autoexec.bat
2016-08-28 22:44 - 2016-08-28 22:45 - 00000000 ____D C:\sh4ldr
2016-08-28 22:44 - 2016-08-28 22:44 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-08-28 22:44 - 2016-08-28 22:44 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-08-28 21:02 - 2016-08-28 21:01 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-08-28 21:01 - 2016-08-28 21:01 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-08-28 20:57 - 2016-08-28 22:44 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\Elen\Downloads\SpyHunter-Installer.exe
2016-08-27 22:33 - 2016-08-28 14:30 - 00000000 ____D C:\Users\Elen\Desktop\libez 2016 vybrane
2016-08-26 18:20 - 2016-08-26 18:20 - 00003316 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-26 14:22 - 2016-08-26 14:22 - 00000000 ____D C:\Users\Elen\AppData\Roaming\Skype
2016-08-25 23:05 - 2016-08-28 22:29 - 00000001 _____ C:\WINDOWS\SysWOW64\en.html
2016-08-25 21:23 - 2016-08-25 21:23 - 00000000 ____D C:\Users\Public\Documents\chrome
2016-08-25 14:26 - 2016-08-28 21:09 - 00000000 ____D C:\ProgramData\Jamben
2016-08-25 14:24 - 2016-08-25 14:24 - 00000000 ____D C:\Users\Elen\AppData\Local\Firefox
2016-08-25 14:23 - 2016-08-25 14:23 - 00002010 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-25 14:23 - 2016-08-25 14:23 - 00000000 ____D C:\Users\Elen\AppData\Roaming\Firefox
2016-08-25 14:23 - 2016-08-25 14:23 - 00000000 ____D C:\Users\Elen\AppData\Local\Jamben
2016-08-25 14:23 - 2016-08-25 14:23 - 00000000 ____D C:\Program Files (x86)\Jamben
2016-08-25 14:22 - 2016-08-29 20:47 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-08-25 14:22 - 2016-08-27 10:46 - 00000000 _____ C:\Users\Public\Documents\report1.dat
2016-08-12 11:08 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-12 11:08 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-12 11:08 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-12 11:08 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-12 11:08 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-12 11:08 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-12 11:08 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-12 11:08 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-12 11:08 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-12 11:08 - 2016-08-03 11:41 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-08-12 11:08 - 2016-08-03 11:41 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-12 11:08 - 2016-08-03 11:40 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-12 11:08 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-12 11:08 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-12 11:08 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-12 11:08 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-12 11:08 - 2016-08-03 11:29 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-12 11:08 - 2016-08-03 11:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-12 11:08 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-12 11:08 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-12 11:08 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-12 11:08 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-12 11:08 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-12 11:08 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-12 11:08 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-12 11:08 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-12 11:08 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-12 11:08 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-12 11:08 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-12 11:08 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-12 11:08 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-12 11:07 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-12 11:07 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-12 11:07 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-12 11:07 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-12 11:07 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-12 11:07 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-12 11:07 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-12 11:07 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-12 11:07 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-12 11:07 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-12 11:07 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-12 11:07 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-12 11:07 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-12 11:07 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-12 11:07 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-12 11:07 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-12 11:07 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-12 11:07 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-12 11:07 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-12 11:07 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-12 11:07 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-12 11:07 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-12 11:07 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-12 11:07 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-12 11:07 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-12 11:07 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-12 11:07 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-12 11:07 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-12 11:07 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-12 11:07 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-12 11:07 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-12 11:07 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-12 11:07 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-12 11:07 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-12 11:07 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-12 11:07 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-12 11:07 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-12 11:07 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-12 11:07 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-12 11:07 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-12 11:07 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-12 11:07 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-12 11:07 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-12 11:07 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-12 11:07 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-12 11:07 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-12 11:07 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-12 11:07 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-12 11:07 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-12 11:07 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-12 11:07 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-12 11:07 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-12 11:07 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-12 11:07 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-12 11:07 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-12 11:07 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-12 11:07 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-12 11:07 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-12 11:07 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-12 11:07 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-12 11:07 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-12 11:07 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-12 11:07 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-12 11:07 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-12 11:07 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-12 11:07 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-12 11:07 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-12 11:07 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-12 11:07 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-12 11:07 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-12 11:07 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-12 11:07 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-12 11:07 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-12 11:07 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-12 11:07 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-12 11:07 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-12 11:07 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-12 11:07 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-12 11:07 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-12 11:07 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-12 11:07 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-12 11:07 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-12 11:07 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-12 11:07 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-12 11:07 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-12 11:07 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-12 11:07 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-12 11:07 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-12 11:07 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-12 11:07 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-12 11:07 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-12 11:07 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-12 11:07 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-12 11:06 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-12 11:06 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-12 11:06 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-12 11:06 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-12 11:06 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-12 11:06 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-12 11:06 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-12 11:06 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-12 11:06 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-12 11:06 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-04 11:29 - 2016-08-04 11:29 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345175312.html
2016-08-04 11:29 - 2016-08-04 11:29 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345174531.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345144421.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345144281.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345143421.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345143296.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345139546.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345139421.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345127828.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345127703.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345126234.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345126125.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\EN_345116515.html
2016-08-04 11:28 - 2016-08-04 11:28 - 00000003 _____ C:\WINDOWS\SysWOW64\en_345116312.html
2016-08-02 21:58 - 2016-08-02 14:22 - 00083312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-29 22:39 - 2015-08-07 09:17 - 00000000 __SHD C:\Users\Elen\IntelGraphicsProfiles
2016-08-29 22:39 - 2014-11-18 10:52 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-29 22:38 - 2015-12-13 16:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-29 22:38 - 2015-12-13 16:39 - 00000000 ____D C:\Users\Elen
2016-08-29 22:38 - 2015-12-13 16:35 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-29 22:38 - 2014-12-21 18:05 - 00000000 ____D C:\ProgramData\Synaptics
2016-08-29 21:43 - 2014-11-18 10:52 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-29 21:25 - 2014-11-18 10:43 - 00000000 ____D C:\Users\Elen\AppData\Local\Packages
2016-08-29 21:05 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-08-29 21:01 - 2016-03-29 22:38 - 00000000 ____D C:\WINDOWS\system32\log
2016-08-29 18:46 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-29 18:45 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-29 18:32 - 2014-11-20 21:26 - 00000000 __RDO C:\Users\Elen\OneDrive
2016-08-29 16:59 - 2016-02-17 00:18 - 00000000 ____D C:\Program Files (x86)\MixVideoPlayer
2016-08-29 16:29 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-29 16:12 - 2015-07-17 16:39 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-08-29 16:11 - 2013-12-06 13:11 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-29 16:10 - 2013-12-06 13:11 - 00000000 ____D C:\ProgramData\Adobe
2016-08-29 14:03 - 2014-12-22 18:55 - 00002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-29 14:03 - 2014-11-18 10:53 - 00002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-29 14:03 - 2014-11-18 10:53 - 00002174 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-28 21:06 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-28 21:04 - 2016-07-15 09:45 - 00003998 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1468568750
2016-08-28 21:04 - 2016-07-15 09:45 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-28 21:02 - 2014-11-23 20:51 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-08-28 21:01 - 2016-07-14 22:06 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00969560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-08-28 21:01 - 2014-11-23 20:51 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-08-28 11:26 - 2015-10-30 20:31 - 00751272 _____ C:\WINDOWS\system32\perfh005.dat
2016-08-28 11:26 - 2015-10-30 20:31 - 00150860 _____ C:\WINDOWS\system32\perfc005.dat
2016-08-28 11:26 - 2015-08-06 22:38 - 01771468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-26 18:20 - 2015-08-07 09:21 - 00002395 _____ C:\Users\Elen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-25 14:33 - 2016-01-03 12:59 - 00000000 ____D C:\WINDOWS\Minidump
2016-08-25 12:18 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-25 12:16 - 2014-11-17 19:17 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-08-24 17:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-24 16:55 - 2014-11-17 23:57 - 00000000 ____D C:\Users\Elen\AppData\Roaming\vlc
2016-08-24 14:16 - 2013-12-06 13:11 - 839110656 ___SH C:\WINDOWS\lenovo_fastboot.img
2016-08-12 16:31 - 2014-11-18 10:25 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-12 16:08 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-08-12 15:25 - 2015-10-30 20:35 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-12 15:25 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-12 15:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-12 14:39 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-12 14:38 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-12 14:38 - 2014-11-20 13:07 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-12 12:02 - 2014-11-20 13:07 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-04 11:28 - 2016-07-25 15:17 - 00000000 ____D C:\WINDOWS\SysWOW64\_SSpm
==================== Files in the root of some directories =======
2016-06-29 07:10 - 2016-07-29 10:37 - 2964374 _____ (Update) C:\Program Files (x86)\SSFK.exe
2014-11-18 10:44 - 2014-12-09 22:47 - 0008280 _____ () C:\Users\Elen\AppData\Roaming\AbsoluteReminder.xml
2014-11-17 23:55 - 2014-12-07 18:41 - 0004608 _____ () C:\Users\Elen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-18 10:44 - 2014-11-23 21:32 - 0000377 _____ () C:\Users\Elen\AppData\Local\RegisteredPackageInformation.xml
2016-05-17 13:27 - 2016-05-17 13:27 - 0000000 _____ () C:\Users\Elen\AppData\Local\{5D225686-919B-4288-8D6F-410BBB3D6DAD}
2015-12-13 16:36 - 2015-12-13 16:36 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-06 13:15 - 2013-12-06 13:15 - 0000107 _____ () C:\ProgramData\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}.log
2013-12-06 13:12 - 2013-12-06 13:13 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2013-12-06 13:13 - 2013-12-06 13:14 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2013-12-06 13:14 - 2013-12-06 13:15 - 0000115 _____ () C:\ProgramData\{D6E853EC-8960-4D44-AF03-7361BB93227C}.log
Some files in TEMP:
====================
C:\Users\Elen\AppData\Local\Temp\libeay32.dll
C:\Users\Elen\AppData\Local\Temp\msvcr120.dll
C:\Users\Elen\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-24 17:03
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zavirované pc
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {7246a63c-2f04-11e6-bee0-c45444015bc3} - "E:\Lenovo_Suite.exe"
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {7c29a45f-6dd4-11e6-bef3-8056f2eedc96} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {891449b4-0413-11e6-bed5-c45444015bc3} - "E:\autorun.exe"
HKU\S-1-5-21-320534150-331334849-3461560898-1001\...\MountPoints2: {9a8ebfb2-6076-11e5-bea9-8056f2eedc96} - "E:\Lenovo_Suite.exe"
GroupPolicy: Restriction - Chrome <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-320534150-331334849-3461560898-1001 -> {A9EAE5EF-3906-42E0-BD9F-CAC89E0B5D5C} URL =
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
CHR HomePage: Default -> search.mpc.am
CHR StartupUrls: Default -> "search.mpc.am"
CHR DefaultSearchURL: Default -> hxxp://www.yessearches.com/chrome.php?q={searc ... &mode=nnnb
CHR DefaultSearchKeyword: Default -> yessearches
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\Users\Elen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\ProgramData\DP45977C.lfl
C:\Users\Elen\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?