﻿Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-06-2016
Ran by ABC (administrator) on ABC-PC (28-06-2016 19:12:11)
Running from C:\Users\ABC\Downloads
Loaded Profiles: ABC (Available Profiles: ABC & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
() C:\Windows\System32\PnkBstrA.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AMD) C:\Windows\System32\atieclxx.exe
(WiseCleaner.com) C:\Program Files\Wise\Wise Care 365\WiseTray.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Users\ABC\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(© 2015 Microsoft Corporation) C:\Users\ABC\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Valve Corporation) C:\Program Files\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12205784 2015-05-09] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-19] (Avast Software s.r.o.)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\ABC\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\ABC\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\...\Run: [Spybot-S&D Cleaning] => "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\...\Run: [GoogleChromeAutoLaunch_A3A4144559D1A55A71A7CC6E224D867A] => C:\Program Files\Google\Chrome\Application\chrome.exe [941720 2016-06-15] (Google Inc.)
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [2917456 2016-06-15] (Valve Corporation)
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [50377336 2015-12-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\...\Run: [BingSvc] => C:\Users\ABC\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-12-17] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-03-15] (Avast Software s.r.o.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.8.136.1 192.168.0.1
Tcpip\..\Interfaces\{c802e849-1b2a-4e7a-9e62-2889e858174c}: [DhcpNameServer] 10.8.136.1 192.168.0.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130855672909430000&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1437389151&z=ac166f60ba0f8eaf4337522gczdc9m5c8b0t6g8e1b&from=cor&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5226499364993
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=dspp&ts=1437389151&z=ac166f60ba0f8eaf4337522gczdc9m5c8b0t6g8e1b&from=cor&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5226499364993&q={searchTerms}
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1437389151&z=ac166f60ba0f8eaf4337522gczdc9m5c8b0t6g8e1b&from=cor&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5226499364993
HKU\S-1-5-21-3526979387-1406197252-2348586671-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1437389151&z=ac166f60ba0f8eaf4337522gczdc9m5c8b0t6g8e1b&from=cor&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5226499364993&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3526979387-1406197252-2348586671-1000 -> OldSearch URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5226499364993&ts=1437389176&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3526979387-1406197252-2348586671-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5226499364993&ts=1437389176&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3526979387-1406197252-2348586671-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3526979387-1406197252-2348586671-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5226499364993&ts=1437389176&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3526979387-1406197252-2348586671-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5226499364993&ts=1437389176&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3526979387-1406197252-2348586671-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.istartsurf.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=WDCXWD5000AADS-00M2B0_WD-WCAV5226499364993&ts=1437389176&type=default&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-15] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-23] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\ABC\AppData\Roaming\Mozilla\Firefox\Profiles\fmrkq1sh.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @Nero.com/KM -> C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2011-12-02] (Nero AG)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3526979387-1406197252-2348586671-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ABC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3526979387-1406197252-2348586671-1000: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-28] [not signed]

Chrome: 
=======
CHR Profile: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-27]
CHR Extension: (Dokumenty Google) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-27]
CHR Extension: (Disk Google) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-27]
CHR Extension: (YouTube) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-27]
CHR Extension: (Tabulky Google) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-06-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-27]
CHR Extension: (Gmail) - C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-27]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-15] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3205216 2015-03-15] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
U2 iprip; C:\WINDOWS\System32\iprip.dll [31232 2016-05-02] (Microsoft Corporation)
S2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [687400 2011-11-25] (Nero AG)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-03-11] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24144 2015-03-15] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [73440 2015-03-15] (Avast Software s.r.o.)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [81728 2015-03-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49904 2015-03-15] ()
S1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [788272 2015-03-15] (Avast Software s.r.o.)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [427480 2015-03-15] (Avast Software s.r.o.)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [106912 2015-03-15] (Avast Software s.r.o.)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [38984 2014-07-18] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [206976 2015-03-15] ()
R3 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2014-07-16] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [388848 2016-05-09] (Symantec Corporation)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-05-02] (REALiX(tm))
R0 PxHelp20; C:\WINDOWS\System32\DRIVERS\PxHelp20.sys [20016 2003-10-28] (Sonic Solutions) [File not signed]
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 SSMO4Filter; C:\WINDOWS\system32\drivers\MO4Driver.sys [16896 2011-07-27] (Sagatek Co. Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220240 2015-03-15] (Avast Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-28 18:41 - 2016-06-28 18:41 - 03703360 _____ C:\Users\ABC\Downloads\adwcleaner_5.200.exe
2016-06-28 17:52 - 2016-06-28 19:12 - 00017969 _____ C:\Users\ABC\Downloads\FRST.txt
2016-06-28 17:52 - 2016-06-28 19:12 - 00000000 ___DC C:\FRST
2016-06-28 17:51 - 2016-06-28 17:51 - 01740288 _____ (Farbar) C:\Users\ABC\Downloads\FRST.exe
2016-06-28 17:14 - 2016-06-28 17:14 - 00000000 ____D C:\Users\ABC\AppData\Local\ActiveSync
2016-06-27 20:04 - 2016-06-28 18:45 - 00000000 ___DC C:\AdwCleaner
2016-06-27 19:51 - 2016-05-28 08:05 - 01232576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-27 19:51 - 2016-05-28 08:05 - 00042688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-27 19:51 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-27 19:51 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-27 19:51 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-27 19:51 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-27 19:51 - 2016-05-28 06:31 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-27 19:51 - 2016-05-28 06:23 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-27 19:51 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-27 19:51 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-27 19:51 - 2016-05-28 06:20 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-27 19:51 - 2016-05-28 06:18 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-27 19:51 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-27 19:51 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-27 19:51 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-27 19:51 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-27 19:51 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-27 19:51 - 2016-05-28 06:11 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-27 19:51 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-27 19:51 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-27 19:51 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-27 19:51 - 2016-05-28 06:03 - 01800704 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-27 19:51 - 2016-05-28 06:02 - 01896960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-27 19:51 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-27 19:50 - 2016-05-28 08:05 - 00249536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-27 19:50 - 2016-05-28 08:05 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-27 19:50 - 2016-05-28 07:25 - 05797216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-27 19:50 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-27 19:50 - 2016-05-28 07:25 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2016-06-27 19:50 - 2016-05-28 07:25 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-27 19:50 - 2016-05-28 07:25 - 00173920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-27 19:50 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-27 19:50 - 2016-05-28 07:22 - 00317280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-27 19:50 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-27 19:50 - 2016-05-28 07:08 - 00260960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-27 19:50 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-27 19:50 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-27 19:50 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-27 19:50 - 2016-05-28 07:06 - 00613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-27 19:50 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-27 19:50 - 2016-05-28 07:04 - 00505136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-27 19:50 - 2016-05-28 07:04 - 00139616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-27 19:50 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-27 19:50 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-27 19:50 - 2016-05-28 06:57 - 01714528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-27 19:50 - 2016-05-28 06:57 - 01396592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-27 19:50 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-27 19:50 - 2016-05-28 06:57 - 00484192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-27 19:50 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-06-27 19:50 - 2016-05-28 06:31 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-27 19:50 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-27 19:50 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-27 19:50 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-27 19:50 - 2016-05-28 06:22 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-27 19:50 - 2016-05-28 06:19 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-27 19:50 - 2016-05-28 06:18 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-27 19:50 - 2016-05-28 06:18 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-27 19:50 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-27 19:50 - 2016-05-28 06:17 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-27 19:50 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-27 19:50 - 2016-05-28 06:16 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-27 19:50 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-27 19:50 - 2016-05-28 06:15 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-27 19:50 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-27 19:50 - 2016-05-28 06:14 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-27 19:50 - 2016-05-28 06:14 - 00309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-27 19:50 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-27 19:50 - 2016-05-28 06:14 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-27 19:50 - 2016-05-28 06:13 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-27 19:50 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-27 19:50 - 2016-05-28 06:13 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-27 19:50 - 2016-05-28 06:13 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-27 19:50 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-27 19:50 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-27 19:50 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-27 19:50 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-27 19:50 - 2016-05-28 06:11 - 00740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-27 19:50 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-27 19:50 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-27 19:50 - 2016-05-28 06:11 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-27 19:50 - 2016-05-28 06:08 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-27 19:50 - 2016-05-28 06:06 - 03196928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-27 19:50 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-27 19:50 - 2016-05-28 06:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-27 19:50 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-27 19:50 - 2016-05-28 06:03 - 02974208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-27 19:50 - 2016-05-28 06:03 - 01733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-27 19:50 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-27 19:50 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-27 19:50 - 2016-05-28 06:01 - 02880512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-27 19:50 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-27 19:50 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-27 19:50 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-27 19:50 - 2016-05-28 06:01 - 01193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-27 19:50 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-27 19:50 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-27 19:50 - 2016-05-28 06:00 - 01900032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-27 19:50 - 2016-05-28 05:56 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-27 19:49 - 2016-05-28 08:05 - 00973504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-27 19:49 - 2016-05-28 08:05 - 00440512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-27 19:49 - 2016-05-28 07:25 - 00096096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-27 19:49 - 2016-05-28 07:18 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-27 19:49 - 2016-05-28 07:10 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-27 19:49 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-27 19:49 - 2016-05-28 07:08 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-27 19:49 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-27 19:49 - 2016-05-28 07:04 - 00111608 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-27 19:49 - 2016-05-28 06:25 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-27 19:49 - 2016-05-28 06:25 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-27 19:49 - 2016-05-28 06:24 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-27 19:49 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-27 19:49 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-27 19:49 - 2016-05-28 06:22 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-27 19:49 - 2016-05-28 06:20 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-27 19:49 - 2016-05-28 06:20 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-27 19:49 - 2016-05-28 06:20 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-27 19:49 - 2016-05-28 06:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-27 19:49 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-27 19:49 - 2016-05-28 06:19 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-27 19:49 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-27 19:49 - 2016-05-28 06:19 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-27 19:49 - 2016-05-28 06:18 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-27 19:49 - 2016-05-28 06:18 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-27 19:49 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-27 19:49 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-27 19:49 - 2016-05-28 06:17 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-27 19:49 - 2016-05-28 06:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-27 19:49 - 2016-05-28 06:17 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-27 19:49 - 2016-05-28 06:16 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-27 19:49 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-27 19:49 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-27 19:49 - 2016-05-28 06:15 - 00527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-27 19:49 - 2016-05-28 06:15 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-27 19:49 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-27 19:49 - 2016-05-28 06:14 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-27 19:49 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-27 19:49 - 2016-05-28 06:12 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-27 19:49 - 2016-05-28 06:11 - 01152000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-27 19:49 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-27 19:49 - 2016-05-28 06:09 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-27 19:49 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-27 19:49 - 2016-05-28 06:03 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-27 19:49 - 2016-05-28 06:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-27 19:49 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-27 19:49 - 2016-05-28 06:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-27 19:49 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-27 19:49 - 2016-05-28 05:54 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-27 19:22 - 2016-06-27 19:22 - 00000000 ____D C:\Users\ABC\AppData\Local\Apps\CAcert Root Certificates
2016-06-27 18:18 - 2016-06-27 18:18 - 00000000 ____D C:\WINDOWS\Panther

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-28 18:57 - 2014-06-09 20:00 - 00000000 ____D C:\Users\ABC\AppData\Roaming\Seznam.cz
2016-06-28 18:54 - 2015-12-06 17:10 - 00000000 ____D C:\Program Files\Steam
2016-06-28 18:54 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-28 18:54 - 2014-07-16 10:43 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-06-28 18:53 - 2015-12-17 18:31 - 00000000 ____D C:\Users\ABC\AppData\Roaming\Skype
2016-06-28 18:52 - 2016-05-02 18:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-28 18:52 - 2016-05-02 18:03 - 00000000 ____D C:\Users\ABC
2016-06-28 18:52 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-06-28 18:52 - 2015-07-01 19:43 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-28 18:52 - 2014-11-06 23:04 - 00000394 _____ C:\WINDOWS\Tasks\Wise Care 365.job
2016-06-28 18:49 - 2016-05-02 18:20 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-28 18:49 - 2016-05-02 17:55 - 00224600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-28 18:49 - 2014-05-30 20:49 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-28 18:48 - 2015-10-30 07:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-28 18:47 - 2015-10-30 07:48 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-28 18:47 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-28 18:47 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-28 18:45 - 2015-07-20 12:45 - 00001317 _____ C:\Users\ABC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
2016-06-28 18:18 - 2015-07-16 10:41 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-28 17:56 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-27 20:03 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-27 20:03 - 2014-05-30 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-27 20:02 - 2014-04-28 18:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-27 19:56 - 2014-04-28 18:53 - 139785240 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-27 19:01 - 2015-07-01 19:44 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-27 19:01 - 2015-07-01 19:44 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-27 18:20 - 2016-05-02 18:47 - 00000000 ___DC C:\Windows.old
2016-06-27 18:18 - 2016-05-02 21:53 - 00000000 ____D C:\Users\ABC\AppData\Local\ElevatedDiagnostics
2016-06-14 20:33 - 2015-10-30 07:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 07:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-05-30 19:47 - 2016-05-02 18:01 - 02009590 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-30 19:47 - 2015-10-30 17:08 - 00833840 _____ C:\WINDOWS\system32\perfh005.dat
2016-05-30 19:47 - 2015-10-30 17:08 - 00186934 _____ C:\WINDOWS\system32\perfc005.dat
2016-05-30 19:45 - 2016-05-02 18:38 - 00002421 _____ C:\Users\ABC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-30 19:45 - 2016-05-02 18:38 - 00000000 ___RD C:\Users\ABC\OneDrive
2016-05-30 19:41 - 2015-12-17 18:30 - 00000000 ___RD C:\Program Files\Skype

==================== Files in the root of some directories =======

2016-02-11 19:06 - 2016-02-11 19:06 - 6871040 _____ () C:\Program Files\GUT500.tmp
2015-03-31 10:14 - 2015-06-01 15:38 - 0000385 _____ () C:\Users\ABC\AppData\Roaming\kMbfV6bf6gk4
2014-05-06 17:28 - 2014-05-06 17:32 - 0000858 _____ () C:\Users\ABC\AppData\Roaming\launcher_profiles.json
2015-03-31 10:14 - 2015-06-01 15:38 - 0000385 _____ () C:\Users\ABC\AppData\Roaming\NdZwoaUcnl7bZc8YsBJOy80Qk2
2014-04-24 19:42 - 2015-03-11 12:45 - 0138904 _____ () C:\Users\ABC\AppData\Roaming\PnkBstrK.sys
2015-06-23 20:33 - 2015-06-23 20:33 - 0000000 ___SH () C:\Users\ABC\AppData\Local\LumaEmu
2014-05-07 12:45 - 2014-05-07 12:45 - 0001080 _____ () C:\Users\ABC\AppData\Local\MRDownloader.nast
2015-06-17 14:53 - 2015-06-17 14:53 - 0008288 ____H () C:\Users\ABC\AppData\Local\Plugin.dat
2015-12-11 19:05 - 2015-12-11 19:46 - 0000906 _____ () C:\Users\ABC\AppData\Local\_settings.ini

Some files in TEMP:
====================
C:\Users\ABC\AppData\Local\Temp\libeay32.dll
C:\Users\ABC\AppData\Local\Temp\msvcr120.dll
C:\Users\ABC\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-06-27 18:18

==================== End of FRST.txt ============================