Pomalý start notebooku, polofunkční prohlížeč

Zpráva

azz · #1 Příspěvek od **azz** » 08 zář 2014 22:07

Dobrý den, začal mě nepěkně zlobit notebook po té, co si ho půjčily děti. Níže přikládám log.

ČÁST 1

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01
Ran by RosstaS (administrator) on ELITEBOOK on 08-09-2014 22:09:55
Running from C:\Users\RosstaS\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IFXTCS.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Infineon Technologies AG) C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
() C:\Program Files (x86)\Opera\24.0.1558.53\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\24.0.1558.53\opera.exe
(forum.viry.cz) C:\Users\RosstaS\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-24] (IDT, Inc.)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5581888 2014-02-24] (ESET)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2816240 2014-09-05] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2012-02-28] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [94264 2011-04-05] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company)
HKLM-x32\...\Run: [IFXSPMGT] => C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1126264 2014-09-04] (Infineon Technologies AG)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2014-09-05] (Intel Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-2787347549-780595570-36496752-1000\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [89600 2013-04-11] ()
HKU\S-1-5-21-2787347549-780595570-36496752-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-09-01] (Glarysoft Ltd)
HKU\S-1-5-21-2787347549-780595570-36496752-1000\...\MountPoints2: {13b31be2-345f-11e4-baa4-402cf415b16e} - H:\autorun.exe
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKCU - DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.113.44.11 195.113.0.2
Tcpip\..\Interfaces\{35CF0318-C97F-43EC-B91A-4BFB466DFBDE}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-09-04]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2014-09-04]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1343408 2014-02-24] (ESET)
S3 FLCDLOCK; C:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company)
R3 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R3 HPFSService; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [322048 2011-08-26] (Hewlett-Packard) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company)
R2 IFXSpMgtSrv; C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [1126264 2014-09-04] (Infineon Technologies AG)
R2 IFXTCS; C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [980856 2014-09-04] (Infineon Technologies AG)
R3 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
R2 PersonalSecureDriveService; C:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [203640 2014-09-04] (Infineon Technologies AG)
R3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-09-06] ()
R3 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-09-06] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-10-24] (IDT, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64312 2011-08-22] (Hewlett-Packard Company)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20672 2014-09-05] (Glarysoft Ltd)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2014-09-04] (Infineon Technologies AG)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2014-01-07] (Brother Industries Ltd.)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-09-05] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-09-04] ()
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 22:09 - 2014-09-08 22:11 - 00016879 _____ () C:\Users\RosstaS\Desktop\FRST.txt
2014-09-08 22:09 - 2014-09-08 22:10 - 00000000 ____D () C:\FRST
2014-09-08 22:08 - 2014-09-08 22:08 - 00112640 _____ (forum.viry.cz) C:\Users\RosstaS\Desktop\FRSTLauncher.exe
2014-09-08 22:07 - 2014-09-08 22:08 - 02105344 _____ (Farbar) C:\Users\RosstaS\Desktop\FRST64.exe
2014-09-08 21:37 - 2014-09-08 21:38 - 00001078 _____ () C:\Windows\system32dbgraw.bmp
2014-09-08 21:00 - 2014-09-08 20:51 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-08 20:52 - 2014-09-08 21:24 - 00005642 _____ () C:\zoek-results.log
2014-09-08 20:51 - 2014-09-08 20:59 - 00000000 ____D () C:\zoek_backup
2014-09-08 20:32 - 2014-09-08 20:32 - 01370467 _____ () C:\Users\RosstaS\Desktop\adwcleaner_3.309.exe
2014-09-08 20:23 - 2014-09-08 20:23 - 00000000 ____D () C:\Windows\ERUNT
2014-09-08 20:13 - 2014-09-08 20:13 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-08 20:12 - 2014-09-08 20:47 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-08 18:39 - 2014-09-08 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-08 18:38 - 2014-09-08 18:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-08 18:38 - 2014-09-08 18:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-08 18:34 - 2014-09-08 18:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-06 14:06 - 2014-09-06 14:10 - 00000000 ____D () C:\Users\RosstaS\Documents\ProjectReality
2014-09-06 14:05 - 2014-09-06 14:05 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-06 14:05 - 2014-09-06 14:05 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-09-06 14:05 - 2014-09-06 14:05 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-06 14:05 - 2013-07-25 04:52 - 00840264 _____ () C:\Windows\SysWOW64\pbsvc.exe
2014-09-06 14:05 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-09-06 14:05 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-09-06 14:04 - 2014-09-06 14:04 - 00001065 _____ () C:\Users\RosstaS\Desktop\Project Reality BF2.lnk
2014-09-06 14:04 - 2014-09-06 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Reality
2014-09-06 13:55 - 2014-09-01 22:25 - 02514289 ____N () C:\Users\RosstaS\Desktop\VID-20140901-WA0007.mp4
2014-09-06 13:55 - 2014-09-01 22:13 - 04790098 ____N () C:\Users\RosstaS\Desktop\VID-20140901-WA0003.mp4
2014-09-06 13:51 - 2014-09-06 13:51 - 00000939 _____ () C:\Users\RosstaS\Desktop\TotalCmd64 – zástupce.lnk
2014-09-06 13:50 - 2014-09-06 13:50 - 00000000 ____D () C:\Users\RosstaS\Documents\Poznámkové bloky aplikace OneNote
2014-09-06 13:21 - 2014-08-14 13:46 - 00000000 ____D () C:\Users\RosstaS\Desktop\KMSpico Portable
2014-09-05 14:55 - 2014-09-06 10:14 - 00000000 ____D () C:\Program Files (x86)\SavePass 1.1
2014-09-05 14:53 - 2014-09-08 21:37 - 00001342 _____ () C:\Windows\Tasks\IMJI.job
2014-09-05 14:53 - 2014-09-05 17:19 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Seznam.cz
2014-09-05 14:53 - 2014-09-05 14:53 - 00004374 _____ () C:\Windows\System32\Tasks\IMJI
2014-09-05 14:52 - 2014-09-08 21:37 - 00001344 _____ () C:\Windows\Tasks\XVCUH.job
2014-09-05 14:52 - 2014-09-05 14:52 - 00004376 _____ () C:\Windows\System32\Tasks\XVCUH
2014-09-05 13:41 - 2014-09-08 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-05 13:40 - 2014-09-05 13:40 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-09-05 13:39 - 2014-09-05 13:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-09-05 13:38 - 2014-09-05 13:39 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-09-05 12:07 - 2014-09-06 11:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\CrashDumps
2014-09-05 11:51 - 2014-09-08 21:38 - 00000336 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-09-05 11:51 - 2014-09-08 21:38 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-09-05 11:51 - 2014-09-05 11:51 - 00020672 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-09-05 11:51 - 2014-09-05 11:51 - 00002638 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-09-05 11:51 - 2014-09-05 11:51 - 00001088 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-09-05 11:51 - 2014-09-05 11:51 - 00001076 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-09-05 11:51 - 2014-09-05 11:51 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\GlarySoft
2014-09-05 11:51 - 2014-09-05 11:51 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\DiskDefrag
2014-09-05 11:51 - 2014-09-05 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-09-05 11:37 - 2014-09-05 11:43 - 2986233856 _____ () C:\Users\RosstaS\Downloads\prbf2_1.2.0.0_full.iso
2014-09-05 10:54 - 2014-09-05 10:54 - 00000000 ____D () C:\WINDOWS1
2014-09-05 10:54 - 2012-03-01 10:34 - 00000000 ____D () C:\Users\RosstaS\Desktop\Office.2010.Activation.Toolkit.and.EZ.Activator.2.2.3.download.debelea.com
2014-09-05 10:30 - 2014-09-05 10:40 - 1562450012 _____ () C:\Users\RosstaS\Downloads\Disconnect.2012.720p.BluRay.x264-ALLiANCE.mkv
2014-09-05 10:25 - 2014-09-05 10:36 - 00000000 ____D () C:\Users\RosstaS\Documents\Forgottenhp 2
2014-09-05 10:25 - 2014-09-05 10:26 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Forgotten_Hope
2014-09-05 10:25 - 2014-09-05 10:25 - 00000999 _____ () C:\Users\Public\Desktop\Forgotten Hope 2.lnk
2014-09-05 10:25 - 2014-09-05 10:25 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Forgotten Hope 2
2014-09-05 10:25 - 2014-09-05 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Forgotten Hope 2
2014-09-05 09:58 - 2014-09-05 09:59 - 00000000 ____D () C:\Users\RosstaS\Documents\Battlefield 2
2014-09-05 09:57 - 2014-09-05 09:57 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-05 09:26 - 2014-09-05 09:26 - 00001612 _____ () C:\Users\Public\Desktop\Play BF2 Online Now!.lnk
2014-09-05 09:26 - 2014-09-05 09:26 - 00001590 _____ () C:\Users\Public\Desktop\Battlefield 2.lnk
2014-09-05 09:24 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-09-05 09:24 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2014-09-05 09:24 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-09-05 09:24 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2014-09-05 09:17 - 2014-09-05 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2014-09-05 09:17 - 2014-09-05 09:17 - 00000000 ____D () C:\Hry
2014-09-05 09:09 - 2014-09-05 09:09 - 00000000 ____D () C:\Windows\AutoKMS
2014-09-05 08:37 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-09-05 08:37 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-09-05 08:37 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-09-05 08:37 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-09-05 08:37 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-09-05 08:37 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-09-05 08:37 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-09-05 08:37 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-09-05 08:26 - 2014-09-08 21:37 - 00000514 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-05 08:12 - 2014-09-05 08:12 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Intel Corporation
2014-09-05 08:00 - 2014-09-05 13:55 - 00000000 ____D () C:\Users\RosstaS\Downloads\Microsoft Toolkit 2.5.2 Official Torrent
2014-09-05 07:59 - 2014-06-25 04:06 - 14179328 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-05 07:59 - 2014-06-25 03:37 - 12877312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-05 07:40 - 2014-09-05 09:10 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-09-05 07:25 - 2014-09-05 07:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-05 07:25 - 2014-09-05 07:25 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-09-05 07:25 - 2014-09-05 07:25 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-09-05 07:21 - 2014-09-05 11:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-05 07:19 - 2014-09-05 07:19 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-09-05 07:19 - 2014-09-05 07:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-09-05 07:18 - 2014-09-05 13:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-05 01:45 - 2014-09-05 01:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-09-05 01:44 - 2014-09-05 01:44 - 00439320 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2014-09-05 01:44 - 2014-09-05 01:44 - 00000000 ____D () C:\Program Files\LSI SoftModem
2014-09-05 01:44 - 2014-09-05 01:43 - 00064000 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsmdel.exe
2014-09-05 01:44 - 2014-09-05 01:43 - 00027648 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsco64.dll
2014-09-05 01:44 - 2014-09-05 01:43 - 00026624 ____N (LSI Corporation) C:\Windows\SysWOW64\agrscoin.dll
2014-09-05 01:43 - 2014-09-05 01:43 - 01212416 _____ (LSI Corporation) C:\Windows\system32\Drivers\agrsm64.sys
2014-09-05 01:43 - 2014-09-05 01:43 - 00064000 _____ (LSI Corporation) C:\Windows\agrsmdel.exe
2014-09-05 01:43 - 2014-09-05 01:43 - 00042496 _____ (LSI Corporation) C:\Windows\agrdel64.exe
2014-09-05 01:43 - 2014-09-05 01:43 - 00027648 _____ (LSI Corporation) C:\Windows\system32\agrsco64.dll
2014-09-05 01:43 - 2014-09-05 01:43 - 00000000 ____D () C:\Windows\Options
2014-09-05 01:42 - 2014-09-05 01:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_AMPPAL_01009.Wdf
2014-09-05 01:41 - 2014-09-05 01:41 - 00000000 ____D () C:\Program Files\Intel
2014-09-05 01:40 - 2014-09-05 01:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-09-05 01:36 - 2014-09-05 01:36 - 11499008 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwsw00.sys
2014-09-05 01:36 - 2014-09-05 01:36 - 03381008 _____ (Intel Corporation) C:\Windows\system32\Netwrw00.dll
2014-09-05 01:36 - 2014-09-05 01:36 - 00885520 _____ (Intel Corporation) C:\Windows\system32\Netwcw00.dll
2014-09-05 01:35 - 2014-09-05 01:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-09-05 01:30 - 2014-09-05 01:30 - 00723184 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2014-09-05 01:30 - 2014-09-05 01:30 - 00555760 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2014-09-05 01:30 - 2014-09-05 01:30 - 00422640 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo19.dll
2014-09-05 01:30 - 2014-09-05 01:30 - 00400624 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2014-09-05 01:30 - 2014-09-05 01:30 - 00252144 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2014-09-05 01:30 - 2014-09-05 01:30 - 00169712 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCom.dll
2014-09-05 01:30 - 2014-09-05 01:30 - 00161880 _____ () C:\Windows\system32\pca-manta.bin
2014-09-05 01:30 - 2014-09-05 01:30 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-09-05 01:30 - 2014-09-05 01:30 - 00000092 _____ () C:\Windows\system32\calibration.bin
2014-09-05 00:43 - 2014-09-05 06:42 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\CodexisRPD
2014-09-05 00:43 - 2014-09-05 00:43 - 00001009 _____ () C:\Users\Public\Desktop\CODEXIS 6 ACADEMIA.lnk
2014-09-05 00:43 - 2014-09-05 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CODEXIS 6 ACADEMIA
2014-09-04 23:49 - 2014-09-04 23:49 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-09-04 23:43 - 2014-09-05 00:42 - 00000000 ____D () C:\ATLAS Consulting
2014-09-04 23:43 - 2014-09-04 23:43 - 02421760 _____ (ATLAS consulting spol. s r.o.) C:\Users\RosstaS\Downloads\DataAsistentACAD6.exe
2014-09-04 23:39 - 2014-09-05 13:38 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-04 23:37 - 2014-09-04 23:37 - 00000000 __RHD () C:\MSOCache
2014-09-04 23:32 - 2014-09-04 23:32 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Microsoft Help
2014-09-04 23:31 - 2014-09-08 19:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-04 23:15 - 2014-09-04 23:15 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-09-04 23:14 - 2014-09-04 23:14 - 01939048 _____ (emc) C:\Users\RosstaS\Downloads\uTorrent221.exe
2014-09-04 23:05 - 2014-09-04 23:05 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\VitySoft
2014-09-04 23:05 - 2014-09-04 23:05 - 00000000 ____D () C:\Users\RosstaS\.objectdb
2014-09-04 22:50 - 2014-09-08 21:29 - 00000000 ____D () C:\ProgramData\Binarysense
2014-09-04 22:45 - 2014-09-08 21:37 - 00001338 _____ () C:\Windows\Tasks\SI.job
2014-09-04 22:45 - 2014-09-04 22:45 - 00004370 _____ () C:\Windows\System32\Tasks\SI
2014-09-04 22:44 - 2014-09-04 22:44 - 00003384 _____ () C:\Windows\System32\Tasks\BUITJI
2014-09-04 22:44 - 2014-09-04 22:44 - 00001346 _____ () C:\Windows\Tasks\BUITJI.job
2014-09-04 22:18 - 2014-09-04 22:18 - 00001246 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2014-09-04 22:17 - 2014-09-04 22:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-09-04 22:17 - 2014-09-04 22:17 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-09-04 22:06 - 2014-09-04 22:06 - 00001763 _____ () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-09-04 22:06 - 2014-09-04 22:06 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Spotify
2014-09-04 22:05 - 2014-09-04 22:21 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Spotify
2014-09-04 22:04 - 2014-09-04 22:04 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\IDT
2014-09-04 22:04 - 2014-09-04 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-04 22:04 - 2014-09-04 22:03 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-04 22:04 - 2014-09-04 22:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-04 22:04 - 2014-09-04 22:03 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-04 22:04 - 2014-09-04 22:03 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-04 22:03 - 2014-09-04 22:03 - 00000000 ____D () C:\Program Files\Java
2014-09-04 22:00 - 2014-09-08 22:08 - 00000000 ____D () C:\!Download
2014-09-04 21:59 - 2014-09-04 21:59 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\GHISLER
2014-09-04 21:55 - 2014-09-04 21:58 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Zoner
2014-09-04 21:55 - 2014-09-04 21:55 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Zoner
2014-09-04 21:53 - 2014-09-04 21:53 - 00001878 _____ () C:\Users\Public\Desktop\Zoner Photo Studio 16 x64.lnk
2014-09-04 21:53 - 2014-09-04 21:53 - 00000000 ____D () C:\ProgramData\Zoner
2014-09-04 21:53 - 2014-09-04 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 16
2014-09-04 21:52 - 2014-09-04 21:52 - 00000000 ____D () C:\Program Files\Zoner
2014-09-04 21:51 - 2014-09-04 21:51 - 60243680 _____ (ZONER software ) C:\Users\RosstaS\Downloads\zps16_cz.exe
2014-09-04 21:28 - 2014-09-04 21:56 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Microsoft Games
2014-09-04 21:27 - 2014-09-04 21:27 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-09-04 21:18 - 2014-09-05 10:43 - 00000000 ____D () C:\Users\RosstaS\Documents\StrongDC++
2014-09-04 21:18 - 2014-09-04 21:18 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StrongDC++
2014-09-04 21:18 - 2014-09-04 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StrongDC++
2014-09-04 21:18 - 2014-09-04 21:18 - 00000000 ____D () C:\Program Files\StrongDC++
2014-09-04 21:07 - 2014-09-04 22:51 - 535610644 _____ () C:\Users\RosstaS\Downloads\cs_office_professional_plus_2013_x64_dvd_1382239.iso
2014-09-04 21:02 - 2014-09-08 19:14 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Skype
2014-09-04 21:02 - 2014-09-04 21:02 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-04 21:02 - 2014-09-04 21:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-04 21:02 - 2014-09-04 21:02 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Skype
2014-09-04 21:02 - 2014-09-04 21:02 - 00000000 ____D () C:\ProgramData\Skype
2014-09-04 21:02 - 2014-09-04 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-04 20:56 - 2014-09-04 20:56 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\ESET
2014-09-04 20:56 - 2014-09-04 20:56 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\ESET
2014-09-04 20:54 - 2014-09-04 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-09-04 20:54 - 2014-09-04 20:54 - 00000000 ____D () C:\ProgramData\ESET
2014-09-04 20:54 - 2014-09-04 20:54 - 00000000 ____D () C:\Program Files\ESET
2014-09-04 20:49 - 2014-09-04 20:49 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\GHISLER
2014-09-04 20:49 - 2014-09-04 20:49 - 00000000 ____D () C:\totalcmd
2014-09-04 20:47 - 2014-09-04 20:47 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\WinRAR
2014-09-04 20:46 - 2014-09-04 20:46 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-04 20:46 - 2014-09-04 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-04 20:46 - 2014-09-04 20:46 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-09-04 20:45 - 2014-09-04 20:45 - 01785512 _____ () C:\Users\RosstaS\Downloads\wrar500cz.exe
2014-09-04 20:15 - 2014-09-04 20:15 - 00000000 ____D () C:\ProgramData\DigitalPersona
2014-09-04 19:54 - 2014-09-04 19:54 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Infineon
2014-09-04 19:54 - 2014-09-04 19:54 - 00000000 ____D () C:\ProgramData\Infineon
2014-09-04 19:52 - 2014-09-04 19:52 - 00511328 ____R (Microsoft Corporation) C:\Windows\SysWOW64\capicom.dll
2014-09-04 19:52 - 2014-09-04 19:52 - 00123256 _____ (Infineon Technologies AG) C:\Windows\system32\IfxTpmKsp.dll
2014-09-04 19:52 - 2014-09-04 19:52 - 00090488 _____ (Infineon Technologies AG) C:\Windows\SysWOW64\IfxTpmKsp.dll
2014-09-04 19:52 - 2014-09-04 19:52 - 00044576 _____ (Infineon Technologies AG) C:\Windows\system32\Drivers\psd.sys
2014-09-04 19:51 - 2014-09-04 19:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_HpqKbFiltr_01009.Wdf
2014-09-04 19:50 - 2014-09-04 19:50 - 00000000 ____D () C:\Users\RosstaS\Documents\Složka Bluetooth Exchange
2014-09-04 19:50 - 2014-09-04 19:50 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Broadcom
2014-09-04 19:49 - 2014-09-04 19:45 - 00594472 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2014-09-04 19:47 - 2014-09-04 19:45 - 00210984 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2014-09-04 19:47 - 2014-09-04 19:45 - 00184872 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2014-09-04 19:47 - 2014-09-04 19:45 - 00039976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2014-09-04 19:47 - 2014-09-04 19:45 - 00021544 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2014-09-04 19:46 - 2014-09-04 19:46 - 00000000 ____D () C:\Program Files\WIDCOMM
2014-09-04 19:42 - 2014-09-04 19:44 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-09-04 19:39 - 2014-09-04 19:39 - 00002355 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Theft Recovery.lnk
2014-09-04 19:37 - 2014-09-04 19:38 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Downloaded Installations
2014-09-04 19:30 - 2014-09-04 19:30 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\103C_HP_bNB_EliteBook 8460p_Y5336AN_0U_QCZC1479502_EU_4A_I161C_SHP_V97.4C_B68SCF F.28_T120917_W71-1_L405_M4047_J750_7Intel_86A7_92.50_#140904_N80861502_(SN188UC)_XMOBILE_CN10_Z_2A0001C02_G10026760.MRK
2014-09-04 19:30 - 2014-09-04 19:30 - 00000000 __RSH () C:\Windows\system32\Drivers\103C_HP_bNB_EliteBook 8460p_Y5336AN_0U_QCZC1479502_EU_4A_I161C_SHP_V97.4C_B68SCF F.28_T120917_W71-1_L405_M4047_J750_7Intel_86A7_92.50_#140904_N80861502_(SN188UC)_XMOBILE_CN10_Z_2A0001C02_G10026760.MRK
2014-09-04 19:30 - 2014-09-04 19:30 - 00000000 ____D () C:\system.sav
2014-09-04 19:30 - 2014-09-04 19:30 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-04 19:28 - 2014-09-04 19:28 - 00000248 _____ () C:\Windows\hbcikrnl.ini
2014-09-04 19:28 - 2014-09-04 19:28 - 00000000 ____D () C:\ProgramData\SZCCID
2014-09-04 19:28 - 2014-09-04 19:28 - 00000000 ____D () C:\Program Files (x86)\AlcorMicroData
2014-09-04 19:28 - 2014-09-04 19:28 - 00000000 ____D () C:\Program Files (x86)\AlcorMicro
2014-09-04 19:27 - 2014-09-04 19:27 - 01045776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJET35.DLL
2014-09-04 19:27 - 2014-09-04 19:27 - 00368912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBAR332.DLL
2014-09-04 19:27 - 2014-09-04 19:27 - 00252176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSRD2X35.DLL
2014-09-04 19:27 - 2014-09-04 19:27 - 00123664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJINT35.DLL
2014-09-04 19:27 - 2014-09-04 19:27 - 00024848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJTER35.DLL
2014-09-04 18:56 - 2014-09-04 19:55 - 00000000 ____D () C:\ProgramData\HP
2014-09-04 18:44 - 2014-09-04 18:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01011.Wdf
2014-09-04 18:43 - 2014-09-04 18:43 - 00000000 ____D () C:\ProgramData\Validity
2014-09-04 18:43 - 2014-09-04 18:43 - 00000000 ____D () C:\Program Files\Validity Sensors
2014-09-04 18:33 - 2014-09-04 18:33 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\DigitalPersona
2014-09-04 18:33 - 2014-09-04 18:33 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\DigitalPersona
2014-09-04 18:30 - 2014-09-04 18:34 - 00000000 ____D () C:\ProgramData\HPQLOG
2014-09-04 18:28 - 2014-09-08 16:50 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\vlc
2014-09-04 18:28 - 2014-09-04 19:44 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-09-04 18:28 - 2014-09-04 18:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Macrovision
2014-09-04 18:28 - 2014-09-04 18:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\FLEXnet
2014-09-04 18:28 - 2014-09-04 18:28 - 00000000 ____D () C:\ProgramData\Macrovision
2014-09-04 18:26 - 2014-09-04 19:44 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-09-04 18:26 - 2014-09-04 18:28 - 00000000 ____D () C:\Windows\system32\zh-Hant
2014-09-04 18:26 - 2014-09-04 18:28 - 00000000 ____D () C:\Windows\system32\zh-Hans
2014-09-04 18:26 - 2014-09-04 18:28 - 00000000 ____D () C:\Windows\system32\ru
2014-09-04 18:26 - 2014-09-04 18:28 - 00000000 ____D () C:\Windows\system32\ko
2014-09-04 18:26 - 2014-09-04 18:28 - 00000000 ____D () C:\Windows\system32\ja
2014-09-04 18:26 - 2014-09-04 18:28 - 00000000 ____D () C:\Windows\system32\it
2014-09-04 18:26 - 2014-09-04 18:28 - 00000000 ____D () C:\Windows\system32\fr
2014-09-04 18:26 - 2014-09-04 18:28 - 00000000 ____D () C:\Windows\system32\es
2014-09-04 18:26 - 2014-09-04 18:27 - 00000000 ____D () C:\Windows\SysWOW64\zh-Hant
2014-09-04 18:26 - 2014-09-04 18:27 - 00000000 ____D () C:\Windows\SysWOW64\zh-Hans
2014-09-04 18:26 - 2014-09-04 18:27 - 00000000 ____D () C:\Windows\SysWOW64\ru
2014-09-04 18:26 - 2014-09-04 18:27 - 00000000 ____D () C:\Windows\SysWOW64\ko
2014-09-04 18:26 - 2014-09-04 18:27 - 00000000 ____D () C:\Windows\SysWOW64\ja
2014-09-04 18:26 - 2014-09-04 18:27 - 00000000 ____D () C:\Windows\SysWOW64\it
2014-09-04 18:26 - 2014-09-04 18:27 - 00000000 ____D () C:\Windows\SysWOW64\fr
2014-09-04 18:26 - 2014-09-04 18:27 - 00000000 ____D () C:\Windows\SysWOW64\es
2014-09-04 18:26 - 2014-09-04 18:27 - 00000000 ____D () C:\Windows\SysWOW64\de
2014-09-04 18:26 - 2014-09-04 18:27 - 00000000 ____D () C:\Windows\system32\de
2014-09-04 18:26 - 2014-09-04 18:26 - 00001062 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-04 18:26 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\DPDrv
2014-09-04 18:26 - 2014-09-04 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-04 18:26 - 2014-09-04 18:26 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-09-04 18:25 - 2014-09-04 18:25 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-04 18:24 - 2014-09-04 18:24 - 24743106 _____ () C:\Users\RosstaS\Downloads\vlc-2.1.5-win32.exe
2014-09-04 06:58 - 2014-09-05 11:53 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-04 06:58 - 2014-09-04 06:58 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-04 06:58 - 2014-09-04 06:58 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-04 06:52 - 2014-09-04 06:53 - 04901352 _____ (Piriform Ltd) C:\Users\RosstaS\Downloads\ccsetup417.exe
2014-09-04 06:51 - 2014-09-04 06:53 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Foxit Software
2014-09-04 06:50 - 2014-09-04 06:50 - 00001354 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-09-04 06:50 - 2014-09-04 06:50 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-09-04 06:49 - 2014-09-04 06:49 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-09-03 23:05 - 2014-09-05 08:34 - 00000000 ____D () C:\Windows\pss
2014-09-03 23:01 - 2014-09-03 23:01 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Synaptics
2014-09-03 22:31 - 2014-09-03 22:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-03 22:31 - 2014-07-31 23:41 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-03 22:30 - 2014-09-04 20:16 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-09-03 22:28 - 2014-09-03 22:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Macromedia
2014-09-03 22:27 - 2014-09-08 21:57 - 00003854 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-03 22:27 - 2014-09-08 21:57 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-03 22:27 - 2014-09-03 22:27 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-03 22:27 - 2014-09-03 22:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-03 22:26 - 2014-09-03 22:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Adobe
2014-09-03 22:26 - 2014-09-03 22:26 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-03 22:26 - 2014-09-03 22:26 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-03 22:26 - 2010-02-23 10:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-09-03 22:18 - 2014-09-04 19:55 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\BatteryBar
2014-09-03 22:18 - 2014-09-03 22:20 - 00000000 ____D () C:\Program Files\BatteryBar
2014-09-03 22:15 - 2014-09-04 19:53 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-09-03 22:15 - 2014-09-04 19:44 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Hewlett-Packard
2014-09-03 22:15 - 2014-09-03 22:15 - 01270598 _____ () C:\Users\RosstaS\Downloads\BatteryBarSetup-3.5.4.exe
2014-09-03 22:08 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-09-03 22:08 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-09-03 22:08 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-09-03 22:08 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-09-03 22:08 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-09-03 22:08 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-09-03 22:07 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-09-03 22:07 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-09-03 22:06 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-03 22:06 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-03 22:06 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-03 22:06 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-03 22:06 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-03 22:06 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-03 22:06 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-03 22:06 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-03 22:06 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-03 22:06 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-03 22:06 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-03 22:06 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-03 22:06 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-03 22:06 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-03 22:06 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-03 22:06 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-03 22:06 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-03 22:06 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-03 22:06 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-03 22:06 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-03 22:06 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-03 22:06 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-03 22:06 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-03 22:06 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-03 22:06 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-03 22:06 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-03 22:06 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-03 22:06 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-03 22:06 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-03 22:06 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-03 22:06 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-03 22:06 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-03 22:06 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-03 22:06 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-03 22:06 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-03 22:06 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-03 22:06 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-03 22:06 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-03 22:06 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-03 22:06 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-03 22:06 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-03 22:06 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-03 22:06 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-03 22:06 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-03 22:06 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-03 22:06 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-03 22:06 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-03 22:06 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-03 22:06 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-03 22:06 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-03 22:06 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-03 22:06 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-03 22:06 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-03 22:06 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-03 22:06 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-03 22:06 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-03 22:06 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-03 22:06 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-03 22:06 - 2014-05-30 08:41 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-03 22:05 - 2014-06-05 16:44 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-03 22:05 - 2014-06-05 16:44 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-09-03 22:05 - 2014-06-05 16:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-03 22:05 - 2014-06-05 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-09-03 22:05 - 2014-06-05 16:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-03 22:05 - 2014-06-05 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-03 22:05 - 2014-06-05 16:15 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-03 22:05 - 2014-04-12 04:34 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-03 22:05 - 2014-04-12 04:34 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-09-03 22:05 - 2014-04-12 04:32 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-09-03 22:05 - 2014-04-12 04:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-09-03 22:05 - 2014-04-12 04:32 - 00307712 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-03 22:05 - 2014-04-12 04:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-09-03 22:05 - 2014-04-12 04:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-09-03 22:05 - 2014-04-12 04:32 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-09-03 22:05 - 2014-04-12 04:32 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-09-03 22:05 - 2014-04-12 04:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-09-03 22:05 - 2014-04-12 04:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-09-03 22:05 - 2014-04-12 04:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-09-03 22:05 - 2014-04-12 04:31 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-09-03 22:05 - 2014-04-12 04:31 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-09-03 22:05 - 2014-04-12 04:31 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-09-03 22:05 - 2014-04-12 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2014-09-03 22:05 - 2014-04-12 04:31 - 00058368 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-09-03 22:05 - 2014-04-12 04:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-09-03 22:05 - 2014-04-12 04:31 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-09-03 22:05 - 2014-04-12 04:31 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-09-03 22:05 - 2014-04-12 04:31 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-09-03 22:05 - 2014-04-12 04:30 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2014-09-03 22:05 - 2014-04-12 04:29 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:06 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-09-03 22:05 - 2014-04-12 04:06 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-09-03 22:05 - 2014-04-12 04:06 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2014-09-03 22:05 - 2014-04-12 04:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-09-03 22:05 - 2014-04-12 04:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-09-03 22:05 - 2014-04-12 04:05 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-09-03 22:05 - 2014-04-12 04:05 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-09-03 22:05 - 2014-04-12 04:04 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-09-03 22:05 - 2014-04-12 04:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00685056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 04:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 03:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-09-03 22:05 - 2014-04-12 03:03 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-09-03 22:05 - 2014-04-12 03:03 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-09-03 22:05 - 2014-04-12 03:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 03:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 03:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-09-03 22:05 - 2014-04-12 03:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-09-03 22:05 - 2014-03-04 13:11 - 05553088 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-03 22:05 - 2014-03-04 13:08 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-03 22:05 - 2014-03-04 13:08 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-09-03 22:05 - 2014-03-04 13:08 - 00315904 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-03 22:05 - 2014-03-04 13:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-03 22:05 - 2014-03-04 13:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-03 22:05 - 2014-03-04 13:08 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-09-03 22:05 - 2014-03-04 13:08 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-09-03 22:05 - 2014-03-04 13:08 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-09-03 22:05 - 2014-03-04 13:08 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-09-03 22:05 - 2014-03-04 13:08 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-09-03 22:05 - 2014-03-04 13:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-09-03 22:05 - 2014-03-04 13:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-03 22:05 - 2014-03-04 12:42 - 03974080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-09-03 22:05 - 2014-03-04 12:42 - 03918784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-09-03 22:05 - 2014-03-04 12:39 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-03 22:05 - 2014-03-04 12:39 - 00260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-09-03 22:05 - 2014-03-04 12:39 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-09-03 22:05 - 2014-03-04 12:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-09-03 22:05 - 2014-03-04 12:39 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-09-03 22:05 - 2014-03-04 12:39 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-09-03 22:05 - 2014-03-04 12:39 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-09-03 22:05 - 2014-03-04 12:39 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-09-03 22:05 - 2014-03-04 12:39 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-09-03 22:05 - 2014-03-04 12:39 - 00038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-09-03 22:05 - 2014-03-04 12:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-09-03 22:05 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-09-03 22:05 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-09-03 22:04 - 2014-08-23 04:10 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-03 22:04 - 2014-08-23 03:45 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-03 22:04 - 2014-08-23 02:59 - 03166720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-03 22:04 - 2014-07-16 05:22 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-03 22:04 - 2014-07-16 04:55 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-03 22:04 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-03 22:04 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-03 22:04 - 2014-06-03 04:42 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-03 22:04 - 2014-06-03 04:42 - 01942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-03 22:04 - 2014-06-03 04:42 - 00112576 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-03 22:04 - 2014-06-03 04:13 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-03 22:04 - 2014-06-03 04:13 - 01806336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-03 22:04 - 2014-04-25 04:27 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-03 22:04 - 2014-04-25 03:58 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-09-03 22:04 - 2014-04-05 04:37 - 01897408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-03 22:04 - 2014-04-05 04:37 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-09-03 22:04 - 2014-04-05 04:37 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-03 22:03 - 2014-06-12 09:52 - 00986560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-03 22:03 - 2014-06-06 12:22 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-03 22:03 - 2014-06-06 11:43 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-03 22:03 - 2014-05-08 11:36 - 01112064 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-03 22:03 - 2014-03-26 04:39 - 02001920 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-03 22:03 - 2014-03-26 04:39 - 01881088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-03 22:03 - 2014-03-26 04:36 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-03 22:03 - 2014-03-26 04:36 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-03 22:03 - 2014-03-26 04:13 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-03 22:03 - 2014-03-26 04:13 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-03 22:03 - 2014-03-26 04:10 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-09-03 22:03 - 2014-03-26 04:10 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-09-03 22:03 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-09-03 22:03 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-09-03 21:55 - 2014-09-04 18:33 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-09-03 21:55 - 2014-09-03 21:55 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\SlimWare Utilities Inc
2014-09-03 21:54 - 2014-09-03 21:54 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-09-03 21:52 - 2014-09-03 23:07 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409773940
2014-09-03 21:52 - 2014-09-03 23:07 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-03 21:52 - 2014-09-03 21:52 - 00001125 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-09-03 21:52 - 2014-09-03 21:52 - 00001125 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-09-03 21:52 - 2014-09-03 21:52 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Opera Software
2014-09-03 21:52 - 2014-09-03 21:52 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Opera Software
2014-09-03 21:49 - 2014-07-14 03:52 - 01215488 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-03 21:49 - 2014-07-14 03:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2014-09-03 21:49 - 2014-07-14 03:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2014-09-03 21:49 - 2014-07-14 03:41 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-03 21:48 - 2014-09-03 21:48 - 00003484 _____ () C:\Windows\System32\Tasks\{957CD1FB-0A07-496C-AE9C-4F9C0A252D05}
2014-09-03 21:47 - 2014-09-03 21:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-09-03 21:46 - 2014-09-03 21:46 - 00000000 ____D () C:\Program Files\Synaptics
2014-09-03 21:45 - 2014-09-04 20:16 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\hpqLog
2014-09-03 21:45 - 2014-09-03 21:45 - 00003572 _____ () C:\Windows\System32\Tasks\{973E4A7F-60DE-4B37-A579-23CC4C01875B}
2014-09-03 21:44 - 2014-09-03 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-09-03 21:44 - 2014-09-03 21:44 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-09-03 21:41 - 2014-09-05 01:44 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-03 21:41 - 2014-09-03 21:41 - 00000000 ____D () C:\Intel
2014-09-03 21:41 - 2012-02-14 15:32 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2014-09-03 21:31 - 2014-09-03 21:31 - 00001646 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Premium Sound.lnk
2014-09-03 21:31 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-03 21:31 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-03 21:31 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-03 21:31 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-03 21:31 - 2012-10-24 22:53 - 08013312 _____ (IDT, Inc.) C:\Windows\system32\IDTNHP.dll
2014-09-03 21:31 - 2012-10-24 22:53 - 08003072 _____ (IDT, Inc.) C:\Windows\system32\IDTNGUI.exe
2014-09-03 21:31 - 2012-10-24 22:53 - 06102016 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2014-09-03 21:31 - 2012-10-24 22:53 - 02216448 _____ (IDT, Inc.) C:\Windows\system32\IDTNX.dll
2014-09-03 21:31 - 2012-10-24 22:53 - 01821184 _____ (IDT, Inc.) C:\Windows\system32\IDTNC64.cpl
2014-09-03 21:31 - 2012-10-24 22:53 - 01664000 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2014-09-03 21:31 - 2012-10-24 22:53 - 00253952 _____ (IDT, Inc.) C:\Windows\system32\IDTNJ.exe
2014-09-03 21:31 - 2012-10-24 22:53 - 00224256 _____ (IDT, Inc.) C:\Windows\system32\HPToneCtrls64.dll
2014-09-03 21:31 - 2012-03-29 22:48 - 00200288 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll
2014-09-03 21:31 - 2012-03-29 22:48 - 00074336 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll
2014-09-03 21:31 - 2009-10-10 00:45 - 00442368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll
2014-09-03 21:31 - 2009-03-03 01:47 - 00090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll
2014-09-03 21:30 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-03 21:30 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-09-03 21:30 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-03 21:30 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-09-03 21:30 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-03 21:30 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-09-03 21:29 - 2014-09-08 19:17 - 00088920 _____ () C:\Users\RosstaS\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-03 21:29 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-03 21:29 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-09-03 21:29 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-03 21:29 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-09-03 21:28 - 2014-09-03 21:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\ATI
2014-09-03 21:28 - 2014-09-03 21:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\ATI
2014-09-03 21:28 - 2014-09-03 21:28 - 00000000 ____D () C:\ProgramData\ATI
2014-09-03 21:26 - 2014-09-03 21:26 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-09-03 21:23 - 2014-09-03 21:23 - 00066879 _____ () C:\Windows\SysWOW64\CCCInstall_201409032123215961.log
2014-09-03 21:23 - 2014-09-03 21:23 - 00000000 ____D () C:\ProgramData\AMD
2014-09-03 21:23 - 2014-09-03 21:23 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-09-03 21:19 - 2014-09-03 21:19 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-09-03 21:19 - 2014-09-03 21:19 - 00000000 ____D () C:\AMD
2014-09-03 21:18 - 2014-09-03 21:18 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-09-03 21:14 - 2014-09-05 11:57 - 01562608 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-03 21:14 - 2014-09-03 21:14 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-09-03 21:13 - 2014-09-05 09:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-03 21:13 - 2014-09-03 21:31 - 00000000 ____D () C:\Program Files\IDT
2014-09-03 21:13 - 2012-10-24 22:53 - 02189312 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2014-09-03 21:13 - 2012-10-24 22:53 - 00672256 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2014-09-03 21:13 - 2012-10-24 22:53 - 00543744 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2014-09-03 21:13 - 2012-10-24 22:53 - 00499200 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2014-09-03 21:13 - 2012-10-24 22:53 - 00256000 _____ (IDT, Inc.) C:\Windows\system32\st646433.dll
2014-09-03 21:08 - 2014-09-03 21:22 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-03 21:08 - 2014-09-03 21:08 - 00000000 ____D () C:\Program Files\ATI
2014-09-03 21:01 - 2014-09-03 21:01 - 00000000 __SHD () C:\Users\RosstaS\AppData\Local\EmieUserList
2014-09-03 21:01 - 2014-09-03 21:01 - 00000000 __SHD () C:\Users\RosstaS\AppData\Local\EmieSiteList
2014-09-03 20:59 - 2014-09-04 07:01 - 00000000 ____D () C:\Windows\Panther
2014-09-03 20:59 - 2014-09-03 20:59 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-09-03 20:59 - 2012-11-28 11:17 - 00482128 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1c62x64.sys
2014-09-03 20:59 - 2012-08-09 12:56 - 00101224 _____ (Intel Corporation) C:\Windows\system32\NicInstC.dll
2014-09-03 20:59 - 2012-08-09 08:54 - 00073032 _____ (Intel Corporation) C:\Windows\system32\e1cmsg.dll
2014-09-03 20:59 - 2012-07-25 07:54 - 00538496 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2014-09-03 20:59 - 2012-01-06 13:02 - 00003114 _____ () C:\Windows\system32\e1c62x64.din
2014-09-03 20:59 - 2010-11-21 05:23 - 00383786 __RSH () C:\bootmgr
2014-09-03 20:59 - 2009-05-26 09:05 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
2014-09-03 20:45 - 2014-09-03 20:45 - 00003100 _____ () C:\Windows\System32\Tasks\{06448816-9DBD-471D-8ADE-72F2C80DEB15}
2014-09-03 20:43 - 2014-09-04 19:41 - 00000000 ____D () C:\SWSetup
2014-09-03 20:43 - 2014-09-03 20:43 - 00000000 ____D () C:\ProgramData\Qualcomm Atheros
2014-09-03 20:41 - 2014-09-03 20:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-09-03 20:24 - 2014-09-05 09:07 - 00000000 ___RD () C:\Users\RosstaS\Virtual Machines
2014-09-03 20:24 - 2014-09-03 20:24 - 00001389 _____ () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 20:24 - 2014-09-03 20:24 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Adobe
2014-09-03 20:23 - 2014-09-08 21:33 - 00000000 ____D () C:\Users\RosstaS
2014-09-03 20:23 - 2014-09-03 20:23 - 00000020 ___SH () C:\Users\RosstaS\ntuser.ini
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Šablony
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Soubory cookie
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Poslední
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Okolní tiskárny
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Okolní síť
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Nabídka Start
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Dokumenty
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Use

azz · #2 Příspěvek od **azz** » 08 zář 2014 22:09

ČÁST 2

2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Documents\Obrázky
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Documents\Hudba
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Documents\Filmy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Data aplikací
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\AppData\Local\Data aplikací
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Public\Documents\Obrázky
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Public\Documents\Hudba
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Public\Documents\Filmy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Šablony
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Soubory cookie
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Poslední
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Okolní tiskárny
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Okolní síť
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Nabídka Start
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Dokumenty
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Documents\Obrázky
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Documents\Hudba
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Documents\Filmy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Data aplikací
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Data aplikací
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default User\Documents\Obrázky
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default User\Documents\Hudba
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default User\Documents\Filmy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Data aplikací
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Šablony
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Plocha
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Oblíbené položky
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Nabídka Start
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Dokumenty
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Data aplikací
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 __SHD () C:\Recovery
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\VirtualStore
2014-09-03 20:23 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-03 20:23 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-03 20:16 - 2014-09-03 20:16 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-03 20:15 - 2014-09-03 20:15 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-03 20:11 - 2014-09-03 20:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-09-03 20:08 - 2014-09-08 22:06 - 01714372 _____ () C:\Windows\WindowsUpdate.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-08 22:11 - 2014-09-08 22:09 - 00016879 _____ () C:\Users\RosstaS\Desktop\FRST.txt
2014-09-08 22:10 - 2014-09-08 22:09 - 00000000 ____D () C:\FRST
2014-09-08 22:08 - 2014-09-08 22:08 - 00112640 _____ (forum.viry.cz) C:\Users\RosstaS\Desktop\FRSTLauncher.exe
2014-09-08 22:08 - 2014-09-08 22:07 - 02105344 _____ (Farbar) C:\Users\RosstaS\Desktop\FRST64.exe
2014-09-08 22:08 - 2014-09-04 22:00 - 00000000 ____D () C:\!Download
2014-09-08 22:06 - 2014-09-03 20:08 - 01714372 _____ () C:\Windows\WindowsUpdate.log
2014-09-08 21:57 - 2014-09-03 22:27 - 00003854 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-08 21:57 - 2014-09-03 22:27 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-08 21:46 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-08 21:46 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-08 21:38 - 2014-09-08 21:37 - 00001078 _____ () C:\Windows\system32dbgraw.bmp
2014-09-08 21:38 - 2014-09-05 11:51 - 00000336 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-09-08 21:38 - 2014-09-05 11:51 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-09-08 21:37 - 2014-09-05 14:53 - 00001342 _____ () C:\Windows\Tasks\IMJI.job
2014-09-08 21:37 - 2014-09-05 14:52 - 00001344 _____ () C:\Windows\Tasks\XVCUH.job
2014-09-08 21:37 - 2014-09-05 08:26 - 00000514 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-08 21:37 - 2014-09-04 22:45 - 00001338 _____ () C:\Windows\Tasks\SI.job
2014-09-08 21:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-08 21:33 - 2014-09-03 20:23 - 00000000 ____D () C:\Users\RosstaS
2014-09-08 21:29 - 2014-09-04 22:50 - 00000000 ____D () C:\ProgramData\Binarysense
2014-09-08 21:24 - 2014-09-08 20:52 - 00005642 _____ () C:\zoek-results.log
2014-09-08 20:59 - 2014-09-08 20:51 - 00000000 ____D () C:\zoek_backup
2014-09-08 20:51 - 2014-09-08 21:00 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-09-08 20:47 - 2014-09-08 20:12 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-08 20:32 - 2014-09-08 20:32 - 01370467 _____ () C:\Users\RosstaS\Desktop\adwcleaner_3.309.exe
2014-09-08 20:23 - 2014-09-08 20:23 - 00000000 ____D () C:\Windows\ERUNT
2014-09-08 20:13 - 2014-09-08 20:13 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-08 19:27 - 2009-07-14 06:45 - 00363832 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 19:22 - 2014-09-04 23:31 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-08 19:17 - 2014-09-03 21:29 - 00088920 _____ () C:\Users\RosstaS\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-08 19:14 - 2014-09-04 21:02 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Skype
2014-09-08 19:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-08 19:07 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-09-08 18:52 - 2014-09-05 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-09-08 18:39 - 2014-09-08 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-09-08 18:38 - 2014-09-08 18:38 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-09-08 18:38 - 2014-09-08 18:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-09-08 18:34 - 2014-09-08 18:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-08 16:50 - 2014-09-04 18:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\vlc
2014-09-08 15:01 - 2011-04-12 10:34 - 00673840 _____ () C:\Windows\system32\perfh005.dat
2014-09-08 15:01 - 2011-04-12 10:34 - 00143448 _____ () C:\Windows\system32\perfc005.dat
2014-09-08 15:01 - 2009-07-14 07:13 - 01591930 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-06 14:10 - 2014-09-06 14:06 - 00000000 ____D () C:\Users\RosstaS\Documents\ProjectReality
2014-09-06 14:05 - 2014-09-06 14:05 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-06 14:05 - 2014-09-06 14:05 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-09-06 14:05 - 2014-09-06 14:05 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-06 14:04 - 2014-09-06 14:04 - 00001065 _____ () C:\Users\RosstaS\Desktop\Project Reality BF2.lnk
2014-09-06 14:04 - 2014-09-06 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Reality
2014-09-06 13:51 - 2014-09-06 13:51 - 00000939 _____ () C:\Users\RosstaS\Desktop\TotalCmd64 – zástupce.lnk
2014-09-06 13:50 - 2014-09-06 13:50 - 00000000 ____D () C:\Users\RosstaS\Documents\Poznámkové bloky aplikace OneNote
2014-09-06 13:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-06 11:28 - 2014-09-05 12:07 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\CrashDumps
2014-09-06 10:14 - 2014-09-05 14:55 - 00000000 ____D () C:\Program Files (x86)\SavePass 1.1
2014-09-05 17:19 - 2014-09-05 14:53 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Seznam.cz
2014-09-05 14:53 - 2014-09-05 14:53 - 00004374 _____ () C:\Windows\System32\Tasks\IMJI
2014-09-05 14:52 - 2014-09-05 14:52 - 00004376 _____ () C:\Windows\System32\Tasks\XVCUH
2014-09-05 13:55 - 2014-09-05 08:00 - 00000000 ____D () C:\Users\RosstaS\Downloads\Microsoft Toolkit 2.5.2 Official Torrent
2014-09-05 13:40 - 2014-09-05 13:40 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-09-05 13:39 - 2014-09-05 13:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-09-05 13:39 - 2014-09-05 13:38 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-09-05 13:38 - 2014-09-04 23:39 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-05 13:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-05 13:32 - 2011-04-12 10:45 - 00000000 ____D () C:\Windows\ShellNew
2014-09-05 13:31 - 2014-09-05 07:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-09-05 11:57 - 2014-09-03 21:14 - 01562608 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-05 11:53 - 2014-09-04 06:58 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-05 11:51 - 2014-09-05 11:51 - 00020672 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-09-05 11:51 - 2014-09-05 11:51 - 00002638 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-09-05 11:51 - 2014-09-05 11:51 - 00001088 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-09-05 11:51 - 2014-09-05 11:51 - 00001076 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-09-05 11:51 - 2014-09-05 11:51 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\GlarySoft
2014-09-05 11:51 - 2014-09-05 11:51 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\DiskDefrag
2014-09-05 11:51 - 2014-09-05 11:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2014-09-05 11:43 - 2014-09-05 11:37 - 2986233856 _____ () C:\Users\RosstaS\Downloads\prbf2_1.2.0.0_full.iso
2014-09-05 11:29 - 2014-09-05 07:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-09-05 11:11 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-05 10:54 - 2014-09-05 10:54 - 00000000 ____D () C:\WINDOWS1
2014-09-05 10:43 - 2014-09-04 21:18 - 00000000 ____D () C:\Users\RosstaS\Documents\StrongDC++
2014-09-05 10:40 - 2014-09-05 10:30 - 1562450012 _____ () C:\Users\RosstaS\Downloads\Disconnect.2012.720p.BluRay.x264-ALLiANCE.mkv
2014-09-05 10:36 - 2014-09-05 10:25 - 00000000 ____D () C:\Users\RosstaS\Documents\Forgottenhp 2
2014-09-05 10:26 - 2014-09-05 10:25 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Forgotten_Hope
2014-09-05 10:25 - 2014-09-05 10:25 - 00000999 _____ () C:\Users\Public\Desktop\Forgotten Hope 2.lnk
2014-09-05 10:25 - 2014-09-05 10:25 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Forgotten Hope 2
2014-09-05 10:25 - 2014-09-05 10:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Forgotten Hope 2
2014-09-05 09:59 - 2014-09-05 09:58 - 00000000 ____D () C:\Users\RosstaS\Documents\Battlefield 2
2014-09-05 09:57 - 2014-09-05 09:57 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-05 09:26 - 2014-09-05 09:26 - 00001612 _____ () C:\Users\Public\Desktop\Play BF2 Online Now!.lnk
2014-09-05 09:26 - 2014-09-05 09:26 - 00001590 _____ () C:\Users\Public\Desktop\Battlefield 2.lnk
2014-09-05 09:17 - 2014-09-05 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2014-09-05 09:17 - 2014-09-05 09:17 - 00000000 ____D () C:\Hry
2014-09-05 09:17 - 2014-09-03 21:13 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-05 09:10 - 2014-09-05 07:40 - 00000000 ____D () C:\ProgramData\Microsoft Toolkit
2014-09-05 09:09 - 2014-09-05 09:09 - 00000000 ____D () C:\Windows\AutoKMS
2014-09-05 09:07 - 2014-09-03 20:24 - 00000000 ___RD () C:\Users\RosstaS\Virtual Machines
2014-09-05 08:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-05 08:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-05 08:34 - 2014-09-03 23:05 - 00000000 ____D () C:\Windows\pss
2014-09-05 08:12 - 2014-09-05 08:12 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Intel Corporation
2014-09-05 07:25 - 2014-09-05 07:25 - 00000000 ____D () C:\Windows\PCHEALTH
2014-09-05 07:25 - 2014-09-05 07:25 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-09-05 07:25 - 2014-09-05 07:25 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-09-05 07:19 - 2014-09-05 07:19 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services
2014-09-05 07:19 - 2014-09-05 07:19 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-09-05 06:42 - 2014-09-05 00:43 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\CodexisRPD
2014-09-05 01:45 - 2014-09-05 01:45 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-09-05 01:44 - 2014-09-05 01:44 - 00439320 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2014-09-05 01:44 - 2014-09-05 01:44 - 00000000 ____D () C:\Program Files\LSI SoftModem
2014-09-05 01:44 - 2014-09-03 21:41 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-05 01:43 - 2014-09-05 01:44 - 00064000 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsmdel.exe
2014-09-05 01:43 - 2014-09-05 01:44 - 00027648 ____N (LSI Corporation) C:\Windows\SysWOW64\agrsco64.dll
2014-09-05 01:43 - 2014-09-05 01:44 - 00026624 ____N (LSI Corporation) C:\Windows\SysWOW64\agrscoin.dll
2014-09-05 01:43 - 2014-09-05 01:43 - 01212416 _____ (LSI Corporation) C:\Windows\system32\Drivers\agrsm64.sys
2014-09-05 01:43 - 2014-09-05 01:43 - 00064000 _____ (LSI Corporation) C:\Windows\agrsmdel.exe
2014-09-05 01:43 - 2014-09-05 01:43 - 00042496 _____ (LSI Corporation) C:\Windows\agrdel64.exe
2014-09-05 01:43 - 2014-09-05 01:43 - 00027648 _____ (LSI Corporation) C:\Windows\system32\agrsco64.dll
2014-09-05 01:43 - 2014-09-05 01:43 - 00000000 ____D () C:\Windows\Options
2014-09-05 01:42 - 2014-09-05 01:42 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_AMPPAL_01009.Wdf
2014-09-05 01:41 - 2014-09-05 01:41 - 00000000 ____D () C:\Program Files\Intel
2014-09-05 01:40 - 2014-09-05 01:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-09-05 01:36 - 2014-09-05 01:36 - 11499008 _____ (Intel Corporation) C:\Windows\system32\Drivers\Netwsw00.sys
2014-09-05 01:36 - 2014-09-05 01:36 - 03381008 _____ (Intel Corporation) C:\Windows\system32\Netwrw00.dll
2014-09-05 01:36 - 2014-09-05 01:36 - 00885520 _____ (Intel Corporation) C:\Windows\system32\Netwcw00.dll
2014-09-05 01:35 - 2014-09-05 01:35 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-09-05 01:30 - 2014-09-05 01:30 - 00723184 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2014-09-05 01:30 - 2014-09-05 01:30 - 00555760 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2014-09-05 01:30 - 2014-09-05 01:30 - 00422640 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo19.dll
2014-09-05 01:30 - 2014-09-05 01:30 - 00400624 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2014-09-05 01:30 - 2014-09-05 01:30 - 00252144 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2014-09-05 01:30 - 2014-09-05 01:30 - 00169712 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCom.dll
2014-09-05 01:30 - 2014-09-05 01:30 - 00161880 _____ () C:\Windows\system32\pca-manta.bin
2014-09-05 01:30 - 2014-09-05 01:30 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-09-05 01:30 - 2014-09-05 01:30 - 00000092 _____ () C:\Windows\system32\calibration.bin
2014-09-05 00:43 - 2014-09-05 00:43 - 00001009 _____ () C:\Users\Public\Desktop\CODEXIS 6 ACADEMIA.lnk
2014-09-05 00:43 - 2014-09-05 00:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CODEXIS 6 ACADEMIA
2014-09-05 00:42 - 2014-09-04 23:43 - 00000000 ____D () C:\ATLAS Consulting
2014-09-04 23:49 - 2014-09-04 23:49 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-09-04 23:43 - 2014-09-04 23:43 - 02421760 _____ (ATLAS consulting spol. s r.o.) C:\Users\RosstaS\Downloads\DataAsistentACAD6.exe
2014-09-04 23:37 - 2014-09-04 23:37 - 00000000 __RHD () C:\MSOCache
2014-09-04 23:32 - 2014-09-04 23:32 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Microsoft Help
2014-09-04 23:15 - 2014-09-04 23:15 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2014-09-04 23:14 - 2014-09-04 23:14 - 01939048 _____ (emc) C:\Users\RosstaS\Downloads\uTorrent221.exe
2014-09-04 23:05 - 2014-09-04 23:05 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\VitySoft
2014-09-04 23:05 - 2014-09-04 23:05 - 00000000 ____D () C:\Users\RosstaS\.objectdb
2014-09-04 22:51 - 2014-09-04 21:07 - 535610644 _____ () C:\Users\RosstaS\Downloads\cs_office_professional_plus_2013_x64_dvd_1382239.iso
2014-09-04 22:45 - 2014-09-04 22:45 - 00004370 _____ () C:\Windows\System32\Tasks\SI
2014-09-04 22:44 - 2014-09-04 22:44 - 00003384 _____ () C:\Windows\System32\Tasks\BUITJI
2014-09-04 22:44 - 2014-09-04 22:44 - 00001346 _____ () C:\Windows\Tasks\BUITJI.job
2014-09-04 22:21 - 2014-09-04 22:05 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Spotify
2014-09-04 22:18 - 2014-09-04 22:18 - 00001246 _____ () C:\Users\Public\Desktop\Virtual CloneDrive.lnk
2014-09-04 22:17 - 2014-09-04 22:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2014-09-04 22:17 - 2014-09-04 22:17 - 00000000 ____D () C:\Program Files (x86)\Elaborate Bytes
2014-09-04 22:06 - 2014-09-04 22:06 - 00001763 _____ () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-09-04 22:06 - 2014-09-04 22:06 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Spotify
2014-09-04 22:04 - 2014-09-04 22:04 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\IDT
2014-09-04 22:04 - 2014-09-04 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-04 22:03 - 2014-09-04 22:04 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-09-04 22:03 - 2014-09-04 22:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-09-04 22:03 - 2014-09-04 22:04 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-09-04 22:03 - 2014-09-04 22:04 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-09-04 22:03 - 2014-09-04 22:03 - 00000000 ____D () C:\Program Files\Java
2014-09-04 21:59 - 2014-09-04 21:59 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\GHISLER
2014-09-04 21:58 - 2014-09-04 21:55 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Zoner
2014-09-04 21:56 - 2014-09-04 21:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Microsoft Games
2014-09-04 21:55 - 2014-09-04 21:55 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Zoner
2014-09-04 21:53 - 2014-09-04 21:53 - 00001878 _____ () C:\Users\Public\Desktop\Zoner Photo Studio 16 x64.lnk
2014-09-04 21:53 - 2014-09-04 21:53 - 00000000 ____D () C:\ProgramData\Zoner
2014-09-04 21:53 - 2014-09-04 21:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 16
2014-09-04 21:52 - 2014-09-04 21:52 - 00000000 ____D () C:\Program Files\Zoner
2014-09-04 21:51 - 2014-09-04 21:51 - 60243680 _____ (ZONER software ) C:\Users\RosstaS\Downloads\zps16_cz.exe
2014-09-04 21:27 - 2014-09-04 21:27 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-09-04 21:18 - 2014-09-04 21:18 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StrongDC++
2014-09-04 21:18 - 2014-09-04 21:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StrongDC++
2014-09-04 21:18 - 2014-09-04 21:18 - 00000000 ____D () C:\Program Files\StrongDC++
2014-09-04 21:02 - 2014-09-04 21:02 - 00002533 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-09-04 21:02 - 2014-09-04 21:02 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-04 21:02 - 2014-09-04 21:02 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Skype
2014-09-04 21:02 - 2014-09-04 21:02 - 00000000 ____D () C:\ProgramData\Skype
2014-09-04 21:02 - 2014-09-04 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-04 20:56 - 2014-09-04 20:56 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\ESET
2014-09-04 20:56 - 2014-09-04 20:56 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\ESET
2014-09-04 20:54 - 2014-09-04 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-09-04 20:54 - 2014-09-04 20:54 - 00000000 ____D () C:\ProgramData\ESET
2014-09-04 20:54 - 2014-09-04 20:54 - 00000000 ____D () C:\Program Files\ESET
2014-09-04 20:49 - 2014-09-04 20:49 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\GHISLER
2014-09-04 20:49 - 2014-09-04 20:49 - 00000000 ____D () C:\totalcmd
2014-09-04 20:47 - 2014-09-04 20:47 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\WinRAR
2014-09-04 20:46 - 2014-09-04 20:46 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-04 20:46 - 2014-09-04 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-04 20:46 - 2014-09-04 20:46 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-09-04 20:45 - 2014-09-04 20:45 - 01785512 _____ () C:\Users\RosstaS\Downloads\wrar500cz.exe
2014-09-04 20:16 - 2014-09-03 22:30 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-09-04 20:16 - 2014-09-03 21:45 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\hpqLog
2014-09-04 20:15 - 2014-09-04 20:15 - 00000000 ____D () C:\ProgramData\DigitalPersona
2014-09-04 19:55 - 2014-09-04 18:56 - 00000000 ____D () C:\ProgramData\HP
2014-09-04 19:55 - 2014-09-03 22:18 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\BatteryBar
2014-09-04 19:54 - 2014-09-04 19:54 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Infineon
2014-09-04 19:54 - 2014-09-04 19:54 - 00000000 ____D () C:\ProgramData\Infineon
2014-09-04 19:53 - 2014-09-03 22:15 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-09-04 19:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-04 19:52 - 2014-09-04 19:52 - 00511328 ____R (Microsoft Corporation) C:\Windows\SysWOW64\capicom.dll
2014-09-04 19:52 - 2014-09-04 19:52 - 00123256 _____ (Infineon Technologies AG) C:\Windows\system32\IfxTpmKsp.dll
2014-09-04 19:52 - 2014-09-04 19:52 - 00090488 _____ (Infineon Technologies AG) C:\Windows\SysWOW64\IfxTpmKsp.dll
2014-09-04 19:52 - 2014-09-04 19:52 - 00044576 _____ (Infineon Technologies AG) C:\Windows\system32\Drivers\psd.sys
2014-09-04 19:51 - 2014-09-04 19:51 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_HpqKbFiltr_01009.Wdf
2014-09-04 19:50 - 2014-09-04 19:50 - 00000000 ____D () C:\Users\RosstaS\Documents\Složka Bluetooth Exchange
2014-09-04 19:50 - 2014-09-04 19:50 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Broadcom
2014-09-04 19:50 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-04 19:46 - 2014-09-04 19:46 - 00000000 ____D () C:\Program Files\WIDCOMM
2014-09-04 19:45 - 2014-09-04 19:49 - 00594472 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwampfl.sys
2014-09-04 19:45 - 2014-09-04 19:47 - 00210984 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2014-09-04 19:45 - 2014-09-04 19:47 - 00184872 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2014-09-04 19:45 - 2014-09-04 19:47 - 00039976 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2014-09-04 19:45 - 2014-09-04 19:47 - 00021544 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2014-09-04 19:44 - 2014-09-04 19:42 - 00000000 ____D () C:\Windows\Hewlett-Packard
2014-09-04 19:44 - 2014-09-04 18:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-09-04 19:44 - 2014-09-04 18:26 - 00000000 ____D () C:\Program Files\Hewlett-Packard
2014-09-04 19:44 - 2014-09-03 22:15 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Hewlett-Packard
2014-09-04 19:41 - 2014-09-03 20:43 - 00000000 ____D () C:\SWSetup
2014-09-04 19:39 - 2014-09-04 19:39 - 00002355 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Theft Recovery.lnk
2014-09-04 19:38 - 2014-09-04 19:37 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Downloaded Installations
2014-09-04 19:30 - 2014-09-04 19:30 - 00000000 __RSH () C:\Windows\SysWOW64\Drivers\103C_HP_bNB_EliteBook 8460p_Y5336AN_0U_QCZC1479502_EU_4A_I161C_SHP_V97.4C_B68SCF F.28_T120917_W71-1_L405_M4047_J750_7Intel_86A7_92.50_#140904_N80861502_(SN188UC)_XMOBILE_CN10_Z_2A0001C02_G10026760.MRK
2014-09-04 19:30 - 2014-09-04 19:30 - 00000000 __RSH () C:\Windows\system32\Drivers\103C_HP_bNB_EliteBook 8460p_Y5336AN_0U_QCZC1479502_EU_4A_I161C_SHP_V97.4C_B68SCF F.28_T120917_W71-1_L405_M4047_J750_7Intel_86A7_92.50_#140904_N80861502_(SN188UC)_XMOBILE_CN10_Z_2A0001C02_G10026760.MRK
2014-09-04 19:30 - 2014-09-04 19:30 - 00000000 ____D () C:\system.sav
2014-09-04 19:30 - 2014-09-04 19:30 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-04 19:28 - 2014-09-04 19:28 - 00000248 _____ () C:\Windows\hbcikrnl.ini
2014-09-04 19:28 - 2014-09-04 19:28 - 00000000 ____D () C:\ProgramData\SZCCID
2014-09-04 19:28 - 2014-09-04 19:28 - 00000000 ____D () C:\Program Files (x86)\AlcorMicroData
2014-09-04 19:28 - 2014-09-04 19:28 - 00000000 ____D () C:\Program Files (x86)\AlcorMicro
2014-09-04 19:27 - 2014-09-04 19:27 - 01045776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJET35.DLL
2014-09-04 19:27 - 2014-09-04 19:27 - 00368912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VBAR332.DLL
2014-09-04 19:27 - 2014-09-04 19:27 - 00252176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSRD2X35.DLL
2014-09-04 19:27 - 2014-09-04 19:27 - 00123664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJINT35.DLL
2014-09-04 19:27 - 2014-09-04 19:27 - 00024848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSJTER35.DLL
2014-09-04 18:44 - 2014-09-04 18:44 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01011.Wdf
2014-09-04 18:43 - 2014-09-04 18:43 - 00000000 ____D () C:\ProgramData\Validity
2014-09-04 18:43 - 2014-09-04 18:43 - 00000000 ____D () C:\Program Files\Validity Sensors
2014-09-04 18:34 - 2014-09-04 18:30 - 00000000 ____D () C:\ProgramData\HPQLOG
2014-09-04 18:33 - 2014-09-04 18:33 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\DigitalPersona
2014-09-04 18:33 - 2014-09-04 18:33 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\DigitalPersona
2014-09-04 18:33 - 2014-09-03 21:55 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-09-04 18:28 - 2014-09-04 18:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Macrovision
2014-09-04 18:28 - 2014-09-04 18:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\FLEXnet
2014-09-04 18:28 - 2014-09-04 18:28 - 00000000 ____D () C:\ProgramData\Macrovision
2014-09-04 18:28 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\system32\zh-Hant
2014-09-04 18:28 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\system32\zh-Hans
2014-09-04 18:28 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\system32\ru
2014-09-04 18:28 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\system32\ko
2014-09-04 18:28 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\system32\ja
2014-09-04 18:28 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\system32\it
2014-09-04 18:28 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\system32\fr
2014-09-04 18:28 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\system32\es
2014-09-04 18:27 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\SysWOW64\zh-Hant
2014-09-04 18:27 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\SysWOW64\zh-Hans
2014-09-04 18:27 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\SysWOW64\ru
2014-09-04 18:27 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\SysWOW64\ko
2014-09-04 18:27 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\SysWOW64\ja
2014-09-04 18:27 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\SysWOW64\it
2014-09-04 18:27 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\SysWOW64\fr
2014-09-04 18:27 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\SysWOW64\es
2014-09-04 18:27 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\SysWOW64\de
2014-09-04 18:27 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\system32\de
2014-09-04 18:27 - 2011-04-12 10:34 - 00000000 ____D () C:\Windows\SysWOW64\cs
2014-09-04 18:27 - 2011-04-12 10:34 - 00000000 ____D () C:\Windows\system32\cs
2014-09-04 18:26 - 2014-09-04 18:26 - 00001062 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-09-04 18:26 - 2014-09-04 18:26 - 00000000 ____D () C:\Windows\DPDrv
2014-09-04 18:26 - 2014-09-04 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-04 18:26 - 2014-09-04 18:26 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-09-04 18:25 - 2014-09-04 18:25 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-09-04 18:24 - 2014-09-04 18:24 - 24743106 _____ () C:\Users\RosstaS\Downloads\vlc-2.1.5-win32.exe
2014-09-04 07:01 - 2014-09-03 20:59 - 00000000 ____D () C:\Windows\Panther
2014-09-04 06:58 - 2014-09-04 06:58 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-04 06:58 - 2014-09-04 06:58 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-04 06:53 - 2014-09-04 06:52 - 04901352 _____ (Piriform Ltd) C:\Users\RosstaS\Downloads\ccsetup417.exe
2014-09-04 06:53 - 2014-09-04 06:51 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Foxit Software
2014-09-04 06:50 - 2014-09-04 06:50 - 00001354 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-09-04 06:50 - 2014-09-04 06:50 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-09-04 06:49 - 2014-09-04 06:49 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2014-09-03 23:07 - 2014-09-03 21:52 - 00003832 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409773940
2014-09-03 23:07 - 2014-09-03 21:52 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-03 23:01 - 2014-09-03 23:01 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Synaptics
2014-09-03 22:52 - 2011-04-12 10:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-03 22:34 - 2014-09-03 22:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-03 22:28 - 2014-09-03 22:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Macromedia
2014-09-03 22:28 - 2014-09-03 22:26 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Adobe
2014-09-03 22:27 - 2014-09-03 22:27 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-03 22:27 - 2014-09-03 22:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-03 22:26 - 2014-09-03 22:26 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-09-03 22:26 - 2014-09-03 22:26 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-03 22:20 - 2014-09-03 22:18 - 00000000 ____D () C:\Program Files\BatteryBar
2014-09-03 22:15 - 2014-09-03 22:15 - 01270598 _____ () C:\Users\RosstaS\Downloads\BatteryBarSetup-3.5.4.exe
2014-09-03 21:55 - 2014-09-03 21:55 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\SlimWare Utilities Inc
2014-09-03 21:54 - 2014-09-03 21:54 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-09-03 21:52 - 2014-09-03 21:52 - 00001125 _____ () C:\Users\Public\Desktop\Opera.lnk
2014-09-03 21:52 - 2014-09-03 21:52 - 00001125 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2014-09-03 21:52 - 2014-09-03 21:52 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Opera Software
2014-09-03 21:52 - 2014-09-03 21:52 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\Opera Software
2014-09-03 21:48 - 2014-09-03 21:48 - 00003484 _____ () C:\Windows\System32\Tasks\{957CD1FB-0A07-496C-AE9C-4F9C0A252D05}
2014-09-03 21:47 - 2014-09-03 21:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-09-03 21:46 - 2014-09-03 21:46 - 00000000 ____D () C:\Program Files\Synaptics
2014-09-03 21:45 - 2014-09-03 21:45 - 00003572 _____ () C:\Windows\System32\Tasks\{973E4A7F-60DE-4B37-A579-23CC4C01875B}
2014-09-03 21:44 - 2014-09-03 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2014-09-03 21:44 - 2014-09-03 21:44 - 00000000 ____D () C:\Program Files (x86)\Renesas Electronics
2014-09-03 21:41 - 2014-09-03 21:41 - 00000000 ____D () C:\Intel
2014-09-03 21:31 - 2014-09-03 21:31 - 00001646 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRS Premium Sound.lnk
2014-09-03 21:31 - 2014-09-03 21:13 - 00000000 ____D () C:\Program Files\IDT
2014-09-03 21:28 - 2014-09-03 21:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\ATI
2014-09-03 21:28 - 2014-09-03 21:28 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\ATI
2014-09-03 21:28 - 2014-09-03 21:28 - 00000000 ____D () C:\ProgramData\ATI
2014-09-03 21:26 - 2014-09-03 21:26 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-09-03 21:23 - 2014-09-03 21:23 - 00066879 _____ () C:\Windows\SysWOW64\CCCInstall_201409032123215961.log
2014-09-03 21:23 - 2014-09-03 21:23 - 00000000 ____D () C:\ProgramData\AMD
2014-09-03 21:23 - 2014-09-03 21:23 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-09-03 21:22 - 2014-09-03 21:08 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-09-03 21:19 - 2014-09-03 21:19 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-09-03 21:19 - 2014-09-03 21:19 - 00000000 ____D () C:\AMD
2014-09-03 21:18 - 2014-09-03 21:18 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-09-03 21:14 - 2014-09-03 21:14 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-09-03 21:08 - 2014-09-03 21:08 - 00000000 ____D () C:\Program Files\ATI
2014-09-03 21:01 - 2014-09-03 21:01 - 00000000 __SHD () C:\Users\RosstaS\AppData\Local\EmieUserList
2014-09-03 21:01 - 2014-09-03 21:01 - 00000000 __SHD () C:\Users\RosstaS\AppData\Local\EmieSiteList
2014-09-03 20:59 - 2014-09-03 20:59 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-09-03 20:59 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-09-03 20:59 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-09-03 20:59 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2014-09-03 20:45 - 2014-09-03 20:45 - 00003100 _____ () C:\Windows\System32\Tasks\{06448816-9DBD-471D-8ADE-72F2C80DEB15}
2014-09-03 20:43 - 2014-09-03 20:43 - 00000000 ____D () C:\ProgramData\Qualcomm Atheros
2014-09-03 20:41 - 2014-09-03 20:41 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-09-03 20:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-03 20:24 - 2014-09-03 20:24 - 00001389 _____ () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-03 20:24 - 2014-09-03 20:24 - 00000000 ____D () C:\Users\RosstaS\AppData\Roaming\Adobe
2014-09-03 20:23 - 2014-09-03 20:23 - 00000020 ___SH () C:\Users\RosstaS\ntuser.ini
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Šablony
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Soubory cookie
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Poslední
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Okolní tiskárny
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Okolní síť
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Nabídka Start
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Dokumenty
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Documents\Obrázky
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Documents\Hudba
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Documents\Filmy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\Data aplikací
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\RosstaS\AppData\Local\Data aplikací
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Public\Documents\Obrázky
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Public\Documents\Hudba
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Public\Documents\Filmy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Šablony
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Soubory cookie
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Poslední
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Okolní tiskárny
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Okolní síť
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Nabídka Start
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Dokumenty
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Documents\Obrázky
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Documents\Hudba
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Documents\Filmy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\Data aplikací
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Data aplikací
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default User\Documents\Obrázky
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default User\Documents\Hudba
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default User\Documents\Filmy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Data aplikací
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Šablony
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Plocha
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Oblíbené položky
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Nabídka Start
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Dokumenty
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 _SHDL () C:\ProgramData\Data aplikací
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 __SHD () C:\Recovery
2014-09-03 20:23 - 2014-09-03 20:23 - 00000000 ____D () C:\Users\RosstaS\AppData\Local\VirtualStore
2014-09-03 20:23 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-03 20:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-09-03 20:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-09-03 20:16 - 2014-09-03 20:16 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-03 20:16 - 2014-01-27 02:46 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2014-09-03 20:16 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-03 20:15 - 2014-09-03 20:15 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-03 20:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-09-03 20:11 - 2014-09-03 20:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-09-03 20:02 - 2011-04-12 10:45 - 00000000 ____D () C:\Windows\CSC
2014-09-01 22:25 - 2014-09-06 13:55 - 02514289 ____N () C:\Users\RosstaS\Desktop\VID-20140901-WA0007.mp4
2014-09-01 22:13 - 2014-09-06 13:55 - 04790098 ____N () C:\Users\RosstaS\Desktop\VID-20140901-WA0003.mp4
2014-08-25 06:53 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 04:10 - 2014-09-03 22:04 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-09-03 22:04 - 00311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-09-03 22:04 - 03166720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BUITJI.job => C:\Users\RosstaS\AppData\Roaming\BUITJI.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\IMJI.job => C:\Users\RosstaS\AppData\Roaming\IMJI.exe
Task: C:\Windows\Tasks\SI.job => C:\Users\RosstaS\AppData\Roaming\SI.exe
Task: C:\Windows\Tasks\XVCUH.job => C:\Users\RosstaS\AppData\Roaming\XVCUH.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\RosstaS\Desktop" je 61 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirtualCloneDrive
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^RosstaS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Zavad؟ CODEXIS.lnk
C:\Atlas consulting\CODEXIS_6_ACADEMIA\client\CdxLoader.exe [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#3 Příspěvek od **vyosek** » 09 zář 2014 08:31

Zdravim

Jen se zeptam pouzivate legalni operacni system, nejvyssi licence Ultimate zrovna neni bezna domaci verze

azz · #4 Příspěvek od **azz** » 09 zář 2014 09:12

Dobrý den, jedná se o notebook, který byl odkoupen z firmy, kdy se vyměňovaly staré modely za nové. Ve firmě se v té době užívala a i teď užívá tato verze.

#5 Příspěvek od **vyosek** » 09 zář 2014 09:15

Stahnete RKill http://download.bleepingcomputer.com/grinler/rkill.com

Pokud ho havet blokuje, pouzijte jeden z nasledujicich - i ty prejmenovane
Rkill EXE:
http://download.bleepingcomputer.com/grinler/rkill.exe

Rkill iExplore.exe:
http://download.bleepingcomputer.com/gr ... xplore.exe

Rkill uSeRiNiT.exe:
http://download.bleepingcomputer.com/gr ... eRiNiT.exe

Rkill WiNlOgOn.exe:
http://download.bleepingcomputer.com/gr ... NlOgOn.exe
Ulozte nejlepena plochu a ukoncete vsechny aplikace (jinak to udela RKill za Vas)
Spustte tradicne dvojklikem - program probehne do par sekund a ukonci i svou cinnost
RKill ukonci vsechny ne-systemove procesy - tedy i procesy, pod kterymi bezi havet
Na plose vznikne log Rkill.txt ten mi sem vlozte
Ted nerestartujte PC - prisli byste o ucinek RKillu

PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK

Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
Pokud mate Win XP spustte pod uctem Spravce\Administratora
Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix

azz · #6 Příspěvek od **azz** » 09 zář 2014 16:21

rkill log

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/09/2014 05:17:47 PM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
::1 localhost

Program finished at: 09/09/2014 05:19:51 PM
Execution time: 0 hours(s), 2 minute(s), and 3 seconds(s)

#7 Příspěvek od **vyosek** » 09 zář 2014 16:21

Pokracujte ComboFixem

azz · #8 Příspěvek od **azz** » 09 zář 2014 16:58

ComboFix 14-09-09.01 - RosstaS 09.09.2014 17:30:06.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4046.1922 [GMT 2:00]
Spuštěný z: c:\users\RosstaS\Desktop\ComboFix.exe
AV: ESET Smart Security 7.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Disabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-09 do 2014-09-09 )))))))))))))))))))))))))))))))
.
.
2014-09-09 15:41 . 2014-09-09 15:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-08 20:09 . 2014-09-08 20:10 -------- d-----w- C:\FRST
2014-09-08 19:00 . 2014-09-08 18:51 24064 ----a-w- c:\windows\zoek-delete.exe
2014-09-08 18:51 . 2014-09-08 18:59 -------- d-----w- C:\zoek_backup
2014-09-08 18:23 . 2014-09-08 18:23 -------- d-----w- c:\windows\ERUNT
2014-09-08 18:13 . 2014-09-08 18:13 -------- d-----w- c:\program files\Enigma Software Group
2014-09-08 18:12 . 2014-09-08 18:47 -------- d-----w- c:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-08 17:14 . 2014-09-08 17:14 -------- d-----w- c:\program files\Microsoft.NET
2014-09-08 16:38 . 2014-09-08 16:38 -------- d-----w- c:\program files\Microsoft Silverlight
2014-09-08 16:38 . 2014-09-08 16:38 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-09-08 16:08 . 2014-08-21 09:24 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BD43B01D-28C6-42E6-95EB-BD4A918CD6ED}\mpengine.dll
2014-09-06 12:05 . 2014-09-06 12:05 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-09-06 12:05 . 2014-09-06 12:05 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-09-06 12:05 . 2014-09-06 12:05 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-09-06 12:05 . 2013-07-25 02:52 840264 ----a-w- c:\windows\SysWow64\pbsvc.exe
2014-09-06 12:05 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-09-06 12:05 . 2010-05-26 09:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-09-05 12:55 . 2014-09-06 08:14 -------- d-----w- c:\program files (x86)\SavePass 1.1
2014-09-05 11:40 . 2014-09-05 11:40 -------- d-----w- c:\program files\Common Files\DESIGNER
2014-09-05 11:39 . 2014-09-05 11:39 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2014-09-05 11:38 . 2014-09-05 11:38 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2014-09-05 11:38 . 2014-09-05 11:39 -------- d-----w- c:\program files\Microsoft SQL Server
2014-09-05 09:51 . 2014-09-05 09:51 20672 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2014-09-05 09:51 . 2014-09-09 15:46 -------- d-----w- c:\program files (x86)\Glary Utilities 5
2014-09-05 08:54 . 2014-09-05 08:54 -------- d-----w- C:\WINDOWS1
2014-09-05 07:24 . 2005-03-18 15:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
2014-09-05 07:24 . 2005-02-05 17:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2014-09-05 07:17 . 2014-09-05 07:17 -------- d-----w- C:\Hry
2014-09-05 07:09 . 2014-09-05 07:09 -------- d-----w- c:\windows\AutoKMS
2014-09-05 06:47 . 2014-09-05 06:47 -------- d-----w- c:\windows\Migration
2014-09-05 06:42 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-09-05 06:37 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-09-05 06:37 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-09-05 06:37 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-09-05 06:37 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-09-05 06:37 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-09-05 06:37 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-09-05 06:37 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-09-05 05:59 . 2014-06-25 02:06 14179328 ----a-w- c:\windows\system32\shell32.dll
2014-09-05 05:40 . 2014-09-05 07:10 -------- d-----w- c:\programdata\Microsoft Toolkit
2014-09-05 05:25 . 2014-09-05 05:25 -------- d-----w- c:\program files\Microsoft Synchronization Services
2014-09-05 05:25 . 2014-09-05 05:25 -------- d-----w- c:\windows\PCHEALTH
2014-09-05 05:25 . 2014-09-05 05:25 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2014-09-05 05:21 . 2014-09-05 09:29 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-09-05 05:19 . 2014-09-05 05:19 -------- d-----w- c:\program files\Microsoft Analysis Services
2014-09-05 05:19 . 2014-09-05 05:19 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2014-09-04 23:44 . 2014-09-04 23:44 439320 ----a-w- c:\windows\system32\drivers\iaStor.sys
2014-09-04 23:44 . 2014-09-04 23:43 64000 ------w- c:\windows\SysWow64\agrsmdel.exe
2014-09-04 23:44 . 2014-09-04 23:43 27648 ------w- c:\windows\SysWow64\agrsco64.dll
2014-09-04 23:44 . 2014-09-04 23:43 26624 ------w- c:\windows\SysWow64\agrscoin.dll
2014-09-04 23:44 . 2014-09-04 23:44 -------- d-----w- c:\program files\LSI SoftModem
2014-09-04 23:43 . 2014-09-04 23:43 -------- d-----w- c:\windows\Options
2014-09-04 23:43 . 2014-09-04 23:43 64000 ----a-w- c:\windows\agrsmdel.exe
2014-09-04 23:43 . 2014-09-04 23:43 1212416 ----a-w- c:\windows\system32\drivers\agrsm64.sys
2014-09-04 23:43 . 2014-09-04 23:43 42496 ----a-w- c:\windows\agrdel64.exe
2014-09-04 23:43 . 2014-09-04 23:43 27648 ----a-w- c:\windows\system32\agrsco64.dll
2014-09-04 23:41 . 2014-09-04 23:41 -------- d-----w- c:\program files\Intel
2014-09-04 23:36 . 2014-09-04 23:36 11499008 ----a-w- c:\windows\system32\drivers\Netwsw00.sys
2014-09-04 23:36 . 2014-09-04 23:36 3381008 ----a-w- c:\windows\system32\Netwrw00.dll
2014-09-04 23:36 . 2014-09-04 23:36 885520 ----a-w- c:\windows\system32\Netwcw00.dll
2014-09-04 23:30 . 2014-09-04 23:30 555760 ----a-w- c:\windows\system32\drivers\SynTP.sys
2014-09-04 23:30 . 2014-09-04 23:30 422640 ----a-w- c:\windows\system32\SynTPCo19.dll
2014-09-04 23:30 . 2014-09-04 23:30 252144 ----a-w- c:\windows\system32\SynTPAPI.dll
2014-09-04 23:30 . 2014-09-04 23:30 169712 ----a-w- c:\windows\SysWow64\SynTPCom.dll
2014-09-04 23:30 . 2014-09-04 23:30 723184 ----a-w- c:\windows\system32\SynCOM.dll
2014-09-04 23:30 . 2014-09-04 23:30 400624 ----a-w- c:\windows\SysWow64\SynCom.dll
2014-09-04 23:30 . 2014-09-04 23:30 34544 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-09-04 23:30 . 2014-09-04 23:30 161880 ----a-w- c:\windows\system32\pca-manta.bin
2014-09-04 23:30 . 2014-09-04 23:30 92 ----a-w- c:\windows\system32\calibration.bin
2014-09-04 21:43 . 2014-09-04 22:42 -------- d-----w- C:\ATLAS Consulting
2014-09-04 21:39 . 2014-09-05 11:38 -------- d-----w- c:\program files\Microsoft Office
2014-09-04 21:37 . 2014-09-04 21:37 -------- d-----r- C:\MSOCache
2014-09-04 21:31 . 2014-09-08 17:22 -------- d-----w- c:\programdata\Microsoft Help
2014-09-04 20:50 . 2014-09-08 19:29 -------- d-----w- c:\programdata\Binarysense
2014-09-04 20:17 . 2014-09-04 20:17 -------- d-----w- c:\program files (x86)\Elaborate Bytes
2014-09-04 20:04 . 2014-09-04 20:03 319912 ----a-w- c:\windows\system32\javaws.exe
2014-09-04 20:04 . 2014-09-04 20:03 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-09-04 20:04 . 2014-09-04 20:03 189352 ----a-w- c:\windows\system32\javaw.exe
2014-09-04 20:03 . 2014-09-04 20:03 -------- d-----w- c:\program files\Java
2014-09-04 20:00 . 2014-09-09 15:27 -------- d-----w- C:\!Download
2014-09-04 19:53 . 2014-09-04 19:53 -------- d-----w- c:\programdata\Zoner
2014-09-04 19:52 . 2014-09-04 19:52 -------- d-----w- c:\program files\Zoner
2014-09-04 19:18 . 2014-09-04 19:18 -------- d-----w- c:\program files\StrongDC++
2014-09-04 19:02 . 2014-09-04 19:02 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-09-04 19:02 . 2014-09-04 19:02 -------- d-----r- c:\program files (x86)\Skype
2014-09-04 19:02 . 2014-09-04 19:02 -------- d-----w- c:\programdata\Skype
2014-09-04 18:54 . 2014-09-04 18:54 -------- d-----w- c:\program files\ESET
2014-09-04 18:49 . 2014-09-04 18:49 -------- d-----w- C:\totalcmd
2014-09-04 18:15 . 2014-09-04 18:15 -------- d-----w- c:\programdata\DigitalPersona
2014-09-04 17:54 . 2014-09-04 17:54 -------- d-----w- c:\programdata\Infineon
2014-09-04 17:52 . 2014-09-04 17:52 90488 ----a-w- c:\windows\SysWow64\IfxTpmKsp.dll
2014-09-04 17:52 . 2014-09-04 17:52 44576 ----a-w- c:\windows\system32\drivers\psd.sys
2014-09-04 17:52 . 2014-09-04 17:52 123256 ----a-w- c:\windows\system32\IfxTpmKsp.dll
2014-09-04 17:49 . 2014-09-04 17:45 594472 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2014-09-04 17:47 . 2014-09-04 17:45 39976 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2014-09-04 17:47 . 2014-09-04 17:45 21544 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2014-09-04 17:47 . 2014-09-04 17:45 210984 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2014-09-04 17:47 . 2014-09-04 17:45 184872 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2014-09-04 17:46 . 2014-09-04 17:46 -------- d-----w- c:\program files\WIDCOMM
2014-09-04 17:44 . 2014-09-08 18:12 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-09-04 17:42 . 2014-09-04 17:44 -------- d-----w- c:\windows\Hewlett-Packard
2014-09-04 17:42 . 2014-09-04 17:42 -------- d-----w- c:\program files (x86)\Common Files\Telespree
2014-09-04 17:30 . 2014-09-04 17:30 -------- d-----w- c:\programdata\McAfee
2014-09-04 17:30 . 2014-09-04 17:30 -------- d-----w- C:\system.sav
2014-09-04 17:28 . 2014-09-04 17:28 -------- d-----w- c:\program files (x86)\AlcorMicro
2014-09-04 17:28 . 2014-09-04 17:28 -------- d-----w- c:\programdata\SZCCID
2014-09-04 17:27 . 2014-09-04 17:27 582144 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\DAO\DAO350.DLL
2014-09-04 17:27 . 2014-09-04 17:27 368912 ----a-w- c:\windows\SysWow64\VBAR332.DLL
2014-09-04 17:27 . 2014-09-04 17:27 252176 ----a-w- c:\windows\SysWow64\MSRD2X35.DLL
2014-09-04 17:27 . 2014-09-04 17:27 24848 ----a-w- c:\windows\SysWow64\MSJTER35.DLL
2014-09-04 17:27 . 2014-09-04 17:27 123664 ----a-w- c:\windows\SysWow64\MSJINT35.DLL
2014-09-04 17:27 . 2014-09-04 17:27 1045776 ----a-w- c:\windows\SysWow64\MSJET35.DLL
2014-09-04 16:56 . 2014-09-04 17:55 -------- d-----w- c:\programdata\HP
2014-09-04 16:43 . 2014-09-04 16:43 -------- d-----w- c:\programdata\Validity
2014-09-04 16:43 . 2014-09-04 16:43 -------- d-----w- c:\program files\Validity Sensors
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\system32\de
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\zh-Hant
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\zh-Hans
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\ru
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\ko
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\ja
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\it
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\fr
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\es
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\de
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-25 04:53 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-14 01:52 . 2014-09-03 19:49 190464 ----a-w- c:\windows\system32\rpchttp.dll
2014-07-14 01:42 . 2014-09-03 19:49 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2013-04-11 89600]
"GUDelayStartup"="c:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2014-09-01 37152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-09-11 766208]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2012-02-28 113288]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-04-05 94264]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-03-14 319360]
"IFXSPMGT"="c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2014-09-04 1126264]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2014-09-04 283160]
.
c:\users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Odeslat do OneNote.lnk - c:\program files\Microsoft Office\Office15\ONENOTEM.EXE /tsr [2014-6-10 222384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-4-1 1390368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-09-05 07:57 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLCDLOCK;Auditování/zamknutí zařízení nástroje HP ProtectTools;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys;c:\windows\SYSNATIVE\drivers\psd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
Obsah adresáře 'Naplánované úlohy'
.
2014-09-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-03 20:27]
.
2014-09-09 c:\windows\Tasks\GlaryInitialize 5.job
- c:\program files (x86)\Glary Utilities 5\Initialize.exe [2014-09-01 06:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-10-24 1664000]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2013-02-01 200704]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2014-02-24 5581888]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Od&eslat do OneNotu - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 195.113.44.11 195.113.0.2
TCP: Interfaces\{35CF0318-C97F-43EC-B91A-4BFB466DFBDE}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{15134cb0-b767-4960-a911-f2d16ae54797} - c:\programdata\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe
AddRemove-{22154f09-719a-4619-bb71-5b3356999fbf} - c:\programdata\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Glary Utilities 5\Integrator.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
c:\windows\SysWOW64\RunDll32.exe
.
**************************************************************************
.
Celkový čas: 2014-09-09 17:55:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-09-09 15:55
.
Před spuštěním: Volných bajtů: 565 702 418 432
Po spuštění: Volných bajtů: 565 334 409 216
.
- - End Of File - - D2FD7864F1BFB38743DC6DEBDFDC7957

#9 Příspěvek od **vyosek** » 09 zář 2014 17:04

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

Kód: Vybrat vše

KillAll::

Folder::
C:\Program Files (x86)\SavePass 1.1
C:\Windows\System32\Tasks\IMJI
C:\Windows\System32\Tasks\XVCUH
c:\program files\Enigma Software Group
c:\windows\AutoKMS

Collect::
C:\Windows\Tasks\BUITJI.job
C:\Users\RosstaS\AppData\Roaming\BUITJI.exe
C:\Windows\Tasks\IMJI.job
C:\Users\RosstaS\AppData\Roaming\IMJI.exe
C:\Windows\Tasks\SI.job
C:\Users\RosstaS\AppData\Roaming\SI.exe
C:\Windows\Tasks\XVCUH.job
C:\Users\RosstaS\AppData\Roaming\XVCUH.exe

File::
C:\Windows\Tasks\Adobe Flash Player Updater.job
C:\Windows\Tasks\GlaryInitialize 5.job

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Service 16]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]

RegLock::
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

azz · #10 Příspěvek od **azz** » 09 zář 2014 17:29

ComboFix 14-09-09.01 - RosstaS 09.09.2014 18:13:40.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.420.1029.18.4046.1670 [GMT 2:00]
Spuštěný z: c:\users\RosstaS\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\RosstaS\Desktop\CFScript.txt
AV: ESET Smart Security 7.0 *Enabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289}
FW: ESET Personální firewall *Enabled* {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
SP: ESET Smart Security 7.0 *Enabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Rezidentní štít AV je zapnutý
.
.
FILE ::
"c:\windows\Tasks\Adobe Flash Player Updater.job"
"c:\windows\Tasks\GlaryInitialize 5.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SavePass 1.1
c:\program files (x86)\SavePass 1.1\53a09489-3727-4dbe-a917-036aa0e4beee.exe
c:\program files\Enigma Software Group
c:\program files\Enigma Software Group\SpyHunter\cos.dat
c:\program files\Enigma Software Group\SpyHunter\gas.dat
c:\program files\Enigma Software Group\SpyHunter\gil.dat
c:\program files\Enigma Software Group\SpyHunter\INSTALL.LOG
c:\program files\Enigma Software Group\SpyHunter\Log\SpyHunter4_20140908_201411.log
c:\program files\Enigma Software Group\SpyHunter\Log\SpyHunter4_20140908_203650.log
c:\program files\Enigma Software Group\SpyHunter\safeol.dat
c:\program files\Enigma Software Group\SpyHunter\scanlog.log
c:\program files\Enigma Software Group\SpyHunter\supportlog.txt
c:\program files\Enigma Software Group\SpyHunter\unkcache.dat
c:\windows\AutoKMS
c:\windows\AutoKMS\AutoKMS.exe
c:\windows\AutoKMS\AutoKMS.ini
c:\windows\Tasks\Adobe Flash Player Updater.job
c:\windows\Tasks\GlaryInitialize 5.job
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-08-09 do 2014-09-09 )))))))))))))))))))))))))))))))
.
.
2014-09-09 16:20 . 2014-09-09 16:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-08 20:09 . 2014-09-08 20:10 -------- d-----w- C:\FRST
2014-09-08 19:00 . 2014-09-08 18:51 24064 ----a-w- c:\windows\zoek-delete.exe
2014-09-08 18:51 . 2014-09-08 18:59 -------- d-----w- C:\zoek_backup
2014-09-08 18:23 . 2014-09-08 18:23 -------- d-----w- c:\windows\ERUNT
2014-09-08 18:12 . 2014-09-08 18:47 -------- d-----w- c:\windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-08 17:14 . 2014-09-08 17:14 -------- d-----w- c:\program files\Microsoft.NET
2014-09-08 16:38 . 2014-09-08 16:38 -------- d-----w- c:\program files\Microsoft Silverlight
2014-09-08 16:38 . 2014-09-08 16:38 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2014-09-08 16:08 . 2014-08-21 09:24 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BD43B01D-28C6-42E6-95EB-BD4A918CD6ED}\mpengine.dll
2014-09-06 12:05 . 2014-09-06 12:05 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-09-06 12:05 . 2014-09-06 12:05 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-09-06 12:05 . 2014-09-06 12:05 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-09-06 12:05 . 2013-07-25 02:52 840264 ----a-w- c:\windows\SysWow64\pbsvc.exe
2014-09-06 12:05 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2014-09-06 12:05 . 2010-05-26 09:41 2401112 ----a-w- c:\windows\system32\D3DX9_43.dll
2014-09-05 11:40 . 2014-09-05 11:40 -------- d-----w- c:\program files\Common Files\DESIGNER
2014-09-05 11:39 . 2014-09-05 11:39 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2014-09-05 11:38 . 2014-09-05 11:38 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
2014-09-05 11:38 . 2014-09-05 11:39 -------- d-----w- c:\program files\Microsoft SQL Server
2014-09-05 09:51 . 2014-09-05 09:51 20672 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys
2014-09-05 09:51 . 2014-09-09 15:46 -------- d-----w- c:\program files (x86)\Glary Utilities 5
2014-09-05 08:54 . 2014-09-05 08:54 -------- d-----w- C:\WINDOWS1
2014-09-05 07:24 . 2005-03-18 15:19 3823312 ----a-w- c:\windows\system32\d3dx9_25.dll
2014-09-05 07:24 . 2005-02-05 17:45 3544272 ----a-w- c:\windows\system32\d3dx9_24.dll
2014-09-05 07:17 . 2014-09-05 07:17 -------- d-----w- C:\Hry
2014-09-05 06:47 . 2014-09-05 06:47 -------- d-----w- c:\windows\Migration
2014-09-05 06:42 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2014-09-05 06:37 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2014-09-05 06:37 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2014-09-05 06:37 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2014-09-05 06:37 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2014-09-05 06:37 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2014-09-05 06:37 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2014-09-05 06:37 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2014-09-05 05:59 . 2014-06-25 02:06 14179328 ----a-w- c:\windows\system32\shell32.dll
2014-09-05 05:40 . 2014-09-05 07:10 -------- d-----w- c:\programdata\Microsoft Toolkit
2014-09-05 05:25 . 2014-09-05 05:25 -------- d-----w- c:\program files\Microsoft Synchronization Services
2014-09-05 05:25 . 2014-09-05 05:25 -------- d-----w- c:\windows\PCHEALTH
2014-09-05 05:25 . 2014-09-05 05:25 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2014-09-05 05:21 . 2014-09-05 09:29 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2014-09-05 05:19 . 2014-09-05 05:19 -------- d-----w- c:\program files\Microsoft Analysis Services
2014-09-05 05:19 . 2014-09-05 05:19 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
2014-09-04 23:44 . 2014-09-04 23:44 439320 ----a-w- c:\windows\system32\drivers\iaStor.sys
2014-09-04 23:44 . 2014-09-04 23:43 64000 ------w- c:\windows\SysWow64\agrsmdel.exe
2014-09-04 23:44 . 2014-09-04 23:43 27648 ------w- c:\windows\SysWow64\agrsco64.dll
2014-09-04 23:44 . 2014-09-04 23:43 26624 ------w- c:\windows\SysWow64\agrscoin.dll
2014-09-04 23:44 . 2014-09-04 23:44 -------- d-----w- c:\program files\LSI SoftModem
2014-09-04 23:43 . 2014-09-04 23:43 -------- d-----w- c:\windows\Options
2014-09-04 23:43 . 2014-09-04 23:43 64000 ----a-w- c:\windows\agrsmdel.exe
2014-09-04 23:43 . 2014-09-04 23:43 1212416 ----a-w- c:\windows\system32\drivers\agrsm64.sys
2014-09-04 23:43 . 2014-09-04 23:43 42496 ----a-w- c:\windows\agrdel64.exe
2014-09-04 23:43 . 2014-09-04 23:43 27648 ----a-w- c:\windows\system32\agrsco64.dll
2014-09-04 23:41 . 2014-09-04 23:41 -------- d-----w- c:\program files\Intel
2014-09-04 23:36 . 2014-09-04 23:36 11499008 ----a-w- c:\windows\system32\drivers\Netwsw00.sys
2014-09-04 23:36 . 2014-09-04 23:36 3381008 ----a-w- c:\windows\system32\Netwrw00.dll
2014-09-04 23:36 . 2014-09-04 23:36 885520 ----a-w- c:\windows\system32\Netwcw00.dll
2014-09-04 23:30 . 2014-09-04 23:30 555760 ----a-w- c:\windows\system32\drivers\SynTP.sys
2014-09-04 23:30 . 2014-09-04 23:30 422640 ----a-w- c:\windows\system32\SynTPCo19.dll
2014-09-04 23:30 . 2014-09-04 23:30 252144 ----a-w- c:\windows\system32\SynTPAPI.dll
2014-09-04 23:30 . 2014-09-04 23:30 169712 ----a-w- c:\windows\SysWow64\SynTPCom.dll
2014-09-04 23:30 . 2014-09-04 23:30 723184 ----a-w- c:\windows\system32\SynCOM.dll
2014-09-04 23:30 . 2014-09-04 23:30 400624 ----a-w- c:\windows\SysWow64\SynCom.dll
2014-09-04 23:30 . 2014-09-04 23:30 34544 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-09-04 23:30 . 2014-09-04 23:30 161880 ----a-w- c:\windows\system32\pca-manta.bin
2014-09-04 23:30 . 2014-09-04 23:30 92 ----a-w- c:\windows\system32\calibration.bin
2014-09-04 21:43 . 2014-09-04 22:42 -------- d-----w- C:\ATLAS Consulting
2014-09-04 21:39 . 2014-09-05 11:38 -------- d-----w- c:\program files\Microsoft Office
2014-09-04 21:37 . 2014-09-04 21:37 -------- d-----r- C:\MSOCache
2014-09-04 21:31 . 2014-09-08 17:22 -------- d-----w- c:\programdata\Microsoft Help
2014-09-04 20:50 . 2014-09-08 19:29 -------- d-----w- c:\programdata\Binarysense
2014-09-04 20:17 . 2014-09-04 20:17 -------- d-----w- c:\program files (x86)\Elaborate Bytes
2014-09-04 20:04 . 2014-09-04 20:03 319912 ----a-w- c:\windows\system32\javaws.exe
2014-09-04 20:04 . 2014-09-04 20:03 111016 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2014-09-04 20:04 . 2014-09-04 20:03 189352 ----a-w- c:\windows\system32\javaw.exe
2014-09-04 20:03 . 2014-09-04 20:03 -------- d-----w- c:\program files\Java
2014-09-04 20:00 . 2014-09-09 15:27 -------- d-----w- C:\!Download
2014-09-04 19:53 . 2014-09-04 19:53 -------- d-----w- c:\programdata\Zoner
2014-09-04 19:52 . 2014-09-04 19:52 -------- d-----w- c:\program files\Zoner
2014-09-04 19:18 . 2014-09-04 19:18 -------- d-----w- c:\program files\StrongDC++
2014-09-04 19:02 . 2014-09-04 19:02 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-09-04 19:02 . 2014-09-04 19:02 -------- d-----r- c:\program files (x86)\Skype
2014-09-04 19:02 . 2014-09-04 19:02 -------- d-----w- c:\programdata\Skype
2014-09-04 18:54 . 2014-09-04 18:54 -------- d-----w- c:\program files\ESET
2014-09-04 18:49 . 2014-09-04 18:49 -------- d-----w- C:\totalcmd
2014-09-04 18:15 . 2014-09-04 18:15 -------- d-----w- c:\programdata\DigitalPersona
2014-09-04 17:54 . 2014-09-04 17:54 -------- d-----w- c:\programdata\Infineon
2014-09-04 17:52 . 2014-09-04 17:52 90488 ----a-w- c:\windows\SysWow64\IfxTpmKsp.dll
2014-09-04 17:52 . 2014-09-04 17:52 44576 ----a-w- c:\windows\system32\drivers\psd.sys
2014-09-04 17:52 . 2014-09-04 17:52 123256 ----a-w- c:\windows\system32\IfxTpmKsp.dll
2014-09-04 17:49 . 2014-09-04 17:45 594472 ----a-w- c:\windows\system32\drivers\btwampfl.sys
2014-09-04 17:47 . 2014-09-04 17:45 39976 ----a-w- c:\windows\system32\drivers\btwl2cap.sys
2014-09-04 17:47 . 2014-09-04 17:45 21544 ----a-w- c:\windows\system32\drivers\btwrchid.sys
2014-09-04 17:47 . 2014-09-04 17:45 210984 ----a-w- c:\windows\system32\drivers\btwavdt.sys
2014-09-04 17:47 . 2014-09-04 17:45 184872 ----a-w- c:\windows\system32\drivers\btwaudio.sys
2014-09-04 17:46 . 2014-09-04 17:46 -------- d-----w- c:\program files\WIDCOMM
2014-09-04 17:44 . 2014-09-08 18:12 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-09-04 17:42 . 2014-09-04 17:44 -------- d-----w- c:\windows\Hewlett-Packard
2014-09-04 17:42 . 2014-09-04 17:42 -------- d-----w- c:\program files (x86)\Common Files\Telespree
2014-09-04 17:30 . 2014-09-04 17:30 -------- d-----w- c:\programdata\McAfee
2014-09-04 17:30 . 2014-09-04 17:30 -------- d-----w- C:\system.sav
2014-09-04 17:28 . 2014-09-04 17:28 -------- d-----w- c:\program files (x86)\AlcorMicro
2014-09-04 17:28 . 2014-09-04 17:28 -------- d-----w- c:\programdata\SZCCID
2014-09-04 17:27 . 2014-09-04 17:27 582144 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\DAO\DAO350.DLL
2014-09-04 17:27 . 2014-09-04 17:27 368912 ----a-w- c:\windows\SysWow64\VBAR332.DLL
2014-09-04 17:27 . 2014-09-04 17:27 252176 ----a-w- c:\windows\SysWow64\MSRD2X35.DLL
2014-09-04 17:27 . 2014-09-04 17:27 24848 ----a-w- c:\windows\SysWow64\MSJTER35.DLL
2014-09-04 17:27 . 2014-09-04 17:27 123664 ----a-w- c:\windows\SysWow64\MSJINT35.DLL
2014-09-04 17:27 . 2014-09-04 17:27 1045776 ----a-w- c:\windows\SysWow64\MSJET35.DLL
2014-09-04 16:56 . 2014-09-04 17:55 -------- d-----w- c:\programdata\HP
2014-09-04 16:43 . 2014-09-04 16:43 -------- d-----w- c:\programdata\Validity
2014-09-04 16:43 . 2014-09-04 16:43 -------- d-----w- c:\program files\Validity Sensors
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\system32\de
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\zh-Hant
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\zh-Hans
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\ru
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\ko
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\ja
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\it
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\fr
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\es
2014-09-04 16:26 . 2014-09-04 16:27 -------- d-----w- c:\windows\SysWow64\de
2014-09-04 16:26 . 2014-09-04 17:44 -------- d-----w- c:\program files\Hewlett-Packard
2014-09-04 16:26 . 2014-09-04 16:26 -------- d-----w- c:\programdata\FLEXnet
2014-09-04 16:25 . 2014-09-04 16:25 -------- d-----w- c:\program files (x86)\VideoLAN
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-25 04:53 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-14 01:52 . 2014-09-03 19:49 190464 ----a-w- c:\windows\system32\rpchttp.dll
2014-07-14 01:42 . 2014-09-03 19:49 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:45 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShowBatteryBar"="c:\program files\BatteryBar\ShowBatteryBar.exe" [2013-04-11 89600]
"GUDelayStartup"="c:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2014-09-01 37152]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-09-11 766208]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2012-02-28 113288]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2011-04-05 94264]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-03-14 319360]
"IFXSPMGT"="c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" [2014-09-04 1126264]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2014-09-04 283160]
.
c:\users\RosstaS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Odeslat do OneNote.lnk - c:\program files\Microsoft Office\Office15\ONENOTEM.EXE /tsr [2014-6-10 222384]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2012-4-1 1390368]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-09-05 07:57 75320 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ DPPassFilter scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
R3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FLCDLOCK;Auditování/zamknutí zařízení nástroje HP ProtectTools;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfp.sys [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys;c:\windows\SYSNATIVE\DRIVERS\EpfwLWF.sys [x]
S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x]
S1 PersonalSecureDrive;PersonalSecureDrive;c:\windows\System32\drivers\psd.sys;c:\windows\SYSNATIVE\drivers\psd.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® + High Speed;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-10-24 1664000]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2013-02-01 200704]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2014-02-24 5581888]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: E&xportovat do Microsoft Excelu - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Od&eslat do OneNotu - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
TCP: DhcpNameServer = 195.113.44.11 195.113.0.2
TCP: Interfaces\{35CF0318-C97F-43EC-B91A-4BFB466DFBDE}: NameServer = 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{15134cb0-b767-4960-a911-f2d16ae54797} - c:\programdata\Package Cache\{15134cb0-b767-4960-a911-f2d16ae54797}\vcredist_x64.exe
AddRemove-{22154f09-719a-4619-bb71-5b3356999fbf} - c:\programdata\Package Cache\{22154f09-719a-4619-bb71-5b3356999fbf}\vcredist_x86.exe
.
.
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
c:\windows\SysWOW64\RunDll32.exe
.
**************************************************************************
.
Celkový čas: 2014-09-09 18:27:19 - počítač byl restartován
ComboFix-quarantined-files.txt 2014-09-09 16:27
ComboFix2.txt 2014-09-09 15:55
.
Před spuštěním: Volných bajtů: 565 442 621 440
Po spuštění: Volných bajtů: 565 374 627 840
.
- - End Of File - - FCB1D2BDCF5BC8E2D4D78AC7D6BACE0C

#11 Příspěvek od **vyosek** » 09 zář 2014 17:30

Jak se chova ntb???

azz · #12 Příspěvek od **azz** » 09 zář 2014 17:34

Žádná zásadní změna se neudála, stále mi intenzivně v prohlížeči vyskakují reklamní okna s popiskem Ads By SavePass 1.2 a rychlost je pořád špatná.

#13 Příspěvek od **vyosek** » 09 zář 2014 17:35

Operu odinstalujte a znovu nainstalujte. Bohuzel zatim neexistuje nastroj, ktery by jej dokazal cistit

Pak napiste jestli reklamy stale vyskakuji

azz · #14 Příspěvek od **azz** » 09 zář 2014 17:44

Nyní to vypadá, že to je OK. Mnohokrát děkuji za pomoc, která vedla k vyřešení problému.
Jen takové malé OT, nějaké doporučení, jak urychlit start notebooku? Zdá se mi, že doba 2 min 13 sec je na toto železo poněkud dlouhá.

Děkuji.

#15 Příspěvek od **vyosek** » 09 zář 2014 17:48

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

VIRY.CZ

Pomalý start notebooku, polofunkční prohlížeč

Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč

Re: Pomalý start notebooku, polofunkční prohlížeč