Zdravím
několikrát jsem spustil různý mallware, ale problém přetrvává. Díky
Log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015
Ran by Samsung (administrator) on SAMSUNG-PC on 06-05-2015 11:48:53
Running from C:\Users\Samsung\Desktop
Loaded Profiles: Samsung & (Available profiles: Samsung)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRTP.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
() C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Samsung\Downloads\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe [1208320 2010-12-17] ()
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2776872 2011-08-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-10-18] (Motorola Solutions, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe [355296 2015-05-05] (Tencent)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMGCShellExt64.dll [2015-04-07] (Tencent)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000 -> {309CD14B-E0DF-4197-BBD2-1DD771CAD782} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000 -> {6EA819C7-1B22-4C91-8F1B-05D34F997A43} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {309CD14B-E0DF-4197-BBD2-1DD771CAD782} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6EA819C7-1B22-4C91-8F1B-05D34F997A43} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSWebMon64.dat [2015-05-05] (Tencent)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2011-09-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2011-09-28] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\npQMExtensionsMozilla.dll [2015-05-05] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> ""
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-05]
CHR Extension: (Google Docs) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Karoshi - bookmark) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aojlcmjjlpijlapccagoecbfbpfiglfb [2014-05-03]
CHR Extension: (Google Drive) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-05-05]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-05-05]
CHR Extension: (YouTube) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Open Subtitles) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonfllophjimdlhgjgeemafmndfldldf [2014-10-27]
CHR Extension: (Chrome YouTube Downloader) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja [2014-08-14]
CHR Extension: (Google Search) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (Google Sheets) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-05]
CHR Extension: (Bookmark Manager) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-05]
CHR Extension: (MP3 Player) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadoojjbafjcfdjcafflfnoimccbnlfd [2014-10-21]
CHR Extension: (Skype Click to Call) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-15]
CHR Extension: (Google Wallet) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-14]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-05-05]
CHR Extension: (Downhill Jam) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjegjjfdamcmjikplaghiloojkpmdfm [2014-05-03]
CHR Extension: (Gmail) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [ooebklgpfnbcnpokahmdidgbmlcdepkm] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-04-10] (Foxit Software Inc.)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [708616 2015-04-08] (Garmin Ltd. or its subsidiaries)
R2 InstallFilterService; C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2010-12-17] () [File not signed]
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [184320 2011-07-06] (Intel Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-20] ()
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRtp.exe [297608 2015-05-05] (Tencent)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3014488 2015-03-24] (Samsung Electronics CO., LTD.)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOFrame.exe [293728 2015-05-05] (Tencent)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-05] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-20] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [56136 2014-11-06] (Baidu)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
S3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-15] (Intel Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk64.sys [62264 2015-05-05] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQSysMonX64.sys [127800 2015-05-05] (电脑管家)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R2 TAOAccelerator; C:\windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-05-05] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-05-05] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-05-05] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TS888x64.sys [28984 2015-05-06] (Tencent)
R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tscpm64.sys [42296 2015-05-05] (电脑管家)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsDefenseBT64.sys [28472 2015-05-05] (Tencent)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-05-05] (电脑管家)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSSysKit64.sys [87352 2015-05-05] (电脑管家)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S1 bd0001; system32\DRIVERS\bd0001.sys [X]
S1 bd0002; system32\DRIVERS\bd0002.sys [X]
S2 BDDefense; \??\C:\windows\system32\drivers\BDDefense.sys [X]
S1 BdSandBox; system32\DRIVERS\BdSandBox.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 cpuz134; \??\C:\Users\Samsung\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\Samsung\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 11:48 - 2015-05-06 11:48 - 00112640 _____ (forum.viry.cz) C:\Users\Samsung\Downloads\FRSTLauncher.exe
2015-05-06 11:35 - 2015-05-06 11:49 - 00025705 _____ () C:\Users\Samsung\Desktop\FRST.txt
2015-05-06 11:34 - 2015-05-06 11:48 - 00000000 ____D () C:\FRST
2015-05-06 11:27 - 2015-05-06 11:27 - 02101760 _____ (Farbar) C:\Users\Samsung\Desktop\FRST64.exe
2015-05-06 11:27 - 2015-05-06 11:27 - 00112640 _____ (forum.viry.cz) C:\Users\Samsung\Desktop\FRSTLauncher.exe
2015-05-06 11:26 - 2015-05-06 11:27 - 02101760 _____ (Farbar) C:\Users\Samsung\Downloads\FRST64.exe
2015-05-06 01:08 - 2015-05-06 01:08 - 00000808 _____ () C:\windows\PFRO.log
2015-05-06 01:08 - 2015-05-06 01:08 - 00000056 _____ () C:\windows\setupact.log
2015-05-06 01:08 - 2015-05-06 01:08 - 00000000 _____ () C:\windows\setuperr.log
2015-05-06 00:45 - 2015-05-06 00:46 - 00001305 _____ () C:\zoek-results.log
2015-05-06 00:43 - 2015-05-06 00:47 - 00000573 _____ () C:\runcheck.txt
2015-05-06 00:43 - 2015-05-06 00:43 - 01308672 _____ () C:\Users\Samsung\Downloads\zoek (1).exe
2015-05-06 00:42 - 2015-05-06 00:42 - 01308672 _____ () C:\Users\Samsung\Downloads\zoek.exe
2015-05-06 00:42 - 2015-05-06 00:42 - 00000000 ____D () C:\zoek_backup
2015-05-06 00:08 - 2015-05-06 01:07 - 00000000 ____D () C:\AdwCleaner
2015-05-06 00:07 - 2015-05-06 00:07 - 02204160 _____ () C:\Users\Samsung\Downloads\adwcleaner_4.203.exe
2015-05-05 23:56 - 2015-05-06 00:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-05 23:53 - 2015-05-06 00:30 - 00000000 ____D () C:\Users\Samsung\Desktop\mbar
2015-05-05 23:47 - 2015-05-05 23:49 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Samsung\Downloads\mbar-1.09.1.1004.exe
2015-05-05 23:23 - 2015-05-05 23:24 - 00768512 _____ (Reimage®) C:\Users\Samsung\Downloads\ReimageRepair.exe
2015-05-05 22:06 - 2015-05-06 01:10 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-05 22:06 - 2015-05-05 23:54 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-05 22:06 - 2015-05-05 22:16 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-05 22:06 - 2015-05-05 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-05 22:06 - 2015-05-05 22:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-05 22:06 - 2015-05-05 22:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-05 22:06 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-05-05 22:06 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-05-05 22:04 - 2015-05-05 22:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Samsung\Downloads\mbam-setup-2.1.4.1018.exe
2015-05-05 21:43 - 2015-05-05 21:43 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Norman Malware Cleaner
2015-05-05 18:27 - 2014-11-06 09:38 - 00056136 _____ (Baidu) C:\windows\system32\Drivers\BDMWrench_x64.sys
2015-05-05 18:26 - 2014-12-25 04:35 - 00152392 _____ (Baidu Technology) C:\windows\system32\Drivers\BDArKit.SYS
2015-05-05 17:17 - 2015-05-05 22:27 - 00000000 ____D () C:\Users\Samsung\AppData\Local\AVG Web TuneUp
2015-05-05 17:16 - 2015-05-05 17:16 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-05-05 17:16 - 2015-05-05 17:16 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-05-05 15:05 - 2015-05-05 15:05 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\AVG2015
2015-05-05 15:04 - 2015-05-05 15:04 - 00000937 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-05-05 15:04 - 2015-05-05 15:04 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\TuneUp Software
2015-05-05 15:04 - 2015-05-05 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-05 15:03 - 2015-05-05 17:34 - 00000000 ____D () C:\ProgramData\AVG2015
2015-05-05 15:03 - 2015-05-05 15:03 - 00000000 ___HD () C:\$AVG
2015-05-05 15:01 - 2015-05-05 15:01 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-05 14:56 - 2015-05-06 11:26 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-05 14:56 - 2015-05-05 17:16 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Avg2015
2015-05-05 14:56 - 2015-05-05 14:56 - 00000000 ____D () C:\Users\Samsung\AppData\Local\MFAData
2015-05-05 14:31 - 2015-05-05 14:35 - 00003254 _____ () C:\windows\System32\Tasks\Trojan Killer
2015-05-05 14:31 - 2015-05-05 14:31 - 00000000 ____D () C:\ProgramData\GridinSoft
2015-05-05 14:18 - 2015-05-05 14:52 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-05 13:46 - 2015-05-06 01:10 - 00028984 _____ (Tencent) C:\windows\SysWOW64\Drivers\TS888x64.sys
2015-05-05 13:21 - 2015-05-05 13:21 - 00000000 ____D () C:\Users\Samsung\AppData\Local\VS Revo Group
2015-05-05 13:17 - 2015-05-05 13:17 - 00000000 ____D () C:\ProgramData\TXQMPC
2015-05-05 13:07 - 2015-05-05 13:00 - 00099640 _____ (Tencent) C:\windows\system32\Drivers\TAOAccelerator64.sys
2015-05-05 13:04 - 2015-05-05 13:04 - 00000000 ____D () C:\Program Files\Common Files\Tencent
2015-05-05 13:02 - 2015-05-05 13:07 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Opera Software
2015-05-05 13:02 - 2015-05-05 13:02 - 00003194 _____ () C:\Users\Samsung\Desktop\MiniGet Smart Downloader.lnk
2015-05-05 13:02 - 2015-05-05 13:00 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\windows\system32\Drivers\TAOKernel64.sys
2015-05-05 13:02 - 2015-05-05 13:00 - 00087864 _____ (电脑管家) C:\windows\system32\Drivers\TFsFltX64.sys
2015-05-05 13:02 - 2015-05-05 13:00 - 00038200 _____ (电脑管家) C:\windows\system32\Drivers\TSSKX64.sys
2015-05-05 12:59 - 2015-05-05 14:20 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Tencent
2015-05-05 12:59 - 2015-05-05 13:47 - 00000000 ____D () C:\ProgramData\Tencent
2015-05-05 12:59 - 2015-05-05 12:59 - 00000000 ____D () C:\Program Files (x86)\Tencent
2015-05-05 12:57 - 2015-05-05 13:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-05 12:53 - 2015-05-06 11:35 - 00001694 _____ () C:\windows\Tasks\BYAIAMUF.job
2015-05-05 12:53 - 2015-05-05 17:37 - 00000000 ____D () C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf
2015-05-05 12:53 - 2015-05-05 12:53 - 00004728 _____ () C:\windows\System32\Tasks\BYAIAMUF
2015-05-05 12:51 - 2015-05-05 18:31 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-05-05 12:51 - 2015-04-03 07:01 - 00202576 _____ (Baidu) C:\windows\system32\Drivers\bd0001.sys_34897
2015-05-05 12:51 - 2014-12-05 11:35 - 00202576 _____ (Baidu) C:\windows\system32\Drivers\bd0001.sys_
2015-05-05 12:50 - 2015-05-05 22:58 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Seznam.cz
2015-04-26 19:17 - 2015-05-04 03:46 - 00000000 ____D () C:\Users\Samsung\Downloads\Magazine.Pack.02.20.2015-TV
2015-04-26 18:55 - 2015-04-26 18:57 - 00000000 ____D () C:\Users\Samsung\Downloads\Shaun.The.Sheep.A.Woolly.Good.Time.2010.DVDRip.XviD-FiCO [NO-RAR] - [ www.torrentday.com ]
2015-04-26 18:18 - 2015-04-26 22:44 - 00000000 ____D () C:\Users\Samsung\Downloads\Shaun the Sheep Party Animals (2010) DVDRip Xvid - EMU
2015-04-26 17:17 - 2015-04-26 17:27 - 00000000 ____D () C:\Users\Samsung\Downloads\Leave.The.World.Behind.2014.HDRip.XviD.MP3-RARBG
2015-04-26 16:43 - 2015-04-26 18:58 - 00000000 ____D () C:\Users\Samsung\Downloads\Song of the Sea 2014 720p BluRay x264 AAC - Ozlem
2015-04-26 15:34 - 2015-04-26 19:43 - 00000000 ____D () C:\Users\Samsung\Downloads\Chappie 2015 HDCAM New AUDIO x264-CPG
2015-04-26 15:33 - 2015-04-26 18:51 - 00000000 ____D () C:\Users\Samsung\Downloads\Appleseed Ex Machina [2007].x264.DVDrip.wBONUS(ANIME)
2015-04-26 15:31 - 2015-04-26 18:53 - 00000000 ____D () C:\Users\Samsung\Downloads\Going Clear Scientology and the Prison of Belief 2015 HDTV x264-FUM[ettv]
2015-04-26 15:26 - 2015-04-26 18:55 - 00000000 ____D () C:\Users\Samsung\Downloads\Shaun the Sheep. The Big Chase.2011.DVDRip.XViD-WBZ
2015-04-26 15:20 - 2015-04-26 19:50 - 00000000 ____D () C:\Users\Samsung\Downloads\Kingsman-The.Secret.Service.2014.HDCAM.XVID.AC3.HQ.Hive-CM8
2015-04-26 13:48 - 2015-04-26 13:48 - 00000000 ____D () C:\windows\system32\SRSLabs
2015-04-26 13:47 - 2012-08-07 18:51 - 04102928 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2015-04-26 13:47 - 2012-08-07 15:11 - 00329737 _____ () C:\windows\system32\Drivers\RTAIODAT.DAT
2015-04-26 13:47 - 2012-08-06 15:44 - 01561744 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2015-04-26 13:47 - 2012-08-06 11:49 - 02743440 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2015-04-26 13:47 - 2012-08-03 12:13 - 05911552 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoRes64.dat
2015-04-26 13:47 - 2012-08-01 18:29 - 00109200 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2015-04-26 13:47 - 2012-07-24 17:30 - 00606336 _____ (Sony Corporation) C:\windows\system32\SFSS_APO.dll
2015-04-26 13:47 - 2012-07-20 14:41 - 00880784 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2015-04-26 13:47 - 2012-07-19 16:52 - 07598456 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek64.dll
2015-04-26 13:47 - 2012-07-19 16:52 - 02028920 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioEQ64.dll
2015-04-26 13:47 - 2012-07-19 16:51 - 02080120 _____ (Waves Audio Ltd.) C:\windows\system32\WavesGUILib64.dll
2015-04-26 13:47 - 2012-07-19 16:51 - 00834936 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPOShell64.dll
2015-04-26 13:47 - 2012-07-16 14:16 - 03643024 _____ (Realtek Semiconductor Corp.) C:\windows\system32\SETCE90.tmp
2015-04-26 13:47 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVolumeSDAPO.dll
2015-04-26 13:47 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO30.dll
2015-04-26 13:47 - 2012-07-02 15:39 - 01264272 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2015-04-26 13:47 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 07163784 _____ (Dolby Laboratories) C:\windows\system32\R4EEP64A.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 00433544 _____ (Dolby Laboratories) C:\windows\system32\R4EED64A.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 00141192 _____ (Dolby Laboratories) C:\windows\system32\R4EEL64A.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 00123784 _____ (Dolby Laboratories) C:\windows\system32\R4EEA64A.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 00074632 _____ (Dolby Laboratories) C:\windows\system32\R4EEG64A.dll
2015-04-26 13:47 - 2012-04-10 14:40 - 02533952 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2015-04-26 13:47 - 2012-03-08 11:47 - 00202336 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2015-04-26 13:47 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
2015-04-26 13:47 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtlCPAPI64.dll
2015-04-26 13:41 - 2015-04-26 13:41 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_XHCIPort_01009.Wdf
2015-04-26 13:41 - 2015-04-26 13:41 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_usb3Hub_01009.Wdf
2015-04-26 13:40 - 2015-04-26 13:40 - 00002533 _____ () C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt
2015-04-26 13:40 - 2015-04-26 13:40 - 00002022 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
2015-04-26 13:40 - 2015-04-26 13:40 - 00002010 _____ () C:\Users\Public\Desktop\Intel(R) WiDi.lnk
2015-04-26 13:40 - 2015-04-26 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-04-26 13:40 - 2015-04-26 13:40 - 00000000 ____D () C:\Program Files\Intel Corporation
2015-04-26 13:30 - 2015-04-26 13:30 - 00003214 _____ () C:\windows\System32\Tasks\advSRS5
2015-04-26 13:30 - 2015-04-26 13:30 - 00001840 _____ () C:\Users\Public\Desktop\Samsung Recovery Solution 5.lnk
2015-04-26 13:20 - 2015-04-26 13:20 - 00001906 _____ () C:\Users\Public\Desktop\SW Update.lnk
2015-04-18 09:36 - 2015-04-18 09:36 - 00001049 _____ () C:\Users\Public\Desktop\Foxit PhantomPDF.lnk
2015-04-18 09:36 - 2015-04-18 09:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2015-04-18 09:13 - 2015-04-26 23:19 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Foxit Software
2015-04-18 09:13 - 2015-04-18 09:36 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-04-18 09:13 - 2015-04-18 09:13 - 00001311 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2015-04-18 09:13 - 2015-04-18 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-04-18 09:12 - 2015-04-18 09:35 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2015-04-16 09:03 - 2015-04-16 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 13:06 - 2015-04-15 13:06 - 00256992 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2015-04-15 11:17 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 11:17 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 11:17 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 11:17 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 11:17 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-15 11:17 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-15 11:17 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-15 11:17 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-15 11:17 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-15 11:16 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-15 11:16 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-04-15 11:16 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 11:16 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 11:16 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 11:16 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 11:16 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-15 11:16 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-15 11:16 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 11:16 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-04-15 11:16 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-04-15 11:16 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-15 11:16 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-15 11:16 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-04-15 11:16 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-04-15 11:16 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-15 11:16 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-15 11:16 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-15 11:16 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-04-15 11:16 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-04-15 11:16 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-04-15 11:16 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-04-15 11:16 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-04-15 11:16 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-04-15 11:16 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-04-15 11:16 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-04-15 11:16 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:16 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-15 11:16 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-15 11:16 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-15 11:16 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-15 11:16 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-15 11:16 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-15 11:16 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 11:16 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-04-15 11:16 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-04-15 11:16 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 11:16 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-04-15 11:16 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-04-15 11:16 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-04-15 11:16 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-15 11:16 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-04-15 11:16 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-04-15 11:16 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-04-15 11:16 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-04-15 11:16 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-04-15 11:16 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-04-15 11:16 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 11:16 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 11:16 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-04-15 11:16 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 11:16 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-04-15 11:16 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-04-15 11:16 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-04-15 11:16 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-04-15 11:16 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-04-15 11:16 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 11:16 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 11:16 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-04-15 11:16 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-04-15 11:16 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-15 11:16 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-15 11:16 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-04-15 11:16 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-04-15 11:16 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-15 11:16 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-04-15 11:16 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-15 11:15 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 11:15 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 11:15 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-15 11:15 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 11:15 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-15 11:15 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-15 11:15 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-15 11:15 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-15 11:15 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-15 11:15 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 11:15 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-15 11:15 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-04-15 11:15 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-04-15 11:15 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-15 11:15 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 11:15 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-15 11:15 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-15 11:15 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 11:15 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-04-15 11:15 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-04-15 11:15 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 11:15 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-04-15 11:15 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-04-15 11:13 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-15 11:13 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 11:13 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-04-14 17:19 - 2015-04-25 16:45 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\BitTorrent Maelstrom
2015-04-13 08:54 - 2015-04-13 08:54 - 00067072 _____ () C:\Users\Samsung\Documents\Vyrobni kniha unor2015.xls
2015-04-09 19:59 - 2015-04-09 19:59 - 00000000 ____D () C:\Users\Default\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-09 19:59 - 2015-04-09 19:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-09 19:58 - 2015-04-09 19:58 - 00001850 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2015-04-09 14:11 - 2015-04-09 14:11 - 00284128 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2015-04-08 09:58 - 2015-04-08 09:58 - 00045056 _____ () C:\Users\Samsung\Downloads\vyuctovani+prubezna.xls
2015-04-07 12:39 - 2015-04-07 12:39 - 00291296 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2015-04-07 09:20 - 2015-04-07 09:20 - 00068608 _____ () C:\Users\Samsung\Documents\Vyrobni kniha leden2015.xls
2015-04-07 08:30 - 2015-04-07 08:30 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-04-07 08:30 - 2015-04-07 08:30 - 00000000 ___SD () C:\windows\system32\GWX
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 11:28 - 2014-01-14 19:41 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-06 11:22 - 2014-01-14 18:46 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-06 11:21 - 2012-02-06 19:04 - 00669236 _____ () C:\windows\system32\perfh005.dat
2015-05-06 11:21 - 2012-02-06 19:04 - 00141606 _____ () C:\windows\system32\perfc005.dat
2015-05-06 11:21 - 2009-07-14 07:13 - 01584802 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-06 11:21 - 2009-07-14 06:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-06 11:21 - 2009-07-14 06:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-06 01:16 - 2014-01-15 18:03 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\BitTorrent
2015-05-06 01:09 - 2014-01-14 18:46 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-06 01:08 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-06 00:10 - 2014-02-01 13:31 - 00000000 ____D () C:\Users\Samsung\Desktop\filip
2015-05-05 22:44 - 2012-02-06 01:57 - 00000000 ____D () C:\windows\PCHEALTH
2015-05-05 22:42 - 2014-09-14 10:45 - 00000000 _RSHD () C:\Users\Samsung\j7g8yb7f712c
2015-05-05 22:42 - 2014-09-14 10:45 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Imminent
2015-05-05 17:37 - 2014-01-15 17:44 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2015-05-05 14:19 - 2013-12-22 12:17 - 00059648 _____ () C:\Users\Samsung\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-05 13:46 - 2009-07-14 06:45 - 00280096 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-05 13:07 - 2013-12-19 08:52 - 00001393 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-05 13:05 - 2013-12-19 08:51 - 00000000 ____D () C:\Users\Samsung\AppData\Local\VirtualStore
2015-05-02 20:10 - 2014-10-28 21:56 - 00001088 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2015-05-02 20:10 - 2014-10-28 21:56 - 00001082 _____ () C:\Users\Public\Desktop\BS.Player FREE.lnk
2015-05-01 12:01 - 2014-01-14 19:01 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-26 19:44 - 2015-01-16 17:01 - 00000000 ____D () C:\Users\Samsung\Downloads\Subs
2015-04-26 14:02 - 2012-02-06 01:35 - 00005326 _____ () C:\windows\HotFixList.ini
2015-04-26 13:50 - 2012-02-06 01:26 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-04-26 13:49 - 2012-02-06 01:26 - 00002474 _____ () C:\RHDSetup.log
2015-04-26 13:49 - 2012-02-06 01:26 - 00000206 _____ () C:\setup.log
2015-04-26 13:49 - 2012-02-06 01:26 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-04-26 13:48 - 2012-02-06 01:26 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2015-04-26 13:40 - 2012-02-06 01:27 - 00000000 ____D () C:\ProgramData\Intel
2015-04-26 13:33 - 2012-02-06 01:31 - 00000000 ____D () C:\ProgramData\WinClon
2015-04-26 13:30 - 2012-02-06 01:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-04-26 13:30 - 2012-02-06 01:31 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-04-26 13:30 - 2012-02-06 01:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-26 13:20 - 2012-02-06 01:39 - 00000000 ____D () C:\ProgramData\SAMSUNG
2015-04-25 11:55 - 2014-01-15 17:06 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-25 11:55 - 2014-01-15 17:06 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-23 10:52 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\AppCompat
2015-04-18 09:34 - 2014-01-29 23:32 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-17 20:28 - 2014-01-14 19:41 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-17 20:28 - 2014-01-14 19:41 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-17 20:28 - 2014-01-14 19:41 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-04-17 19:03 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2015-04-17 10:53 - 2014-10-15 08:45 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-17 10:53 - 2014-01-29 23:20 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-17 10:45 - 2015-01-22 10:12 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-17 09:58 - 2015-01-20 20:32 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-17 09:58 - 2014-05-08 09:56 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-17 09:58 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-04-16 09:07 - 2014-01-19 21:19 - 01560452 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-04-16 09:03 - 2014-01-15 17:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 09:03 - 2013-12-19 08:51 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 09:01 - 2014-01-14 21:05 - 00000000 ____D () C:\windows\system32\MRT
2015-04-12 09:23 - 2014-03-22 06:50 - 00000000 ____D () C:\Users\Samsung\Downloads\Words of my Perfect Teacher - Dzongsar Khyentse Rinpoche
2015-04-09 19:59 - 2014-03-10 02:23 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-04-09 19:58 - 2014-03-10 10:39 - 00003556 _____ () C:\windows\System32\Tasks\GarminUpdaterTask
2015-04-09 19:58 - 2014-03-10 10:39 - 00000000 ____D () C:\ProgramData\Garmin
2015-04-09 19:58 - 2014-03-10 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
==================== Files in the root of some directories =======
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Samsung\AppData\Roaming\BYAIAMUF
2011-09-28 16:18 - 2011-09-28 16:18 - 0020944 _____ (Intel Corporation) C:\Users\Samsung\AppData\Roaming\JomCap.dll
2015-04-26 13:40 - 2015-04-26 13:40 - 0002533 _____ () C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt
2014-03-03 18:26 - 2014-03-03 18:26 - 0001631 _____ () C:\Users\Samsung\AppData\Local\PDLSetup.20140303.172601.txt
2014-10-20 21:08 - 2014-10-20 21:08 - 0000218 _____ () C:\Users\Samsung\AppData\Local\recently-used.xbel
2015-04-26 13:39 - 2015-04-26 13:41 - 0027554 _____ () C:\Users\Samsung\AppData\Local\WiDiSetupLog.20150426.133951.txt
Some content of TEMP:
====================
C:\Users\Samsung\AppData\Local\Temp\7za.exe
C:\Users\Samsung\AppData\Local\Temp\DaS_21.exe
C:\Users\Samsung\AppData\Local\Temp\F0212_s_31184.exe
C:\Users\Samsung\AppData\Local\Temp\G0417_s_71353.exe
C:\Users\Samsung\AppData\Local\Temp\hijackthis.exe
C:\Users\Samsung\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Samsung\AppData\Local\Temp\NirCmd.exe
C:\Users\Samsung\AppData\Local\Temp\PCMgr_AndroidServer.exe
C:\Users\Samsung\AppData\Local\Temp\PEVZ.EXE
C:\Users\Samsung\AppData\Local\Temp\qqpcmgr_v10.8.16208.227_71919_Silence.exe
C:\Users\Samsung\AppData\Local\Temp\Quarantine.exe
C:\Users\Samsung\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Samsung\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Samsung\AppData\Local\Temp\remove.exe
C:\Users\Samsung\AppData\Local\Temp\sed.exe
C:\Users\Samsung\AppData\Local\Temp\shortcut.exe
C:\Users\Samsung\AppData\Local\Temp\sqlite3.dll
C:\Users\Samsung\AppData\Local\Temp\swreg.exe
C:\Users\Samsung\AppData\Local\Temp\swxcacls.exe
C:\Users\Samsung\AppData\Local\Temp\tmp76F.exe
C:\Users\Samsung\AppData\Local\Temp\wget.exe
C:\Users\Samsung\AppData\Local\Temp\zoek-delete.exe
C:\Users\Samsung\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\BYAIAMUF.job => C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: 电脑管家系统防护 (Disabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: 电脑管家系统防护 (Disabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Samsung\Desktop" je 1278 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015
Ran by Samsung (administrator) on SAMSUNG-PC on 06-05-2015 11:53:58
Running from C:\Users\Samsung\Desktop
Loaded Profiles: Samsung (Available profiles: Samsung)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRTP.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
() C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Samsung\Desktop\FRSTLauncher.exe
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
asi Baidu a nějaký čínan
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: asi Baidu a nějaký čínan
pokračování
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe [1208320 2010-12-17] ()
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2776872 2011-08-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-10-18] (Motorola Solutions, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe [355296 2015-05-05] (Tencent)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMGCShellExt64.dll [2015-04-07] (Tencent)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000 -> {309CD14B-E0DF-4197-BBD2-1DD771CAD782} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000 -> {6EA819C7-1B22-4C91-8F1B-05D34F997A43} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSWebMon64.dat [2015-05-05] (Tencent)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2011-09-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2011-09-28] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\npQMExtensionsMozilla.dll [2015-05-05] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> ""
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-05]
CHR Extension: (Google Docs) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Karoshi - bookmark) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aojlcmjjlpijlapccagoecbfbpfiglfb [2014-05-03]
CHR Extension: (Google Drive) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-05-05]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-05-05]
CHR Extension: (YouTube) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Open Subtitles) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonfllophjimdlhgjgeemafmndfldldf [2014-10-27]
CHR Extension: (Chrome YouTube Downloader) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja [2014-08-14]
CHR Extension: (Google Search) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (Google Sheets) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-05]
CHR Extension: (Bookmark Manager) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-05]
CHR Extension: (MP3 Player) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadoojjbafjcfdjcafflfnoimccbnlfd [2014-10-21]
CHR Extension: (Skype Click to Call) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-15]
CHR Extension: (Google Wallet) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-14]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-05-05]
CHR Extension: (Downhill Jam) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjegjjfdamcmjikplaghiloojkpmdfm [2014-05-03]
CHR Extension: (Gmail) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [ooebklgpfnbcnpokahmdidgbmlcdepkm] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-04-10] (Foxit Software Inc.)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [708616 2015-04-08] (Garmin Ltd. or its subsidiaries)
R2 InstallFilterService; C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2010-12-17] () [File not signed]
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [184320 2011-07-06] (Intel Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-20] ()
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRtp.exe [297608 2015-05-05] (Tencent)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3014488 2015-03-24] (Samsung Electronics CO., LTD.)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOFrame.exe [293728 2015-05-05] (Tencent)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-05] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-20] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [56136 2014-11-06] (Baidu)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
S3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-15] (Intel Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk64.sys [62264 2015-05-05] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQSysMonX64.sys [127800 2015-05-05] (电脑管家)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R2 TAOAccelerator; C:\windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-05-05] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-05-05] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-05-05] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TS888x64.sys [28984 2015-05-06] (Tencent)
R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tscpm64.sys [42296 2015-05-05] (电脑管家)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsDefenseBT64.sys [28472 2015-05-05] (Tencent)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-05-05] (电脑管家)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSSysKit64.sys [87352 2015-05-05] (电脑管家)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S1 bd0001; system32\DRIVERS\bd0001.sys [X]
S1 bd0002; system32\DRIVERS\bd0002.sys [X]
S2 BDDefense; \??\C:\windows\system32\drivers\BDDefense.sys [X]
S1 BdSandBox; system32\DRIVERS\BdSandBox.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 cpuz134; \??\C:\Users\Samsung\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\Samsung\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 11:51 - 2015-05-06 11:54 - 00024294 _____ () C:\Users\Samsung\Desktop\FRST.txt
2015-05-06 11:50 - 2015-05-06 11:50 - 00076250 _____ () C:\Users\Samsung\Desktop\FRST3.txt
2015-05-06 11:48 - 2015-05-06 11:48 - 00112640 _____ (forum.viry.cz) C:\Users\Samsung\Desktop\FRSTLauncher.exe
2015-05-06 11:34 - 2015-05-06 11:54 - 00000000 ____D () C:\FRST
2015-05-06 11:27 - 2015-05-06 11:27 - 02101760 _____ (Farbar) C:\Users\Samsung\Desktop\FRST64.exe
2015-05-06 11:26 - 2015-05-06 11:27 - 02101760 _____ (Farbar) C:\Users\Samsung\Downloads\FRST64.exe
2015-05-06 01:08 - 2015-05-06 01:08 - 00000808 _____ () C:\windows\PFRO.log
2015-05-06 01:08 - 2015-05-06 01:08 - 00000056 _____ () C:\windows\setupact.log
2015-05-06 01:08 - 2015-05-06 01:08 - 00000000 _____ () C:\windows\setuperr.log
2015-05-06 00:45 - 2015-05-06 00:46 - 00001305 _____ () C:\zoek-results.log
2015-05-06 00:43 - 2015-05-06 00:47 - 00000573 _____ () C:\runcheck.txt
2015-05-06 00:43 - 2015-05-06 00:43 - 01308672 _____ () C:\Users\Samsung\Downloads\zoek (1).exe
2015-05-06 00:42 - 2015-05-06 00:42 - 01308672 _____ () C:\Users\Samsung\Downloads\zoek.exe
2015-05-06 00:42 - 2015-05-06 00:42 - 00000000 ____D () C:\zoek_backup
2015-05-06 00:08 - 2015-05-06 01:07 - 00000000 ____D () C:\AdwCleaner
2015-05-06 00:07 - 2015-05-06 00:07 - 02204160 _____ () C:\Users\Samsung\Downloads\adwcleaner_4.203.exe
2015-05-05 23:56 - 2015-05-06 00:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-05 23:53 - 2015-05-06 00:30 - 00000000 ____D () C:\Users\Samsung\Desktop\mbar
2015-05-05 23:47 - 2015-05-05 23:49 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Samsung\Downloads\mbar-1.09.1.1004.exe
2015-05-05 23:23 - 2015-05-05 23:24 - 00768512 _____ (Reimage®) C:\Users\Samsung\Downloads\ReimageRepair.exe
2015-05-05 22:06 - 2015-05-06 01:10 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-05 22:06 - 2015-05-05 23:54 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-05 22:06 - 2015-05-05 22:16 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-05 22:06 - 2015-05-05 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-05 22:06 - 2015-05-05 22:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-05 22:06 - 2015-05-05 22:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-05 22:06 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-05-05 22:06 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-05-05 22:04 - 2015-05-05 22:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Samsung\Downloads\mbam-setup-2.1.4.1018.exe
2015-05-05 21:43 - 2015-05-05 21:43 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Norman Malware Cleaner
2015-05-05 18:27 - 2014-11-06 09:38 - 00056136 _____ (Baidu) C:\windows\system32\Drivers\BDMWrench_x64.sys
2015-05-05 18:26 - 2014-12-25 04:35 - 00152392 _____ (Baidu Technology) C:\windows\system32\Drivers\BDArKit.SYS
2015-05-05 17:17 - 2015-05-05 22:27 - 00000000 ____D () C:\Users\Samsung\AppData\Local\AVG Web TuneUp
2015-05-05 17:16 - 2015-05-05 17:16 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-05-05 17:16 - 2015-05-05 17:16 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-05-05 15:05 - 2015-05-05 15:05 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\AVG2015
2015-05-05 15:04 - 2015-05-05 15:04 - 00000937 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-05-05 15:04 - 2015-05-05 15:04 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\TuneUp Software
2015-05-05 15:04 - 2015-05-05 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-05 15:03 - 2015-05-05 17:34 - 00000000 ____D () C:\ProgramData\AVG2015
2015-05-05 15:03 - 2015-05-05 15:03 - 00000000 ___HD () C:\$AVG
2015-05-05 15:01 - 2015-05-05 15:01 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-05 14:56 - 2015-05-06 11:26 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-05 14:56 - 2015-05-05 17:16 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Avg2015
2015-05-05 14:56 - 2015-05-05 14:56 - 00000000 ____D () C:\Users\Samsung\AppData\Local\MFAData
2015-05-05 14:31 - 2015-05-05 14:35 - 00003254 _____ () C:\windows\System32\Tasks\Trojan Killer
2015-05-05 14:31 - 2015-05-05 14:31 - 00000000 ____D () C:\ProgramData\GridinSoft
2015-05-05 14:18 - 2015-05-05 14:52 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-05 13:46 - 2015-05-06 01:10 - 00028984 _____ (Tencent) C:\windows\SysWOW64\Drivers\TS888x64.sys
2015-05-05 13:21 - 2015-05-05 13:21 - 00000000 ____D () C:\Users\Samsung\AppData\Local\VS Revo Group
2015-05-05 13:17 - 2015-05-05 13:17 - 00000000 ____D () C:\ProgramData\TXQMPC
2015-05-05 13:07 - 2015-05-05 13:00 - 00099640 _____ (Tencent) C:\windows\system32\Drivers\TAOAccelerator64.sys
2015-05-05 13:04 - 2015-05-05 13:04 - 00000000 ____D () C:\Program Files\Common Files\Tencent
2015-05-05 13:02 - 2015-05-05 13:07 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Opera Software
2015-05-05 13:02 - 2015-05-05 13:02 - 00003194 _____ () C:\Users\Samsung\Desktop\MiniGet Smart Downloader.lnk
2015-05-05 13:02 - 2015-05-05 13:00 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\windows\system32\Drivers\TAOKernel64.sys
2015-05-05 13:02 - 2015-05-05 13:00 - 00087864 _____ (电脑管家) C:\windows\system32\Drivers\TFsFltX64.sys
2015-05-05 13:02 - 2015-05-05 13:00 - 00038200 _____ (电脑管家) C:\windows\system32\Drivers\TSSKX64.sys
2015-05-05 12:59 - 2015-05-05 14:20 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Tencent
2015-05-05 12:59 - 2015-05-05 13:47 - 00000000 ____D () C:\ProgramData\Tencent
2015-05-05 12:59 - 2015-05-05 12:59 - 00000000 ____D () C:\Program Files (x86)\Tencent
2015-05-05 12:57 - 2015-05-05 13:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-05 12:53 - 2015-05-06 11:35 - 00001694 _____ () C:\windows\Tasks\BYAIAMUF.job
2015-05-05 12:53 - 2015-05-05 17:37 - 00000000 ____D () C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf
2015-05-05 12:53 - 2015-05-05 12:53 - 00004728 _____ () C:\windows\System32\Tasks\BYAIAMUF
2015-05-05 12:51 - 2015-05-05 18:31 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-05-05 12:51 - 2015-04-03 07:01 - 00202576 _____ (Baidu) C:\windows\system32\Drivers\bd0001.sys_34897
2015-05-05 12:51 - 2014-12-05 11:35 - 00202576 _____ (Baidu) C:\windows\system32\Drivers\bd0001.sys_
2015-05-05 12:50 - 2015-05-05 22:58 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Seznam.cz
2015-04-26 19:17 - 2015-05-04 03:46 - 00000000 ____D () C:\Users\Samsung\Downloads\Magazine.Pack.02.20.2015-TV
2015-04-26 18:55 - 2015-04-26 18:57 - 00000000 ____D () C:\Users\Samsung\Downloads\Shaun.The.Sheep.A.Woolly.Good.Time.2010.DVDRip.XviD-FiCO [NO-RAR] - [ www.torrentday.com ]
2015-04-26 18:18 - 2015-04-26 22:44 - 00000000 ____D () C:\Users\Samsung\Downloads\Shaun the Sheep Party Animals (2010) DVDRip Xvid - EMU
2015-04-26 17:17 - 2015-04-26 17:27 - 00000000 ____D () C:\Users\Samsung\Downloads\Leave.The.World.Behind.2014.HDRip.XviD.MP3-RARBG
2015-04-26 16:43 - 2015-04-26 18:58 - 00000000 ____D () C:\Users\Samsung\Downloads\Song of the Sea 2014 720p BluRay x264 AAC - Ozlem
2015-04-26 15:34 - 2015-04-26 19:43 - 00000000 ____D () C:\Users\Samsung\Downloads\Chappie 2015 HDCAM New AUDIO x264-CPG
2015-04-26 15:33 - 2015-04-26 18:51 - 00000000 ____D () C:\Users\Samsung\Downloads\Appleseed Ex Machina [2007].x264.DVDrip.wBONUS(ANIME)
2015-04-26 15:31 - 2015-04-26 18:53 - 00000000 ____D () C:\Users\Samsung\Downloads\Going Clear Scientology and the Prison of Belief 2015 HDTV x264-FUM[ettv]
2015-04-26 15:26 - 2015-04-26 18:55 - 00000000 ____D () C:\Users\Samsung\Downloads\Shaun the Sheep. The Big Chase.2011.DVDRip.XViD-WBZ
2015-04-26 15:20 - 2015-04-26 19:50 - 00000000 ____D () C:\Users\Samsung\Downloads\Kingsman-The.Secret.Service.2014.HDCAM.XVID.AC3.HQ.Hive-CM8
2015-04-26 13:48 - 2015-04-26 13:48 - 00000000 ____D () C:\windows\system32\SRSLabs
2015-04-26 13:47 - 2012-08-07 18:51 - 04102928 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2015-04-26 13:47 - 2012-08-07 15:11 - 00329737 _____ () C:\windows\system32\Drivers\RTAIODAT.DAT
2015-04-26 13:47 - 2012-08-06 15:44 - 01561744 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2015-04-26 13:47 - 2012-08-06 11:49 - 02743440 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2015-04-26 13:47 - 2012-08-03 12:13 - 05911552 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoRes64.dat
2015-04-26 13:47 - 2012-08-01 18:29 - 00109200 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2015-04-26 13:47 - 2012-07-24 17:30 - 00606336 _____ (Sony Corporation) C:\windows\system32\SFSS_APO.dll
2015-04-26 13:47 - 2012-07-20 14:41 - 00880784 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2015-04-26 13:47 - 2012-07-19 16:52 - 07598456 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek64.dll
2015-04-26 13:47 - 2012-07-19 16:52 - 02028920 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioEQ64.dll
2015-04-26 13:47 - 2012-07-19 16:51 - 02080120 _____ (Waves Audio Ltd.) C:\windows\system32\WavesGUILib64.dll
2015-04-26 13:47 - 2012-07-19 16:51 - 00834936 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPOShell64.dll
2015-04-26 13:47 - 2012-07-16 14:16 - 03643024 _____ (Realtek Semiconductor Corp.) C:\windows\system32\SETCE90.tmp
2015-04-26 13:47 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVolumeSDAPO.dll
2015-04-26 13:47 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO30.dll
2015-04-26 13:47 - 2012-07-02 15:39 - 01264272 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2015-04-26 13:47 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 07163784 _____ (Dolby Laboratories) C:\windows\system32\R4EEP64A.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 00433544 _____ (Dolby Laboratories) C:\windows\system32\R4EED64A.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 00141192 _____ (Dolby Laboratories) C:\windows\system32\R4EEL64A.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 00123784 _____ (Dolby Laboratories) C:\windows\system32\R4EEA64A.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 00074632 _____ (Dolby Laboratories) C:\windows\system32\R4EEG64A.dll
2015-04-26 13:47 - 2012-04-10 14:40 - 02533952 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2015-04-26 13:47 - 2012-03-08 11:47 - 00202336 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2015-04-26 13:47 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
2015-04-26 13:47 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtlCPAPI64.dll
2015-04-26 13:41 - 2015-04-26 13:41 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_XHCIPort_01009.Wdf
2015-04-26 13:41 - 2015-04-26 13:41 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_usb3Hub_01009.Wdf
2015-04-26 13:40 - 2015-04-26 13:40 - 00002533 _____ () C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt
2015-04-26 13:40 - 2015-04-26 13:40 - 00002022 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
2015-04-26 13:40 - 2015-04-26 13:40 - 00002010 _____ () C:\Users\Public\Desktop\Intel(R) WiDi.lnk
2015-04-26 13:40 - 2015-04-26 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-04-26 13:40 - 2015-04-26 13:40 - 00000000 ____D () C:\Program Files\Intel Corporation
2015-04-26 13:30 - 2015-04-26 13:30 - 00003214 _____ () C:\windows\System32\Tasks\advSRS5
2015-04-26 13:30 - 2015-04-26 13:30 - 00001840 _____ () C:\Users\Public\Desktop\Samsung Recovery Solution 5.lnk
2015-04-26 13:20 - 2015-04-26 13:20 - 00001906 _____ () C:\Users\Public\Desktop\SW Update.lnk
2015-04-18 09:36 - 2015-04-18 09:36 - 00001049 _____ () C:\Users\Public\Desktop\Foxit PhantomPDF.lnk
2015-04-18 09:36 - 2015-04-18 09:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2015-04-18 09:13 - 2015-04-26 23:19 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Foxit Software
2015-04-18 09:13 - 2015-04-18 09:36 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-04-18 09:13 - 2015-04-18 09:13 - 00001311 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2015-04-18 09:13 - 2015-04-18 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-04-18 09:12 - 2015-04-18 09:35 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2015-04-16 09:03 - 2015-04-16 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 13:06 - 2015-04-15 13:06 - 00256992 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2015-04-15 11:17 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 11:17 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 11:17 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 11:17 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 11:17 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-15 11:17 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-15 11:17 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-15 11:17 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-15 11:17 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-15 11:16 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-15 11:16 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-04-15 11:16 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 11:16 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 11:16 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 11:16 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 11:16 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-15 11:16 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-15 11:16 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 11:16 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-04-15 11:16 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-04-15 11:16 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-15 11:16 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-15 11:16 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-04-15 11:16 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-04-15 11:16 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-15 11:16 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-15 11:16 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-15 11:16 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-04-15 11:16 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-04-15 11:16 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-04-15 11:16 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-04-15 11:16 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-04-15 11:16 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-04-15 11:16 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-04-15 11:16 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-04-15 11:16 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:16 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-15 11:16 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-15 11:16 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-15 11:16 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-15 11:16 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-15 11:16 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-15 11:16 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 11:16 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-04-15 11:16 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-04-15 11:16 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 11:16 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-04-15 11:16 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-04-15 11:16 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-04-15 11:16 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-15 11:16 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-04-15 11:16 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-04-15 11:16 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-04-15 11:16 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-04-15 11:16 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-04-15 11:16 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-04-15 11:16 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 11:16 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 11:16 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-04-15 11:16 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 11:16 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-04-15 11:16 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-04-15 11:16 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-04-15 11:16 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-04-15 11:16 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-04-15 11:16 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 11:16 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 11:16 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-04-15 11:16 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-04-15 11:16 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-15 11:16 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-15 11:16 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-04-15 11:16 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-04-15 11:16 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-15 11:16 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-04-15 11:16 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-15 11:15 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 11:15 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 11:15 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-15 11:15 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 11:15 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-15 11:15 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-15 11:15 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-15 11:15 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-15 11:15 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-15 11:15 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 11:15 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-15 11:15 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-04-15 11:15 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-04-15 11:15 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-15 11:15 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 11:15 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-15 11:15 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-15 11:15 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 11:15 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-04-15 11:15 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-04-15 11:15 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 11:15 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-04-15 11:15 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-04-15 11:13 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-15 11:13 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 11:13 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-04-14 17:19 - 2015-04-25 16:45 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\BitTorrent Maelstrom
2015-04-13 08:54 - 2015-04-13 08:54 - 00067072 _____ () C:\Users\Samsung\Documents\Vyrobni kniha unor2015.xls
2015-04-09 19:59 - 2015-04-09 19:59 - 00000000 ____D () C:\Users\Default\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-09 19:59 - 2015-04-09 19:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-09 19:58 - 2015-04-09 19:58 - 00001850 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2015-04-09 14:11 - 2015-04-09 14:11 - 00284128 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2015-04-08 09:58 - 2015-04-08 09:58 - 00045056 _____ () C:\Users\Samsung\Downloads\vyuctovani+prubezna.xls
2015-04-07 12:39 - 2015-04-07 12:39 - 00291296 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2015-04-07 09:20 - 2015-04-07 09:20 - 00068608 _____ () C:\Users\Samsung\Documents\Vyrobni kniha leden2015.xls
2015-04-07 08:30 - 2015-04-07 08:30 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-04-07 08:30 - 2015-04-07 08:30 - 00000000 ___SD () C:\windows\system32\GWX
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 11:28 - 2014-01-14 19:41 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-06 11:22 - 2014-01-14 18:46 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-06 11:21 - 2012-02-06 19:04 - 00669236 _____ () C:\windows\system32\perfh005.dat
2015-05-06 11:21 - 2012-02-06 19:04 - 00141606 _____ () C:\windows\system32\perfc005.dat
2015-05-06 11:21 - 2009-07-14 07:13 - 01584802 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-06 11:21 - 2009-07-14 06:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-06 11:21 - 2009-07-14 06:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-06 01:16 - 2014-01-15 18:03 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\BitTorrent
2015-05-06 01:09 - 2014-01-14 18:46 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-06 01:08 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-06 00:10 - 2014-02-01 13:31 - 00000000 ____D () C:\Users\Samsung\Desktop\filip
2015-05-05 22:44 - 2012-02-06 01:57 - 00000000 ____D () C:\windows\PCHEALTH
2015-05-05 22:42 - 2014-09-14 10:45 - 00000000 _RSHD () C:\Users\Samsung\j7g8yb7f712c
2015-05-05 22:42 - 2014-09-14 10:45 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Imminent
2015-05-05 17:37 - 2014-01-15 17:44 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2015-05-05 14:19 - 2013-12-22 12:17 - 00059648 _____ () C:\Users\Samsung\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-05 13:46 - 2009-07-14 06:45 - 00280096 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-05 13:07 - 2013-12-19 08:52 - 00001393 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-05 13:05 - 2013-12-19 08:51 - 00000000 ____D () C:\Users\Samsung\AppData\Local\VirtualStore
2015-05-02 20:10 - 2014-10-28 21:56 - 00001088 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2015-05-02 20:10 - 2014-10-28 21:56 - 00001082 _____ () C:\Users\Public\Desktop\BS.Player FREE.lnk
2015-05-01 12:01 - 2014-01-14 19:01 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-26 19:44 - 2015-01-16 17:01 - 00000000 ____D () C:\Users\Samsung\Downloads\Subs
2015-04-26 14:02 - 2012-02-06 01:35 - 00005326 _____ () C:\windows\HotFixList.ini
2015-04-26 13:50 - 2012-02-06 01:26 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-04-26 13:49 - 2012-02-06 01:26 - 00002474 _____ () C:\RHDSetup.log
2015-04-26 13:49 - 2012-02-06 01:26 - 00000206 _____ () C:\setup.log
2015-04-26 13:49 - 2012-02-06 01:26 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-04-26 13:48 - 2012-02-06 01:26 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2015-04-26 13:40 - 2012-02-06 01:27 - 00000000 ____D () C:\ProgramData\Intel
2015-04-26 13:33 - 2012-02-06 01:31 - 00000000 ____D () C:\ProgramData\WinClon
2015-04-26 13:30 - 2012-02-06 01:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-04-26 13:30 - 2012-02-06 01:31 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-04-26 13:30 - 2012-02-06 01:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-26 13:20 - 2012-02-06 01:39 - 00000000 ____D () C:\ProgramData\SAMSUNG
2015-04-25 11:55 - 2014-01-15 17:06 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-25 11:55 - 2014-01-15 17:06 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-23 10:52 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\AppCompat
2015-04-18 09:34 - 2014-01-29 23:32 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-17 20:28 - 2014-01-14 19:41 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-17 20:28 - 2014-01-14 19:41 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-17 20:28 - 2014-01-14 19:41 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-04-17 19:03 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2015-04-17 10:53 - 2014-10-15 08:45 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-17 10:53 - 2014-01-29 23:20 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-17 10:45 - 2015-01-22 10:12 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-17 09:58 - 2015-01-20 20:32 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-17 09:58 - 2014-05-08 09:56 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-17 09:58 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-04-16 09:07 - 2014-01-19 21:19 - 01560452 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-04-16 09:03 - 2014-01-15 17:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 09:03 - 2013-12-19 08:51 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 09:01 - 2014-01-14 21:05 - 00000000 ____D () C:\windows\system32\MRT
2015-04-12 09:23 - 2014-03-22 06:50 - 00000000 ____D () C:\Users\Samsung\Downloads\Words of my Perfect Teacher - Dzongsar Khyentse Rinpoche
2015-04-09 19:59 - 2014-03-10 02:23 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-04-09 19:58 - 2014-03-10 10:39 - 00003556 _____ () C:\windows\System32\Tasks\GarminUpdaterTask
2015-04-09 19:58 - 2014-03-10 10:39 - 00000000 ____D () C:\ProgramData\Garmin
2015-04-09 19:58 - 2014-03-10 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
==================== Files in the root of some directories =======
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Samsung\AppData\Roaming\BYAIAMUF
2011-09-28 16:18 - 2011-09-28 16:18 - 0020944 _____ (Intel Corporation) C:\Users\Samsung\AppData\Roaming\JomCap.dll
2015-04-26 13:40 - 2015-04-26 13:40 - 0002533 _____ () C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt
2014-03-03 18:26 - 2014-03-03 18:26 - 0001631 _____ () C:\Users\Samsung\AppData\Local\PDLSetup.20140303.172601.txt
2014-10-20 21:08 - 2014-10-20 21:08 - 0000218 _____ () C:\Users\Samsung\AppData\Local\recently-used.xbel
2015-04-26 13:39 - 2015-04-26 13:41 - 0027554 _____ () C:\Users\Samsung\AppData\Local\WiDiSetupLog.20150426.133951.txt
Some content of TEMP:
====================
C:\Users\Samsung\AppData\Local\Temp\7za.exe
C:\Users\Samsung\AppData\Local\Temp\DaS_21.exe
C:\Users\Samsung\AppData\Local\Temp\F0212_s_31184.exe
C:\Users\Samsung\AppData\Local\Temp\G0417_s_71353.exe
C:\Users\Samsung\AppData\Local\Temp\hijackthis.exe
C:\Users\Samsung\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Samsung\AppData\Local\Temp\NirCmd.exe
C:\Users\Samsung\AppData\Local\Temp\PCMgr_AndroidServer.exe
C:\Users\Samsung\AppData\Local\Temp\PEVZ.EXE
C:\Users\Samsung\AppData\Local\Temp\qqpcmgr_v10.8.16208.227_71919_Silence.exe
C:\Users\Samsung\AppData\Local\Temp\Quarantine.exe
C:\Users\Samsung\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Samsung\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Samsung\AppData\Local\Temp\remove.exe
C:\Users\Samsung\AppData\Local\Temp\sed.exe
C:\Users\Samsung\AppData\Local\Temp\shortcut.exe
C:\Users\Samsung\AppData\Local\Temp\sqlite3.dll
C:\Users\Samsung\AppData\Local\Temp\swreg.exe
C:\Users\Samsung\AppData\Local\Temp\swxcacls.exe
C:\Users\Samsung\AppData\Local\Temp\tmp76F.exe
C:\Users\Samsung\AppData\Local\Temp\wget.exe
C:\Users\Samsung\AppData\Local\Temp\zoek-delete.exe
C:\Users\Samsung\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-05 16:04
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:440.27 GB) (Free:322.12 GB) NTFS
Available physical RAM: 1853.47 MB
Total physical RAM: 3990.23 MB
Percentage of memory in use: 53%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 465.8 GB) (Disk ID: 523B2E91)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=440.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.3 GB) - (Type=84)
Partition 4: (Not Active) - (Size=21.1 GB) - (Type=27)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\BYAIAMUF.job => C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: 电脑管家系统防护 (Disabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: 电脑管家系统防护 (Disabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Samsung\Desktop" je 1278 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe [1208320 2010-12-17] ()
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2776872 2011-08-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-10-18] (Motorola Solutions, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe [355296 2015-05-05] (Tencent)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMGCShellExt64.dll [2015-04-07] (Tencent)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000 -> {309CD14B-E0DF-4197-BBD2-1DD771CAD782} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000 -> {6EA819C7-1B22-4C91-8F1B-05D34F997A43} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSWebMon64.dat [2015-05-05] (Tencent)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=1.2.22 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2011-09-28] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2011-09-28] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\npQMExtensionsMozilla.dll [2015-05-05] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> ""
CHR Profile: C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-05]
CHR Extension: (Google Docs) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-14]
CHR Extension: (Karoshi - bookmark) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aojlcmjjlpijlapccagoecbfbpfiglfb [2014-05-03]
CHR Extension: (Google Drive) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-14]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2015-05-05]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2015-05-05]
CHR Extension: (YouTube) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-14]
CHR Extension: (Open Subtitles) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonfllophjimdlhgjgeemafmndfldldf [2014-10-27]
CHR Extension: (Chrome YouTube Downloader) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja [2014-08-14]
CHR Extension: (Google Search) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-14]
CHR Extension: (Google Sheets) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-05]
CHR Extension: (Bookmark Manager) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-05]
CHR Extension: (MP3 Player) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadoojjbafjcfdjcafflfnoimccbnlfd [2014-10-21]
CHR Extension: (Skype Click to Call) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-15]
CHR Extension: (Google Wallet) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-14]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-05-05]
CHR Extension: (Downhill Jam) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjegjjfdamcmjikplaghiloojkpmdfm [2014-05-03]
CHR Extension: (Gmail) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [ooebklgpfnbcnpokahmdidgbmlcdepkm] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-04-10] (Foxit Software Inc.)
S2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [708616 2015-04-08] (Garmin Ltd. or its subsidiaries)
R2 InstallFilterService; C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2010-12-17] () [File not signed]
R2 irstrtsv; C:\windows\SysWOW64\irstrtsv.exe [184320 2011-07-06] (Intel Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-20] ()
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRtp.exe [297608 2015-05-05] (Tencent)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3014488 2015-03-24] (Samsung Electronics CO., LTD.)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOFrame.exe [293728 2015-05-05] (Tencent)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-05] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-20] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-04-07] (AVG Technologies CZ, s.r.o.)
R1 BDMWrench_x64; C:\Windows\System32\DRIVERS\BDMWrench_x64.sys [56136 2014-11-06] (Baidu)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1408824 2013-10-18] (Motorola Solutions, Inc.)
S3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2011-06-15] (Intel Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk64.sys [62264 2015-05-05] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQSysMonX64.sys [127800 2015-05-05] (电脑管家)
R2 SGDrv; C:\Windows\System32\DRIVERS\SGdrv64.sys [7680 2011-04-11] (Phoenix Technologies Ltd.)
R2 TAOAccelerator; C:\windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-05-05] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-05-05] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-05-05] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TS888x64.sys [28984 2015-05-06] (Tencent)
R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tscpm64.sys [42296 2015-05-05] (电脑管家)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsDefenseBT64.sys [28472 2015-05-05] (Tencent)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-05-05] (电脑管家)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSSysKit64.sys [87352 2015-05-05] (电脑管家)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
R3 XHCIPort; C:\Windows\System32\DRIVERS\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
S1 bd0001; system32\DRIVERS\bd0001.sys [X]
S1 bd0002; system32\DRIVERS\bd0002.sys [X]
S2 BDDefense; \??\C:\windows\system32\drivers\BDDefense.sys [X]
S1 BdSandBox; system32\DRIVERS\BdSandBox.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 cpuz134; \??\C:\Users\Samsung\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\Samsung\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 11:51 - 2015-05-06 11:54 - 00024294 _____ () C:\Users\Samsung\Desktop\FRST.txt
2015-05-06 11:50 - 2015-05-06 11:50 - 00076250 _____ () C:\Users\Samsung\Desktop\FRST3.txt
2015-05-06 11:48 - 2015-05-06 11:48 - 00112640 _____ (forum.viry.cz) C:\Users\Samsung\Desktop\FRSTLauncher.exe
2015-05-06 11:34 - 2015-05-06 11:54 - 00000000 ____D () C:\FRST
2015-05-06 11:27 - 2015-05-06 11:27 - 02101760 _____ (Farbar) C:\Users\Samsung\Desktop\FRST64.exe
2015-05-06 11:26 - 2015-05-06 11:27 - 02101760 _____ (Farbar) C:\Users\Samsung\Downloads\FRST64.exe
2015-05-06 01:08 - 2015-05-06 01:08 - 00000808 _____ () C:\windows\PFRO.log
2015-05-06 01:08 - 2015-05-06 01:08 - 00000056 _____ () C:\windows\setupact.log
2015-05-06 01:08 - 2015-05-06 01:08 - 00000000 _____ () C:\windows\setuperr.log
2015-05-06 00:45 - 2015-05-06 00:46 - 00001305 _____ () C:\zoek-results.log
2015-05-06 00:43 - 2015-05-06 00:47 - 00000573 _____ () C:\runcheck.txt
2015-05-06 00:43 - 2015-05-06 00:43 - 01308672 _____ () C:\Users\Samsung\Downloads\zoek (1).exe
2015-05-06 00:42 - 2015-05-06 00:42 - 01308672 _____ () C:\Users\Samsung\Downloads\zoek.exe
2015-05-06 00:42 - 2015-05-06 00:42 - 00000000 ____D () C:\zoek_backup
2015-05-06 00:08 - 2015-05-06 01:07 - 00000000 ____D () C:\AdwCleaner
2015-05-06 00:07 - 2015-05-06 00:07 - 02204160 _____ () C:\Users\Samsung\Downloads\adwcleaner_4.203.exe
2015-05-05 23:56 - 2015-05-06 00:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-05 23:53 - 2015-05-06 00:30 - 00000000 ____D () C:\Users\Samsung\Desktop\mbar
2015-05-05 23:47 - 2015-05-05 23:49 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Samsung\Downloads\mbar-1.09.1.1004.exe
2015-05-05 23:23 - 2015-05-05 23:24 - 00768512 _____ (Reimage®) C:\Users\Samsung\Downloads\ReimageRepair.exe
2015-05-05 22:06 - 2015-05-06 01:10 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-05 22:06 - 2015-05-05 23:54 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-05 22:06 - 2015-05-05 22:16 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-05 22:06 - 2015-05-05 22:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-05 22:06 - 2015-05-05 22:16 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-05 22:06 - 2015-05-05 22:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-05 22:06 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-05-05 22:06 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-05-05 22:04 - 2015-05-05 22:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Samsung\Downloads\mbam-setup-2.1.4.1018.exe
2015-05-05 21:43 - 2015-05-05 21:43 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Norman Malware Cleaner
2015-05-05 18:27 - 2014-11-06 09:38 - 00056136 _____ (Baidu) C:\windows\system32\Drivers\BDMWrench_x64.sys
2015-05-05 18:26 - 2014-12-25 04:35 - 00152392 _____ (Baidu Technology) C:\windows\system32\Drivers\BDArKit.SYS
2015-05-05 17:17 - 2015-05-05 22:27 - 00000000 ____D () C:\Users\Samsung\AppData\Local\AVG Web TuneUp
2015-05-05 17:16 - 2015-05-05 17:16 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-05-05 17:16 - 2015-05-05 17:16 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-05-05 15:05 - 2015-05-05 15:05 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\AVG2015
2015-05-05 15:04 - 2015-05-05 15:04 - 00000937 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-05-05 15:04 - 2015-05-05 15:04 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\TuneUp Software
2015-05-05 15:04 - 2015-05-05 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-05 15:03 - 2015-05-05 17:34 - 00000000 ____D () C:\ProgramData\AVG2015
2015-05-05 15:03 - 2015-05-05 15:03 - 00000000 ___HD () C:\$AVG
2015-05-05 15:01 - 2015-05-05 15:01 - 00000000 ____D () C:\Program Files (x86)\AVG
2015-05-05 14:56 - 2015-05-06 11:26 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-05 14:56 - 2015-05-05 17:16 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Avg2015
2015-05-05 14:56 - 2015-05-05 14:56 - 00000000 ____D () C:\Users\Samsung\AppData\Local\MFAData
2015-05-05 14:31 - 2015-05-05 14:35 - 00003254 _____ () C:\windows\System32\Tasks\Trojan Killer
2015-05-05 14:31 - 2015-05-05 14:31 - 00000000 ____D () C:\ProgramData\GridinSoft
2015-05-05 14:18 - 2015-05-05 14:52 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-05 13:46 - 2015-05-06 01:10 - 00028984 _____ (Tencent) C:\windows\SysWOW64\Drivers\TS888x64.sys
2015-05-05 13:21 - 2015-05-05 13:21 - 00000000 ____D () C:\Users\Samsung\AppData\Local\VS Revo Group
2015-05-05 13:17 - 2015-05-05 13:17 - 00000000 ____D () C:\ProgramData\TXQMPC
2015-05-05 13:07 - 2015-05-05 13:00 - 00099640 _____ (Tencent) C:\windows\system32\Drivers\TAOAccelerator64.sys
2015-05-05 13:04 - 2015-05-05 13:04 - 00000000 ____D () C:\Program Files\Common Files\Tencent
2015-05-05 13:02 - 2015-05-05 13:07 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Opera Software
2015-05-05 13:02 - 2015-05-05 13:02 - 00003194 _____ () C:\Users\Samsung\Desktop\MiniGet Smart Downloader.lnk
2015-05-05 13:02 - 2015-05-05 13:00 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\windows\system32\Drivers\TAOKernel64.sys
2015-05-05 13:02 - 2015-05-05 13:00 - 00087864 _____ (电脑管家) C:\windows\system32\Drivers\TFsFltX64.sys
2015-05-05 13:02 - 2015-05-05 13:00 - 00038200 _____ (电脑管家) C:\windows\system32\Drivers\TSSKX64.sys
2015-05-05 12:59 - 2015-05-05 14:20 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Tencent
2015-05-05 12:59 - 2015-05-05 13:47 - 00000000 ____D () C:\ProgramData\Tencent
2015-05-05 12:59 - 2015-05-05 12:59 - 00000000 ____D () C:\Program Files (x86)\Tencent
2015-05-05 12:57 - 2015-05-05 13:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-05 12:53 - 2015-05-06 11:35 - 00001694 _____ () C:\windows\Tasks\BYAIAMUF.job
2015-05-05 12:53 - 2015-05-05 17:37 - 00000000 ____D () C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf
2015-05-05 12:53 - 2015-05-05 12:53 - 00004728 _____ () C:\windows\System32\Tasks\BYAIAMUF
2015-05-05 12:51 - 2015-05-05 18:31 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2015-05-05 12:51 - 2015-04-03 07:01 - 00202576 _____ (Baidu) C:\windows\system32\Drivers\bd0001.sys_34897
2015-05-05 12:51 - 2014-12-05 11:35 - 00202576 _____ (Baidu) C:\windows\system32\Drivers\bd0001.sys_
2015-05-05 12:50 - 2015-05-05 22:58 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Seznam.cz
2015-04-26 19:17 - 2015-05-04 03:46 - 00000000 ____D () C:\Users\Samsung\Downloads\Magazine.Pack.02.20.2015-TV
2015-04-26 18:55 - 2015-04-26 18:57 - 00000000 ____D () C:\Users\Samsung\Downloads\Shaun.The.Sheep.A.Woolly.Good.Time.2010.DVDRip.XviD-FiCO [NO-RAR] - [ www.torrentday.com ]
2015-04-26 18:18 - 2015-04-26 22:44 - 00000000 ____D () C:\Users\Samsung\Downloads\Shaun the Sheep Party Animals (2010) DVDRip Xvid - EMU
2015-04-26 17:17 - 2015-04-26 17:27 - 00000000 ____D () C:\Users\Samsung\Downloads\Leave.The.World.Behind.2014.HDRip.XviD.MP3-RARBG
2015-04-26 16:43 - 2015-04-26 18:58 - 00000000 ____D () C:\Users\Samsung\Downloads\Song of the Sea 2014 720p BluRay x264 AAC - Ozlem
2015-04-26 15:34 - 2015-04-26 19:43 - 00000000 ____D () C:\Users\Samsung\Downloads\Chappie 2015 HDCAM New AUDIO x264-CPG
2015-04-26 15:33 - 2015-04-26 18:51 - 00000000 ____D () C:\Users\Samsung\Downloads\Appleseed Ex Machina [2007].x264.DVDrip.wBONUS(ANIME)
2015-04-26 15:31 - 2015-04-26 18:53 - 00000000 ____D () C:\Users\Samsung\Downloads\Going Clear Scientology and the Prison of Belief 2015 HDTV x264-FUM[ettv]
2015-04-26 15:26 - 2015-04-26 18:55 - 00000000 ____D () C:\Users\Samsung\Downloads\Shaun the Sheep. The Big Chase.2011.DVDRip.XViD-WBZ
2015-04-26 15:20 - 2015-04-26 19:50 - 00000000 ____D () C:\Users\Samsung\Downloads\Kingsman-The.Secret.Service.2014.HDCAM.XVID.AC3.HQ.Hive-CM8
2015-04-26 13:48 - 2015-04-26 13:48 - 00000000 ____D () C:\windows\system32\SRSLabs
2015-04-26 13:47 - 2012-08-07 18:51 - 04102928 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2015-04-26 13:47 - 2012-08-07 15:11 - 00329737 _____ () C:\windows\system32\Drivers\RTAIODAT.DAT
2015-04-26 13:47 - 2012-08-06 15:44 - 01561744 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2015-04-26 13:47 - 2012-08-06 11:49 - 02743440 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2015-04-26 13:47 - 2012-08-03 12:13 - 05911552 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoRes64.dat
2015-04-26 13:47 - 2012-08-01 18:29 - 00109200 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2015-04-26 13:47 - 2012-07-24 17:30 - 00606336 _____ (Sony Corporation) C:\windows\system32\SFSS_APO.dll
2015-04-26 13:47 - 2012-07-20 14:41 - 00880784 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2015-04-26 13:47 - 2012-07-19 16:52 - 07598456 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek64.dll
2015-04-26 13:47 - 2012-07-19 16:52 - 02028920 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioEQ64.dll
2015-04-26 13:47 - 2012-07-19 16:51 - 02080120 _____ (Waves Audio Ltd.) C:\windows\system32\WavesGUILib64.dll
2015-04-26 13:47 - 2012-07-19 16:51 - 00834936 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPOShell64.dll
2015-04-26 13:47 - 2012-07-16 14:16 - 03643024 _____ (Realtek Semiconductor Corp.) C:\windows\system32\SETCE90.tmp
2015-04-26 13:47 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVolumeSDAPO.dll
2015-04-26 13:47 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO30.dll
2015-04-26 13:47 - 2012-07-02 15:39 - 01264272 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2015-04-26 13:47 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 07163784 _____ (Dolby Laboratories) C:\windows\system32\R4EEP64A.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 00433544 _____ (Dolby Laboratories) C:\windows\system32\R4EED64A.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 00141192 _____ (Dolby Laboratories) C:\windows\system32\R4EEL64A.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 00123784 _____ (Dolby Laboratories) C:\windows\system32\R4EEA64A.dll
2015-04-26 13:47 - 2012-06-15 11:20 - 00074632 _____ (Dolby Laboratories) C:\windows\system32\R4EEG64A.dll
2015-04-26 13:47 - 2012-04-10 14:40 - 02533952 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2015-04-26 13:47 - 2012-03-08 11:47 - 00202336 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2015-04-26 13:47 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
2015-04-26 13:47 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtlCPAPI64.dll
2015-04-26 13:41 - 2015-04-26 13:41 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_XHCIPort_01009.Wdf
2015-04-26 13:41 - 2015-04-26 13:41 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_usb3Hub_01009.Wdf
2015-04-26 13:40 - 2015-04-26 13:40 - 00002533 _____ () C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt
2015-04-26 13:40 - 2015-04-26 13:40 - 00002022 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) WiDi.lnk
2015-04-26 13:40 - 2015-04-26 13:40 - 00002010 _____ () C:\Users\Public\Desktop\Intel(R) WiDi.lnk
2015-04-26 13:40 - 2015-04-26 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-04-26 13:40 - 2015-04-26 13:40 - 00000000 ____D () C:\Program Files\Intel Corporation
2015-04-26 13:30 - 2015-04-26 13:30 - 00003214 _____ () C:\windows\System32\Tasks\advSRS5
2015-04-26 13:30 - 2015-04-26 13:30 - 00001840 _____ () C:\Users\Public\Desktop\Samsung Recovery Solution 5.lnk
2015-04-26 13:20 - 2015-04-26 13:20 - 00001906 _____ () C:\Users\Public\Desktop\SW Update.lnk
2015-04-18 09:36 - 2015-04-18 09:36 - 00001049 _____ () C:\Users\Public\Desktop\Foxit PhantomPDF.lnk
2015-04-18 09:36 - 2015-04-18 09:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2015-04-18 09:13 - 2015-04-26 23:19 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Foxit Software
2015-04-18 09:13 - 2015-04-18 09:36 - 00000000 ____D () C:\Users\Public\Foxit Software
2015-04-18 09:13 - 2015-04-18 09:13 - 00001311 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2015-04-18 09:13 - 2015-04-18 09:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-04-18 09:12 - 2015-04-18 09:35 - 00000000 ____D () C:\Program Files (x86)\Foxit Software
2015-04-16 09:03 - 2015-04-16 09:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 13:06 - 2015-04-15 13:06 - 00256992 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2015-04-15 11:17 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 11:17 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 11:17 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 11:17 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 11:17 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 11:17 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-15 11:17 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-15 11:17 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-15 11:17 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-15 11:17 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-15 11:16 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-04-15 11:16 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-04-15 11:16 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 11:16 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-15 11:16 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 11:16 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 11:16 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 11:16 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-15 11:16 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-15 11:16 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 11:16 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-04-15 11:16 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-04-15 11:16 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-15 11:16 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-15 11:16 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-15 11:16 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-04-15 11:16 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-04-15 11:16 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-15 11:16 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-15 11:16 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-15 11:16 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-04-15 11:16 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-04-15 11:16 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-04-15 11:16 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-04-15 11:16 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-04-15 11:16 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-04-15 11:16 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-04-15 11:16 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-04-15 11:16 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-04-15 11:16 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-04-15 11:16 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:16 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:16 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-04-15 11:16 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-04-15 11:16 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-04-15 11:16 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-04-15 11:16 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-04-15 11:16 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-04-15 11:16 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-04-15 11:16 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-04-15 11:16 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-04-15 11:16 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 11:16 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-04-15 11:16 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-04-15 11:16 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-04-15 11:16 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-04-15 11:16 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-04-15 11:16 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-04-15 11:16 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-04-15 11:16 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-04-15 11:16 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-04-15 11:16 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-04-15 11:16 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-04-15 11:16 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-04-15 11:16 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-04-15 11:16 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 11:16 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-04-15 11:16 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-04-15 11:16 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-04-15 11:16 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-04-15 11:16 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-04-15 11:16 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-04-15 11:16 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-04-15 11:16 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-04-15 11:16 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-04-15 11:16 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-15 11:16 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-15 11:16 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-04-15 11:16 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-04-15 11:16 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-15 11:16 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-04-15 11:16 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-15 11:15 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-04-15 11:15 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-15 11:15 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2015-04-15 11:15 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-04-15 11:15 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-04-15 11:15 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-04-15 11:15 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-04-15 11:15 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-04-15 11:15 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-04-15 11:15 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-04-15 11:15 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-04-15 11:15 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-04-15 11:15 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2015-04-15 11:15 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-04-15 11:15 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-04-15 11:15 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-04-15 11:15 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-04-15 11:15 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-04-15 11:15 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-04-15 11:15 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-04-15 11:15 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-04-15 11:15 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-04-15 11:15 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-04-15 11:13 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-15 11:13 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 11:13 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-04-14 17:19 - 2015-04-25 16:45 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\BitTorrent Maelstrom
2015-04-13 08:54 - 2015-04-13 08:54 - 00067072 _____ () C:\Users\Samsung\Documents\Vyrobni kniha unor2015.xls
2015-04-09 19:59 - 2015-04-09 19:59 - 00000000 ____D () C:\Users\Default\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-09 19:59 - 2015-04-09 19:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-09 19:58 - 2015-04-09 19:58 - 00001850 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2015-04-09 14:11 - 2015-04-09 14:11 - 00284128 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2015-04-08 09:58 - 2015-04-08 09:58 - 00045056 _____ () C:\Users\Samsung\Downloads\vyuctovani+prubezna.xls
2015-04-07 12:39 - 2015-04-07 12:39 - 00291296 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2015-04-07 09:20 - 2015-04-07 09:20 - 00068608 _____ () C:\Users\Samsung\Documents\Vyrobni kniha leden2015.xls
2015-04-07 08:30 - 2015-04-07 08:30 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-04-07 08:30 - 2015-04-07 08:30 - 00000000 ___SD () C:\windows\system32\GWX
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-06 11:28 - 2014-01-14 19:41 - 00000914 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-05-06 11:22 - 2014-01-14 18:46 - 00000952 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-06 11:21 - 2012-02-06 19:04 - 00669236 _____ () C:\windows\system32\perfh005.dat
2015-05-06 11:21 - 2012-02-06 19:04 - 00141606 _____ () C:\windows\system32\perfc005.dat
2015-05-06 11:21 - 2009-07-14 07:13 - 01584802 _____ () C:\windows\system32\PerfStringBackup.INI
2015-05-06 11:21 - 2009-07-14 06:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-06 11:21 - 2009-07-14 06:45 - 00028848 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-06 01:16 - 2014-01-15 18:03 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\BitTorrent
2015-05-06 01:09 - 2014-01-14 18:46 - 00000948 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-06 01:08 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-05-06 00:10 - 2014-02-01 13:31 - 00000000 ____D () C:\Users\Samsung\Desktop\filip
2015-05-05 22:44 - 2012-02-06 01:57 - 00000000 ____D () C:\windows\PCHEALTH
2015-05-05 22:42 - 2014-09-14 10:45 - 00000000 _RSHD () C:\Users\Samsung\j7g8yb7f712c
2015-05-05 22:42 - 2014-09-14 10:45 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Imminent
2015-05-05 17:37 - 2014-01-15 17:44 - 00000000 ____D () C:\Program Files (x86)\ASM104xUSB3
2015-05-05 14:19 - 2013-12-22 12:17 - 00059648 _____ () C:\Users\Samsung\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-05 13:46 - 2009-07-14 06:45 - 00280096 _____ () C:\windows\system32\FNTCACHE.DAT
2015-05-05 13:07 - 2013-12-19 08:52 - 00001393 _____ () C:\Users\Samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-05 13:05 - 2013-12-19 08:51 - 00000000 ____D () C:\Users\Samsung\AppData\Local\VirtualStore
2015-05-02 20:10 - 2014-10-28 21:56 - 00001088 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2015-05-02 20:10 - 2014-10-28 21:56 - 00001082 _____ () C:\Users\Public\Desktop\BS.Player FREE.lnk
2015-05-01 12:01 - 2014-01-14 19:01 - 00002143 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-26 19:44 - 2015-01-16 17:01 - 00000000 ____D () C:\Users\Samsung\Downloads\Subs
2015-04-26 14:02 - 2012-02-06 01:35 - 00005326 _____ () C:\windows\HotFixList.ini
2015-04-26 13:50 - 2012-02-06 01:26 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-04-26 13:49 - 2012-02-06 01:26 - 00002474 _____ () C:\RHDSetup.log
2015-04-26 13:49 - 2012-02-06 01:26 - 00000206 _____ () C:\setup.log
2015-04-26 13:49 - 2012-02-06 01:26 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-04-26 13:48 - 2012-02-06 01:26 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2015-04-26 13:40 - 2012-02-06 01:27 - 00000000 ____D () C:\ProgramData\Intel
2015-04-26 13:33 - 2012-02-06 01:31 - 00000000 ____D () C:\ProgramData\WinClon
2015-04-26 13:30 - 2012-02-06 01:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-04-26 13:30 - 2012-02-06 01:31 - 00000000 ____D () C:\Program Files (x86)\Samsung
2015-04-26 13:30 - 2012-02-06 01:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-04-26 13:20 - 2012-02-06 01:39 - 00000000 ____D () C:\ProgramData\SAMSUNG
2015-04-25 11:55 - 2014-01-15 17:06 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-04-25 11:55 - 2014-01-15 17:06 - 00000000 ____D () C:\Program Files\CCleaner
2015-04-23 10:52 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\AppCompat
2015-04-18 09:34 - 2014-01-29 23:32 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-17 20:28 - 2014-01-14 19:41 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-17 20:28 - 2014-01-14 19:41 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-17 20:28 - 2014-01-14 19:41 - 00003852 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-04-17 19:03 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2015-04-17 10:53 - 2014-10-15 08:45 - 00000000 ____D () C:\Program Files (x86)\Java
2015-04-17 10:53 - 2014-01-29 23:20 - 00000000 ____D () C:\ProgramData\Oracle
2015-04-17 10:45 - 2015-01-22 10:12 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2015-04-17 09:58 - 2015-01-20 20:32 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-17 09:58 - 2014-05-08 09:56 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-17 09:58 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-04-16 09:07 - 2014-01-19 21:19 - 01560452 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-04-16 09:03 - 2014-01-15 17:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 09:03 - 2013-12-19 08:51 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 09:01 - 2014-01-14 21:05 - 00000000 ____D () C:\windows\system32\MRT
2015-04-12 09:23 - 2014-03-22 06:50 - 00000000 ____D () C:\Users\Samsung\Downloads\Words of my Perfect Teacher - Dzongsar Khyentse Rinpoche
2015-04-09 19:59 - 2014-03-10 02:23 - 00000000 ____D () C:\Program Files (x86)\Garmin
2015-04-09 19:58 - 2014-03-10 10:39 - 00003556 _____ () C:\windows\System32\Tasks\GarminUpdaterTask
2015-04-09 19:58 - 2014-03-10 10:39 - 00000000 ____D () C:\ProgramData\Garmin
2015-04-09 19:58 - 2014-03-10 02:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
==================== Files in the root of some directories =======
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Samsung\AppData\Roaming\BYAIAMUF
2011-09-28 16:18 - 2011-09-28 16:18 - 0020944 _____ (Intel Corporation) C:\Users\Samsung\AppData\Roaming\JomCap.dll
2015-04-26 13:40 - 2015-04-26 13:40 - 0002533 _____ () C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt
2014-03-03 18:26 - 2014-03-03 18:26 - 0001631 _____ () C:\Users\Samsung\AppData\Local\PDLSetup.20140303.172601.txt
2014-10-20 21:08 - 2014-10-20 21:08 - 0000218 _____ () C:\Users\Samsung\AppData\Local\recently-used.xbel
2015-04-26 13:39 - 2015-04-26 13:41 - 0027554 _____ () C:\Users\Samsung\AppData\Local\WiDiSetupLog.20150426.133951.txt
Some content of TEMP:
====================
C:\Users\Samsung\AppData\Local\Temp\7za.exe
C:\Users\Samsung\AppData\Local\Temp\DaS_21.exe
C:\Users\Samsung\AppData\Local\Temp\F0212_s_31184.exe
C:\Users\Samsung\AppData\Local\Temp\G0417_s_71353.exe
C:\Users\Samsung\AppData\Local\Temp\hijackthis.exe
C:\Users\Samsung\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Samsung\AppData\Local\Temp\NirCmd.exe
C:\Users\Samsung\AppData\Local\Temp\PCMgr_AndroidServer.exe
C:\Users\Samsung\AppData\Local\Temp\PEVZ.EXE
C:\Users\Samsung\AppData\Local\Temp\qqpcmgr_v10.8.16208.227_71919_Silence.exe
C:\Users\Samsung\AppData\Local\Temp\Quarantine.exe
C:\Users\Samsung\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Samsung\AppData\Local\Temp\ReiSysUpdate.exe
C:\Users\Samsung\AppData\Local\Temp\remove.exe
C:\Users\Samsung\AppData\Local\Temp\sed.exe
C:\Users\Samsung\AppData\Local\Temp\shortcut.exe
C:\Users\Samsung\AppData\Local\Temp\sqlite3.dll
C:\Users\Samsung\AppData\Local\Temp\swreg.exe
C:\Users\Samsung\AppData\Local\Temp\swxcacls.exe
C:\Users\Samsung\AppData\Local\Temp\tmp76F.exe
C:\Users\Samsung\AppData\Local\Temp\wget.exe
C:\Users\Samsung\AppData\Local\Temp\zoek-delete.exe
C:\Users\Samsung\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-05 16:04
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:440.27 GB) (Free:322.12 GB) NTFS
Available physical RAM: 1853.47 MB
Total physical RAM: 3990.23 MB
Percentage of memory in use: 53%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 465.8 GB) (Disk ID: 523B2E91)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=440.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.3 GB) - (Type=84)
Partition 4: (Not Active) - (Size=21.1 GB) - (Type=27)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\BYAIAMUF.job => C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: 电脑管家系统防护 (Disabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
AS: 电脑管家系统防护 (Disabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Samsung\Desktop" je 1278 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Re: asi Baidu a nějaký čínan
Zdravim 
Muzu poprosit o logy z AdwCleaneru, Zoeku a MBAMu
Muzu poprosit o logy z AdwCleaneru, Zoeku a MBAMu"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: asi Baidu a nějaký čínan
# AdwCleaner v4.203 - Log vytvořen 06/05/2015 v 12:08:03
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-05.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Samsung - SAMSUNG-PC
# Spuštěno z : C:\Users\Samsung\Downloads\adwcleaner_4.203.exe
# Nastavení : Sken
***** [ Služby ] *****
Služba Nalezeno : bd0001
Služba Nalezeno : bd0002
Služba Nalezeno : BDMWrench_x64
Služba Nalezeno : QQPCRTP
***** [ Soubory / Složky ] *****
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.hao123.com/?tn=91932766_hao_pg
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.hao123.com/?tn=91932766_hao_pg
-\\ Google Chrome v42.0.2311.135
*************************
AdwCleaner[R0].txt - [9642 bytů] - [06/05/2015 00:30:43]
AdwCleaner[R1].txt - [1369 bytů] - [06/05/2015 01:04:09]
AdwCleaner[R2].txt - [1114 bytů] - [06/05/2015 12:08:03]
AdwCleaner[S0].txt - [8994 bytů] - [06/05/2015 00:34:06]
AdwCleaner[S1].txt - [1363 bytů] - [06/05/2015 01:07:33]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1288 bytů] ##########
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 6.5.2015
Čas skenování: 11:21:34
Protokol: MBAM.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.05.06.01
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Samsung
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 345492
Uplynulý čas: 28 min, 20 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
# Aktualizováno 30/04/2015 by Xplode
# Databáze : 2015-05-05.1 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Samsung - SAMSUNG-PC
# Spuštěno z : C:\Users\Samsung\Downloads\adwcleaner_4.203.exe
# Nastavení : Sken
***** [ Služby ] *****
Služba Nalezeno : bd0001
Služba Nalezeno : bd0002
Služba Nalezeno : BDMWrench_x64
Služba Nalezeno : QQPCRTP
***** [ Soubory / Složky ] *****
***** [ Naplánované úlohy ] *****
***** [ Zástupci ] *****
***** [ Registry ] *****
***** [ Prohlížeče ] *****
-\\ Internet Explorer v11.0.9600.17728
Nastavení Nalezeno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.hao123.com/?tn=91932766_hao_pg
Nastavení Nalezeno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.hao123.com/?tn=91932766_hao_pg
-\\ Google Chrome v42.0.2311.135
*************************
AdwCleaner[R0].txt - [9642 bytů] - [06/05/2015 00:30:43]
AdwCleaner[R1].txt - [1369 bytů] - [06/05/2015 01:04:09]
AdwCleaner[R2].txt - [1114 bytů] - [06/05/2015 12:08:03]
AdwCleaner[S0].txt - [8994 bytů] - [06/05/2015 00:34:06]
AdwCleaner[S1].txt - [1363 bytů] - [06/05/2015 01:07:33]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1288 bytů] ##########
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 6.5.2015
Čas skenování: 11:21:34
Protokol: MBAM.txt
Správce: Ano
Verze: 2.01.6.1022
Databáze malwaru: v2015.05.06.01
Databáze rootkitů: v2015.04.21.01
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Samsung
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 345492
Uplynulý čas: 28 min, 20 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Vypnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 0
(Nenalezeny žádné škodlivé položky)
Soubory: 0
(Nenalezeny žádné škodlivé položky)
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: asi Baidu a nějaký čínan
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Samsung on st 06.05.2015 at 12:13:39,20.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Samsung\Downloads\zoek.exe [Scan all users] [Quick Scan]
==== Older Logs ======================
C:\zoek-results2015-05-05-224657.log 1305 bytes
==== Files Recently Created / Modified ======================
====== C:\windows ====
====== C:\Users\Samsung\AppData\Local\Temp ====
2015-05-05 21:26:26 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Samsung\AppData\Local\Temp\ReiSysUpdate.exe
2015-05-05 21:25:33 07A6BF655E4FC9ECA1FF261E1BCF5666 13368424 ----a-w- C:\Users\Samsung\AppData\Local\Temp\ReimagePackage.exe
2015-05-05 19:43:48 E12C035403AA6F4E16ACD81530A3A4BE 40872 ----a-w- C:\Users\Samsung\AppData\Local\Temp\nmc_temp\0000\nse\bin\nsak64.sys
2015-05-05 19:43:48 A496F1DFC34EEDF8FD34F7739A184787 1767720 ----a-w- C:\Users\Samsung\AppData\Local\Temp\nmc_temp\0000\nse\bin\NSE_W32.DLL
2015-05-05 19:43:48 6CFFA27F0256C43E853375C5749C576A 217272 ----a-w- C:\Users\Samsung\AppData\Local\Temp\nmc_temp\0000\nse\bin\statslib.dll
2015-05-05 19:43:32 A8235D366029C2F1FCDAD5481122C16B 427368 ----a-w- C:\Users\Samsung\AppData\Local\Temp\nmc_temp\0000\nse\bin\ncl.dll
2015-05-05 19:43:32 2AB5CC762B0AF715DAE408CFB20C59BB 530712 ----a-w- C:\Users\Samsung\AppData\Local\Temp\nmc_temp\0000\nse\bin\ncm3.dll
2015-05-05 16:31:21 091235F94956B7824F2FDC73E0288BB1 534528 ----a-w- C:\Users\Samsung\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2015-05-05 12:31:42 283B7B75710C97AE26B3BA959D391870 68890912 ----a-w- C:\Users\Samsung\AppData\Local\Temp\tmp76F.exe
2015-05-05 12:25:13 C2FEA2C30301D78A90B488A79EBFD715 90112 ----a-w- C:\Users\Samsung\AppData\Local\Temp\BDRepair\BDMDownload.dll
2015-05-05 12:25:13 581D31CB00E9C0EB2667C17441604975 332616 ----a-w- C:\Users\Samsung\AppData\Local\Temp\BDRepair\BDMNetGetInfo.dll
2015-05-05 11:13:32 EF35D4141E0FD5508A7C9F77976A5565 2635064 ----a-w- C:\Users\Samsung\AppData\Local\Temp\QMPluginMgr\QMBluescreenFixer.exe
2015-05-05 10:59:12 B189CEAE840F3E629534457CCB841778 199008 ----a-w- C:\Users\Samsung\AppData\Local\Temp\Tencent\QQPCMgr\~2e31df97\UpdateTrayIcon.exe
2015-05-05 10:57:34 4795A3CD5F978D2B803DD535C370FF6A 1496975 ----a-w- C:\Users\Samsung\AppData\Local\Temp\81430823308\1PlhBLkxUSg==2.exe
2015-05-05 10:57:32 7C82885901BC3FCAB33BEA521DB9AA35 49795 ----a-w- C:\Users\Samsung\AppData\Local\Temp\81430823308\SVJBLkxUSg==27036.exe
2015-05-05 10:55:27 214AA5BEFCB669450189F00231067055 48081248 ----a-w- C:\Users\Samsung\AppData\Local\Temp\qqpcmgr_v10.8.16208.227_71919_Silence.exe
2015-05-05 10:55:20 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Samsung\AppData\Local\Temp\81430823308\SVJBLkxUSg==10700.exe
2015-05-05 10:52:45 D6A85C6DAF512EAEBBCE01A5ABD91635 30391344 ----a-w- C:\Users\Samsung\AppData\Local\Temp\G0417_s_71353.exe
2015-05-05 10:49:57 04476763D3CFAB8C519C5097FCC7BE23 16433800 ----a-w- C:\Users\Samsung\AppData\Local\Temp\F0212_s_31184.exe
2015-04-26 11:50:37 B83D2774CDAF5016CD8765A630FA1150 107392 ----a-w- C:\Users\Samsung\AppData\Local\Temp\{7B1D302C-6DE2-4963-B2B5-EEA991A738FE}\ISBEW64.exe
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2015-05-05 12:18:37 5B1E07E27495BD8D72B1F62660FDFA7F 4 ----a-w- C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
====== C:\windows\SysWOW64\drivers =====
2015-05-05 11:46:59 DA947B9CAE18C14C497D01417E242FBE 28984 ----a-w- C:\windows\SysWOW64\drivers\TS888x64.sys
====== C:\windows\Sysnative =====
2015-04-26 11:47:55 82A5E8D1778F456C60B111936310583F 2080120 ----a-w- C:\windows\Sysnative\WavesGUILib64.dll
2015-04-26 11:47:54 9ADFF7BA865F8BEBB8D1B5ACE07DA01B 606336 ----a-w- C:\windows\Sysnative\SFSS_APO.dll
2015-04-26 11:47:53 CA1D7D09854D305A64B100DC1400BA21 331880 ----a-w- C:\windows\Sysnative\RtlCPAPI64.dll
2015-04-26 11:47:53 6969AC4AD1744E8F768945DE4E990DC3 1561744 ----a-w- C:\windows\Sysnative\RTSnMg64.cpl
2015-04-26 11:47:53 2523F152A2D48CC62273A21A3A26FF81 2743440 ----a-w- C:\windows\Sysnative\RtPgEx64.dll
2015-04-26 11:47:52 F970C3C1416F433E31ED238F6FC0DD7A 880784 ----a-w- C:\windows\Sysnative\RtkApi64.dll
2015-04-26 11:47:52 EFD79DD8C669DF061CCE180D5B70C96C 1264272 ----a-w- C:\windows\Sysnative\RTCOM64.dll
2015-04-26 11:47:52 DE9CEA653C8F59A46A9349A7D28BDC47 5911552 ----a-w- C:\windows\Sysnative\RCoRes64.dat
2015-04-26 11:47:52 2974717C6500919E920A355143F8F520 109200 ----a-w- C:\windows\Sysnative\RCoInstII64.dll
2015-04-26 11:47:52 2762306CD6A8AAC96D4D965EE939D00E 3643024 ----a-w- C:\windows\Sysnative\SETCE90.tmp
2015-04-26 11:47:51 FC6A1827D21BE5EBB92E5EBC2ED78B0A 74632 ----a-w- C:\windows\Sysnative\R4EEG64A.dll
2015-04-26 11:47:51 771C0DF44C272E40372E2A768741A52A 433544 ----a-w- C:\windows\Sysnative\R4EED64A.dll
2015-04-26 11:47:51 585DD76786DC05A26BCD2A749E403946 7163784 ----a-w- C:\windows\Sysnative\R4EEP64A.dll
2015-04-26 11:47:51 1FCB96AA8D6CEB99DE6D36D3965ADFD9 141192 ----a-w- C:\windows\Sysnative\R4EEL64A.dll
2015-04-26 11:47:51 11113FA625233DF821518B616C812B7D 123784 ----a-w- C:\windows\Sysnative\R4EEA64A.dll
2015-04-26 11:47:50 9CE3953998D0F0659F1CE9B4AA824AEF 7598456 ----a-w- C:\windows\Sysnative\MaxxAudioRealtek64.dll
2015-04-26 11:47:50 8B5090790A44C446EEC4D8313C916562 394616 ----a-w- C:\windows\Sysnative\MaxxVolumeSDAPO.dll
2015-04-26 11:47:50 55F6FB0356C7633C3B06F8FCB3106F3A 834936 ----a-w- C:\windows\Sysnative\MaxxAudioAPOShell64.dll
2015-04-26 11:47:50 343FF0AC3B26D18E33A9C538A88AEC23 2028920 ----a-w- C:\windows\Sysnative\MaxxAudioEQ64.dll
2015-04-26 11:47:49 A0EB7F22BAF4332CFB955B3E09A9F033 394616 ----a-w- C:\windows\Sysnative\MaxxAudioAPO30.dll
2015-04-26 11:47:47 A797EED94B22B29D3974CB20B66BE6C6 110592 ----a-w- C:\windows\Sysnative\CONEQMSAPOGUILibrary.dll
2015-04-26 11:47:47 107B9F178E0A585A417356F3826D22AC 2533952 ----a-w- C:\windows\Sysnative\FMAPO64.dll
2015-04-26 11:47:46 E16FE4D8982ACD755637F4CC9303E00C 202336 ----a-w- C:\windows\Sysnative\AERTAC64.dll
2015-04-26 11:47:46 B3E9EA31E37EDCC1D54CE20504549ABE 108640 ----a-w- C:\windows\Sysnative\AERTAR64.dll
====== C:\windows\Sysnative\drivers =====
2015-05-05 20:06:45 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-05-05 20:06:15 F49FB3C88E263AE9A246593B0BB29294 63704 ----a-w- C:\windows\Sysnative\drivers\mwac.sys
2015-05-05 20:06:15 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\windows\Sysnative\drivers\mbam.sys
2015-05-05 20:06:15 0307CF4184F4F22DB75F36ACCCEF7ED1 107736 ----a-w- C:\windows\Sysnative\drivers\mbamchameleon.sys
2015-05-05 16:27:48 46E85FE5F787FDABAE8EA8C571ADC53B 56136 ----a-w- C:\windows\Sysnative\drivers\BDMWrench_x64.sys
2015-05-05 16:26:13 AC5C57F6C95C5B2EE4FE78C7C93372A5 152392 ----a-w- C:\windows\Sysnative\drivers\BDArKit.SYS
2015-05-05 11:07:11 C97F538114FA88B2357F9EA6FB6BD216 99640 ----a-w- C:\windows\Sysnative\drivers\TAOAccelerator64.sys
2015-05-05 11:02:49 CA666E0DE4C3535099984C9373720BF2 38200 ----a-w- C:\windows\Sysnative\drivers\TSSKX64.sys
2015-05-05 11:02:33 A09E8A0D420147DAAA760763F6A6F8DC 174392 ----a-w- C:\windows\Sysnative\drivers\TAOKernel64.sys
2015-05-05 11:02:12 6F591025E6EDDC322E7C1B1A0E56F57A 87864 ----a-w- C:\windows\Sysnative\drivers\TFsFltX64.sys
2015-05-05 10:51:53 B070BE913D270FC77A53F8D4304AF94D 202576 ----a-w- C:\windows\Sysnative\drivers\bd0001.sys_34897
2015-05-05 10:51:53 B070BE913D270FC77A53F8D4304AF94D 202576 ----a-w- C:\windows\Sysnative\drivers\bd0001.sys_
2015-04-26 11:47:53 8524178B895E4BC04776B319DA3A70EC 4102928 ----a-w- C:\windows\Sysnative\drivers\RTKVHD64.sys
2015-04-26 11:47:52 77B5BDB2B46EAE4223BECE010549141C 329737 ----a-w- C:\windows\Sysnative\drivers\RTAIODAT.DAT
2015-04-26 11:41:34 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\windows\Sysnative\drivers\Msft_Kernel_usb3Hub_01009.Wdf
2015-04-26 11:41:30 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\windows\Sysnative\drivers\Msft_Kernel_XHCIPort_01009.Wdf
2015-04-15 11:06:02 4FB010DEA1028ED0A26F20D2F404210F 256992 ----a-w- C:\windows\Sysnative\drivers\avgldx64.sys
2015-04-15 09:16:27 1FA627E63195BF3BF636BFEF0D7190D4 155576 ----a-w- C:\windows\Sysnative\drivers\ksecpkg.sys
2015-04-15 09:16:27 063C09DB965E3DFD6F4F08416F6DB8F5 95672 ----a-w- C:\windows\Sysnative\drivers\ksecdd.sys
2015-04-15 09:16:14 F61634BEC53F73702A10DE69F6DCAF57 754688 ----a-w- C:\windows\Sysnative\drivers\http.sys
2015-04-09 12:11:14 CF87A58828B5709C7D01CEADD7B7CAF6 284128 ----a-w- C:\windows\Sysnative\drivers\avgidsdrivera.sys
2015-04-07 10:39:26 8841668E8396ED578CA283EF2F1D8383 291296 ----a-w- C:\windows\Sysnative\drivers\avgtdia.sys
====== C:\windows\Tasks ======
2015-05-05 12:31:31 D63464AA077339A5FEAE09BC442EB7C9 3254 ----a-w- C:\windows\Sysnative\Tasks\Trojan Killer
2015-05-05 10:53:02 F69F132A1AFFCBD630812ABF62D6728E 4728 ----a-w- C:\windows\Sysnative\Tasks\BYAIAMUF
2015-05-05 10:53:02 4003D864A80A0A038AB611E89E79E384 1694 ----a-w- C:\windows\Tasks\BYAIAMUF.job
2015-04-26 11:30:56 FE173545174A62F9CDC900A16827CDC1 3214 ----a-w- C:\windows\Sysnative\Tasks\advSRS5
====== C:\windows\Temp ======
======= C:\Program Files =====
2015-05-05 11:04:24 -------- d-----w- C:\Program Files\Common Files\Tencent
2015-04-26 11:40:40 -------- d-----w- C:\Program Files\Intel Corporation
======= C:\PROGRA~2 =====
2015-05-05 15:16:20 -------- d-----w- C:\PROGRA~2\AVG Web TuneUp
2015-05-05 13:01:57 -------- d-----w- C:\PROGRA~2\AVG
2015-05-05 11:02:07 -------- d-----w- C:\PROGRA~2\COMMON~1\Tencent
2015-05-05 10:59:42 -------- d-----w- C:\PROGRA~2\Tencent
2015-05-05 10:57:46 -------- d-----w- C:\PROGRA~2\Opera
2015-05-05 10:53:04 -------- d-----w- C:\PROGRA~2\69dc8177-a574-4dff-8461-b3267b078dcf
2015-05-05 10:51:38 -------- d-----w- C:\PROGRA~2\Seznam.cz
2015-04-18 07:12:55 -------- d-----w- C:\PROGRA~2\Foxit Software
2015-04-17 08:46:04 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2015-04-16 07:03:26 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype
======= C: =====
====== C:\Users\Samsung\AppData\Roaming ======
2015-05-05 19:43:32 -------- d-----w- C:\Users\Samsung\AppData\Local\Norman Malware Cleaner
2015-05-05 15:17:04 -------- d-----w- C:\Users\Samsung\AppData\Local\AVG Web TuneUp
2015-05-05 15:17:03 -------- d-----w- C:\Users\Samsung\AppData\Locallow\AVG Web TuneUp
2015-05-05 15:16:29 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Locallow\AVG Web TuneUp
2015-05-05 13:05:26 -------- d-----w- C:\Users\Samsung\AppData\Roaming\AVG2015
2015-05-05 13:04:58 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015
2015-05-05 13:04:30 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015
2015-05-05 13:04:29 -------- d-----w- C:\Users\Samsung\AppData\Roaming\TuneUp Software
2015-05-05 13:02:06 -------- d-----w- C:\windows\SysNative\config\systemprofile\AppData\Local\Avg2015
2015-05-05 12:56:24 -------- d-----w- C:\Users\Samsung\AppData\Local\Avg2015
2015-05-05 11:21:57 -------- d-----w- C:\Users\Samsung\AppData\Local\VS Revo Group
2015-05-05 11:02:57 -------- d-----w- C:\Users\Samsung\AppData\Local\Opera Software
2015-05-05 11:02:31 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Roaming\Tencent
2015-05-05 10:59:12 -------- d-----w- C:\Users\Samsung\AppData\Roaming\Tencent
2015-05-05 10:50:45 -------- d-----w- C:\Users\Samsung\AppData\Roaming\Seznam.cz
2015-04-26 11:43:39 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Roaming\Foxit Software
2015-04-26 11:40:20 CF99A9CEB3981CD15BCDBB958436839D 2533 ----a-w- C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt
2015-04-26 11:39:51 821F2BEEB9B46BDF064EA815882600A2 27554 ----a-w- C:\Users\Samsung\AppData\Local\WiDiSetupLog.20150426.133951.txt
2015-04-18 07:37:07 -------- d-----w- C:\windows\SysNative\config\systemprofile\AppData\Roaming\Foxit Software
2015-04-18 07:13:19 -------- d-----w- C:\Users\Samsung\AppData\Roaming\Foxit Software
2015-04-14 15:19:45 -------- d-----w- C:\Users\Samsung\AppData\Roaming\BitTorrent Maelstrom
2015-04-09 17:59:17 -------- d-----w- C:\Users\Default\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-09 17:59:17 -------- d-----w- C:\Users\Default User\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-09 17:58:51 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Local\Garmin_Ltd._or_its_subsid
====== C:\Users\Samsung ======
2015-05-06 09:48:24 !HASH: COULD NOT OPEN FILE !!!!! 112640 ----a-w- C:\Users\Samsung\Desktop\FRSTLauncher.exe
2015-05-06 09:27:10 235AF8645781CE73CB30302561F172DF 2101760 ----a-w- C:\Users\Samsung\Desktop\FRST64.exe
2015-05-06 09:26:56 235AF8645781CE73CB30302561F172DF 2101760 ----a-w- C:\Users\Samsung\Downloads\FRST64.exe
2015-05-05 22:07:37 2E1D22AC30F4B392CEAF3D7D59BE3626 2204160 ----a-w- C:\Users\Samsung\Downloads\adwcleaner_4.203.exe
2015-05-05 21:47:50 56A375A83CED75C331A67882D0C0F9DA 16502728 ----a-w- C:\Users\Samsung\Downloads\mbar-1.09.1.1004.exe
2015-05-05 21:23:44 D729E0726F77304B299085AFBA059B5F 768512 ----a-w- C:\Users\Samsung\Downloads\ReimageRepair.exe
2015-05-05 20:04:51 31D2409237481996E00505054E68BA3E 21540440 ----a-w- C:\Users\Samsung\Downloads\mbam-setup-2.1.4.1018.exe
2015-05-05 15:16:30 -------- d-----w- C:\ProgramData\AVG Web TuneUp
2015-05-05 13:04:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-05 13:03:21 -------- d-----w- C:\ProgramData\AVG2015
2015-05-05 12:56:24 -------- d--h--w- C:\ProgramData\Common Files
2015-05-05 12:31:13 -------- d-----w- C:\ProgramData\GridinSoft
2015-05-05 11:17:39 -------- d-----w- C:\ProgramData\TXQMPC
2015-05-05 10:59:09 -------- d-----w- C:\ProgramData\Tencent
2015-04-26 11:40:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-04-18 07:36:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2015-04-18 07:13:18 -------- d-----w- C:\Users\Public\Foxit Software
2015-04-18 07:13:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-04-16 07:03:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
====== C: exe-files ==
2015-05-06 10:13:11 D4AFF9AB1B2C3DC6C9D517C0AF2EFF62 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2554604388-228695639-1623551743-1000\$IR1UPMS.exe
2015-05-06 09:48:24 !HASH: COULD NOT OPEN FILE !!!!! 112640 ----a-w- C:\Users\Samsung\Desktop\FRSTLauncher.exe
2015-05-06 09:27:10 235AF8645781CE73CB30302561F172DF 2101760 ----a-w- C:\Users\Samsung\Desktop\FRST64.exe
2015-05-06 09:26:56 235AF8645781CE73CB30302561F172DF 2101760 ----a-w- C:\Users\Samsung\Downloads\FRST64.exe
2015-05-05 22:43:26 F68A5507E37C1FC1C17F6B1A6BFF582E 1308672 ----a-w- C:\$Recycle.Bin\S-1-5-21-2554604388-228695639-1623551743-1000\$RR1UPMS.exe
2015-05-05 22:07:37 2E1D22AC30F4B392CEAF3D7D59BE3626 2204160 ----a-w- C:\Users\Samsung\Downloads\adwcleaner_4.203.exe
2015-05-05 21:53:24 FE9BD656A5F251D2BB90151325DA1B14 54072 ----a-w- C:\Users\Samsung\Desktop\mbar\mbamdor.exe
2015-05-05 21:53:24 7CBC1070E51238E59F7535C8F2344FB6 821560 ----a-w- C:\Users\Samsung\Desktop\mbar\Plugins\fixdamage.exe
2015-05-05 21:53:24 5E29C495F48A9CFED856D097FED6ECE4 170296 ----a-w- C:\Users\Samsung\Desktop\mbar\mbar.exe
2015-05-05 21:47:50 56A375A83CED75C331A67882D0C0F9DA 16502728 ----a-w- C:\Users\Samsung\Downloads\mbar-1.09.1.1004.exe
2015-05-05 21:26:26 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Samsung\AppData\Local\Temp\ReiSysUpdate.exe
2015-05-05 21:25:33 07A6BF655E4FC9ECA1FF261E1BCF5666 13368424 ----a-w- C:\Users\Samsung\AppData\Local\Temp\ReimagePackage.exe
2015-05-05 21:23:44 D729E0726F77304B299085AFBA059B5F 768512 ----a-w- C:\Users\Samsung\Downloads\ReimageRepair.exe
2015-05-05 20:04:51 31D2409237481996E00505054E68BA3E 21540440 ----a-w- C:\Users\Samsung\Downloads\mbam-setup-2.1.4.1018.exe
2015-05-05 16:31:21 091235F94956B7824F2FDC73E0288BB1 534528 ----a-w- C:\Users\Samsung\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2015-05-05 15:16:31 9797E6A49B81ECFE2F3BE9AC9C387718 736152 ----a-w- C:\ProgramData\AVG Web TuneUp\CrashReport\avgdumpx.exe
2015-05-05 15:16:31 1346C4C87969DE076DEB2E0CC551C31B 3029968 ----a-w- C:\ProgramData\AVG Web TuneUp\CrashReport\avgdiagex.exe
2015-05-05 15:16:26 70595A37D9C4647C195CDA11EDC2D251 2909720 ----a-w- C:\Program Files (x86)\AVG Web TuneUp\Uninstall.exe
2015-05-05 15:16:26 64093FC9034F0679D5E1F3875856FA7A 3033112 ----a-w- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-05-05 15:16:25 91E41689E06FF48B029E877E2AD0E638 1402392 ----a-w- C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
2015-05-05 15:16:25 3D505FC003DCA28FDF11858D5F6140FA 982552 ----a-w- C:\Program Files (x86)\AVG Web TuneUp\lip.exe
2015-05-05 15:16:22 A2D61A676374FAE0C2CF029FAB71C96E 1105944 ----a-w- C:\Program Files (x86)\AVG Web TuneUp\BundleInstall.exe
2015-05-05 15:16:20 FFD80DC0CDA145C3376A5076360162C8 620056 ------w- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-05-05 15:15:59 AAB4961F2E8F19AB6419D5B698EC870B 22647832 ----a-w- C:\Windows\Temp\ri_{33075ACA-77EA-4097-9635-0BE391CA1E50}.exe
2015-05-05 15:13:59 0122DC60AC2308F4979CBA2EC4942F97 7152488 ----a-w- C:\Program Files (x86)\AVG\AVG2015\Notification\Launcher.exe
2015-05-05 13:19:42 597D3B8AAC5E3A476D8E261E2D7B422B 727392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\FileSmash\bugreport.exe
2015-05-05 12:50:49 C10BAD831FEBD394EA7E7EAA99AB1222 5224784 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\PluginsSetupBak\QMDTLSDKSetup20141114.exe
2015-05-05 12:50:47 C9D912B4368D48A580834039EDD7701B 13209632 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\PluginsSetupBak\QQPhoneManager-5.1.2_710201.4552.pa.exe
2015-05-05 12:31:42 283B7B75710C97AE26B3BA959D391870 68890912 ----a-w- C:\Users\Samsung\AppData\Local\Temp\tmp76F.exe
2015-05-05 12:28:40 ADE31FE4E33721787FFF44C7DD1327F2 207200 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\qmspeedupplugin\phonerocket\dock_5.5.0.2\QQPCPhoneDock.exe
2015-05-05 12:28:40 597D3B8AAC5E3A476D8E261E2D7B422B 727392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\qmspeedupplugin\phonerocket\dock_5.5.0.2\bugreport.exe
2015-05-05 11:40:44 26087F34760FE35CBC43D6DE5E9259B2 2861712 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\PluginsSetupBak\QMSystemSetup_10.8.16208.227_2814024435.exe
2015-05-05 11:15:28 597D3B8AAC5E3A476D8E261E2D7B422B 727392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\qmspeedupplugin\phonerocket\dock_5.3.0.3\bugreport.exe
2015-05-05 11:13:49 EF35D4141E0FD5508A7C9F77976A5565 2635064 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\PluginsSetupBak\QMBlueScreenFixSetup_10.8.16208.227_2492225013.exe
2015-05-05 11:13:32 EF35D4141E0FD5508A7C9F77976A5565 2635064 ----a-w- C:\Users\Samsung\AppData\Local\Temp\QMPluginMgr\QMBluescreenFixer.exe
2015-05-05 11:13:29 50CEC0A9E3793F52D5D075F938FBDC95 5627424 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\PCMgr_AndroidServer.exe
2015-05-05 11:11:58 9C2CDFB853E33762C10E250886F2DFF0 5043152 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\PhoneDockInstaller.exe
2015-05-05 11:11:02 819776A95B23B678C4027C236F802A69 575968 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRealTimeSpeedup.exe
2015-05-05 11:09:51 85B9215152BD9760395832F9BF5EEFAC 67936 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\CData.exe
2015-05-05 11:09:49 5DE3B7BA985848399BDB80645B32C648 235360 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QBFixerForGJ.exe
2015-05-05 11:09:47 78779BC6FE094DBBF364390F22150C7B 248160 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMRtpTips.exe
2015-05-05 11:09:17 45DCC6521321653B33F27F8E5150F1E7 117088 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMTrayPluginEdit0.exe
2015-05-05 11:08:20 8759AB57945DEBB34FE4F4507B890D13 240096 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\DrState.EXE
2015-05-05 11:02:07 AA692F79A6A987D901EBE73F8BF2C47B 294456 ----a-w- C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\bugreport_xf.exe
2015-05-05 11:02:07 16E27465FC02E6974704FD2187E92144 1097272 ----a-w- C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe
2015-05-05 11:01:38 16E27465FC02E6974704FD2187E92144 1097272 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\QQPCB1AndroidJmp\Tencentdl.exe
2015-05-05 11:01:07 6D7CFEC24CAB7113D12216EA311454F8 555360 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUpdate\QQPCUpdate.exe
2015-05-05 11:01:07 597D3B8AAC5E3A476D8E261E2D7B422B 727392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUpdate\bugreport.exe
2015-05-05 11:01:07 16E27465FC02E6974704FD2187E92144 1097272 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUpdate\tencentdl.exe
2015-05-05 10:59:58 FC03670374BE44BAA71770124A0968F1 293728 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOFrame.exe
2015-05-05 10:59:58 F42C3A52D13334A892A7EF995A57E1A8 162272 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQRepair.exe
2015-05-05 10:59:58 CD650B1FA1F9E62827B36CC3FADF058E 407904 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCXPNOTIFY.exe
2015-05-05 10:59:58 777C22AF26C551ABD145660506BCF006 293216 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TpkUpdate.exe
2015-05-05 10:59:58 623DD482FE5E3EC62A04FEFC9F4B6D5E 1522144 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\Uninst.exe
2015-05-05 10:59:58 5137D00B7873E304C20EC63FF2351264 39392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQRepairEx.exe
2015-05-05 10:59:58 50B2F69830A2F2E24BF5A17CDFB547DA 317792 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCUpdateAVLib.exe
2015-05-05 10:59:58 50301BE8AACD48A4E0C82A574C0EDD91 355296 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe
2015-05-05 10:59:58 178E35CF45620599BF8D6BC2B7460E02 74552 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCWSCController.exe
2015-05-05 10:59:58 16E27465FC02E6974704FD2187E92144 1097272 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\Tencentdl.exe
2015-05-05 10:59:58 10FD6A9DD1281F3CD3D723FDB62FBDAE 334304 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\UninstallTips.exe
2015-05-05 10:59:56 FAD9A8A16E2A2793AB06210E79CC42E8 105440 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftCmd.exe
2015-05-05 10:59:56 9C0DD65C187B103B269599CD3B0EE840 547168 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftGame.exe
2015-05-05 10:59:56 7C8C3FB2CB2E941ABDBF02DDBFB82657 297608 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRTP.exe
2015-05-05 10:59:56 73C3CEEBDA2BD54F5AE5BF20043EB8BF 1419744 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftMgr.exe
2015-05-05 10:59:56 6A7C223DF4D24FF085853117BD8E0C61 690656 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSysOptimize.exe
2015-05-05 10:59:56 665D79A9CB6D1E26B11512ECB69E4A88 612704 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftConfig.exe
2015-05-05 10:59:56 629320494B0057D75D0B6426453BB225 59744 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCStub.exe
2015-05-05 10:59:56 2468FC8CBC574FBF104C50760E59216B 1132896 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftTrayTips.exe
2015-05-05 10:59:53 EE065A7345601208EFD874A15ADA3758 112992 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCFTSysShortTask.exe
2015-05-05 10:59:53 E9449F29322F9B10727723FCF492ECD7 686432 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCFileOpen.exe
2015-05-05 10:59:53 9C9284E7E7ACC433D56825B9553737F8 334176 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCmgrInstallGuide.exe
2015-05-05 10:59:53 7A92D2CC9C5263193242411C44AD869D 88544 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCMgr.exe
2015-05-05 10:59:53 711D6F2940B38ED0355F2A6FB59F5DC9 85944 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCClinicHelper64.exe
2015-05-05 10:59:53 6D7CFEC24CAB7113D12216EA311454F8 555360 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUpdate\QQPCMgrUpdate.exe
2015-05-05 10:59:53 6B518B9A219E3DF159F01E86205982F2 1186144 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\QMNetMon\QQPCNetFlow.exe
2015-05-05 10:59:53 63BE2A6F3B770154FEFF14A96A453892 334176 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPConfig.exe
2015-05-05 10:59:53 4CB4CD09B8A45154F645D464BA968FE2 68064 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCClinicHelper.exe
2015-05-05 10:59:53 4B45AAA51AC32C94BC919F8CAB1FD35B 440800 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCPatch.exe
2015-05-05 10:59:53 3DF0B96D10EF5F405B0787340AAEE85F 174432 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCExternal.exe
2015-05-05 10:59:53 15E9C3DE9366C1F0DDB87037F0FACA1E 23904 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCLaunch.exe
2015-05-05 10:59:53 0914E392BCCC4ABFA36FFA99BCD90E0D 530784 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCGameUpShow.exe
2015-05-05 10:59:53 01FA1DAE4B55D8A17DA5FC5A53BF3684 858464 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCLeakScan.exe
2015-05-05 10:59:52 F78A42CE6891AD4E07F29265C35CA95B 301536 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMSignScan.exe
2015-05-05 10:59:52 F488AFAA73F44D9F0416770E50549F9B 145888 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMSuperScan.EXE
2015-05-05 10:59:52 E9B910CACE9BEB73907929F8257C5700 358968 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQBrowserWebInstaller.exe
2015-05-05 10:59:52 E48F513AFD5851B397C56D03392F9183 387424 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMFeedBack.exe
2015-05-05 10:59:52 DFC0B592CCB111EA5AE688F2B95EAC33 121184 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMLspPing.exe
2015-05-05 10:59:52 D1A1EEBB8486FC33F448BBA4F646C732 1386976 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMAccountProtection.exe
2015-05-05 10:59:52 CA2A9355025A726D8BCF23244F6A72CF 432480 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMDeskTopGC.exe
2015-05-05 10:59:52 C9F42E4DCDE6ECF0BD7073F4F746F5D1 342368 ----a-w- C:\ProgramData\Tencent\QQPCMgr\Quarantine\QMQuarantine.exe
2015-05-05 10:59:52 C7A62FC1C385E9C317581C1ABB4DDD67 731488 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUsbGuard.exe
2015-05-05 10:59:52 C07A252BF50BCD98AF354260476BB555 207200 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMDL.exe
2015-05-05 10:59:52 AA692F79A6A987D901EBE73F8BF2C47B 294456 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\bugreport_xf.exe
2015-05-05 10:59:52 A9108424546743C76BCCFEEA36998330 1018336 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCClinic.exe
2015-05-05 10:59:52 A59BA33E97F4BFDC264FE29191097BBE 354656 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMRouterMgr.exe
2015-05-05 10:59:52 A1309ED2593640CCD639727932623EF6 301408 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMChExt.exe
2015-05-05 10:59:52 7D5492CC77BDF1593A7A7D599883270B 637280 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMGameSpeedup.exe
2015-05-05 10:59:52 7368EB11E33902012AB4C4F09D811916 440800 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\NetRepair.exe
2015-05-05 10:59:52 717BBC89D7D8FDAF69D958EADF5FE17C 678240 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCAVSetting.exe
2015-05-05 10:59:52 5D8604F4980F677E4B16E5F4AB14E6DB 162144 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\PluginInstaller.exe
2015-05-05 10:59:52 597D3B8AAC5E3A476D8E261E2D7B422B 727392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\QMBluescreenFixer\bugreport.exe
2015-05-05 10:59:52 597D3B8AAC5E3A476D8E261E2D7B422B 727392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\bugreport.exe
2015-05-05 10:59:52 55615087F60DE8289DFED5B98C0D3C15 219488 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMAutoClean.exe
2015-05-05 10:59:52 3823E783316A15CADD55F8D640F8D33A 616800 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMDLP.exe
2015-05-05 10:59:52 371CFFDEF275FB08ED18029808ABBF82 92512 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCBTU.exe
2015-05-05 10:59:52 327EBC3495719A6CB0AE44422C739FA2 55648 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMStateCheck.exe
2015-05-05 10:59:52 2C1B0BCE18FAD3647BEB979C321F09AE 112992 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMProviderUpdate.EXE
2015-05-05 10:59:52 264C6C9341146DC9BA36A402E6CF96C0 412000 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMTencentNews.exe
2015-05-05 10:59:52 125ACEF07C40C87860F8EA0AA165CB59 579936 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMAdFilter.exe
2015-05-05 10:59:52 09FE9527DF0728DD86B317E22469A094 375136 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMPersonalCenter.exe
2015-05-05 10:59:12 B189CEAE840F3E629534457CCB841778 199008 ----a-w- C:\Users\Samsung\AppData\Local\Temp\Tencent\QQPCMgr\~2e31df97\UpdateTrayIcon.exe
2015-05-05 10:57:34 4795A3CD5F978D2B803DD535C370FF6A 1496975 ----a-w- C:\Users\Samsung\AppData\Local\Temp\81430823308\1PlhBLkxUSg==2.exe
2015-05-05 10:57:32 7C82885901BC3FCAB33BEA521DB9AA35 49795 ----a-w- C:\Users\Samsung\AppData\Local\Temp\81430823308\SVJBLkxUSg==27036.exe
2015-05-05 10:55:27 214AA5BEFCB669450189F00231067055 48081248 ----a-w- C:\Users\Samsung\AppData\Local\Temp\qqpcmgr_v10.8.16208.227_71919_Silence.exe
2015-05-05 10:55:20 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Samsung\AppData\Local\Temp\81430823308\SVJBLkxUSg==10700.exe
2015-05-05 10:52:45 D6A85C6DAF512EAEBBCE01A5ABD91635 30391344 ----a-w- C:\Users\Samsung\AppData\Local\Temp\G0417_s_71353.exe
2015-05-05 10:49:57 04476763D3CFAB8C519C5097FCC7BE23 16433800 ----a-w- C:\Users\Samsung\AppData\Local\Temp\F0212_s_31184.exe
2015-05-01 09:57:44 5CBF70FD73ED1498448C471F9672E17E 1089104 ----a-w- C:\Program Files (x86)\Google\Update\Install\{5F585E2B-7429-4AB4-B34B-E6CFA7B57846}\42.0.2311.135_42.0.2311.90_chrome_updater.exe
2015-05-01 09:57:43 5CBF70FD73ED1498448C471F9672E17E 1089104 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.135\42.0.2311.135_42.0.2311.90_chrome_updater.exe
2015-04-29 15:52:25 3ACC2560DDC26922A726F5CFDA60E84F 1443160 ----a-w- C:\Users\Samsung\AppData\Roaming\BitTorrent\updates\7.9.3_40101.exe
=== C: other files ==
2015-05-06 09:33:37 15CE39ED4807E268643728B2C938CE4C 2921 ---h--w- C:\Users\Samsung\AppData\Local\Temp\~7E2F.bat
2015-05-05 20:06:45 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-05-05 20:06:15 F49FB3C88E263AE9A246593B0BB29294 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-05-05 20:06:15 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-05-05 20:06:15 0307CF4184F4F22DB75F36ACCCEF7ED1 107736 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-05-05 19:43:48 E12C035403AA6F4E16ACD81530A3A4BE 40872 ----a-w- C:\Users\Samsung\AppData\Local\Temp\nmc_temp\0000\nse\bin\nsak64.sys
2015-05-05 16:27:48 46E85FE5F787FDABAE8EA8C571ADC53B 56136 ----a-w- C:\Windows\System32\drivers\BDMWrench_x64.sys
2015-05-05 16:26:13 AC5C57F6C95C5B2EE4FE78C7C93372A5 152392 ----a-w- C:\Windows\System32\drivers\BDArKit.SYS
2015-05-05 15:16:25 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Program Files (x86)\AVG Web TuneUp\data.zip
2015-05-05 13:35:58 44518B98557E764F64EF514C5EC1392F 1856299 ----a-w- C:\Users\Samsung\AppData\Local\Temp\1430832956201504271def2.zip
2015-05-05 13:35:46 68E1BF37EDF4CC71600AE4EB917B9767 1500510 ----a-w- C:\Users\Samsung\AppData\Local\Temp\1430832943201504081engine2.zip
2015-05-05 11:46:59 DA947B9CAE18C14C497D01417E242FBE 28984 ----a-w- C:\Windows\SysWOW64\drivers\TS888x64.sys
2015-05-05 11:46:59 DA947B9CAE18C14C497D01417E242FBE 28984 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TS888x64.sys
2015-05-05 11:11:11 A8AE509C8E3F9154B52E7FFD28367969 33194 ----a-w- C:\ProgramData\Tencent\QQPCMgr\QMRealTimeSpeedupData\QMRealTimeSpeedupData.zip
2015-05-05 11:07:11 C97F538114FA88B2357F9EA6FB6BD216 99640 ----a-w- C:\Windows\System32\drivers\TAOAccelerator64.sys
2015-05-05 11:02:49 CA666E0DE4C3535099984C9373720BF2 38200 ----a-w- C:\Windows\System32\drivers\TSSKX64.sys
2015-05-05 11:02:33 A09E8A0D420147DAAA760763F6A6F8DC 174392 ----a-w- C:\Windows\System32\drivers\TAOKernel64.sys
2015-05-05 11:02:12 6F591025E6EDDC322E7C1B1A0E56F57A 87864 ----a-w- C:\Windows\System32\drivers\TFsFltX64.sys
2015-05-05 11:00:09 F728D2EA2E010F2461600BBB2FA70B1D 36280 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\AntiRK.sys
2015-05-05 11:00:09 F6D084403F8BB63E51EBD59F4159E0F9 16552 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCHW-x64.sys
2015-05-05 11:00:09 EF3AEEE5B5BBA20C72641132580443F4 60600 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk.sys
2015-05-05 11:00:09 E98D02E7A4FE8263E56210E89D5B6D39 138552 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOKernel.sys
2015-05-05 11:00:09 E8AA1EFB62E4A7881AF0A4A0280ED291 75832 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsNetMon.sys
2015-05-05 11:00:09 DA5F124A8D025AFA1E44E231AD222B8B 14008 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSDefenseBt.sys
2015-05-05 11:00:09 D07C33F0FF32C256940BE60D56E12B29 101560 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSSysKit.sys
2015-05-05 11:00:09 CA666E0DE4C3535099984C9373720BF2 38200 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tsskx64.sys
2015-05-05 11:00:09 C97F538114FA88B2357F9EA6FB6BD216 99640 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOAccelerator64.sys
2015-05-05 11:00:09 BEF6127F4CA8B1144BD1D2164A175315 62264 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk64.sys
2015-05-05 11:00:09 A09E8A0D420147DAAA760763F6A6F8DC 174392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOKernel64.sys
2015-05-05 11:00:09 983AF404D1C4BE76D538D9593C74ABB4 108344 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQSysMon.sys
2015-05-05 11:00:09 9627D4EDFF04F1A843399C685DEEA015 54584 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsNetMonWfp64.sys
2015-05-05 11:00:09 9205D46FCAB6A7935F639290F595AFE4 31360 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TxArp_64.sys
2015-05-05 11:00:09 90E60E31C618ABCD1FEB2A51991C18E2 123864 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsFltMgr.sys
2015-05-05 11:00:09 8EA6D832A0CC0188F52F02244CF0B546 49080 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMIEProtect.sys
2015-05-05 11:00:09 82FC36CEA4BDB0F789801BB25BD1F67E 67896 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsNetMonWfp.sys
2015-05-05 11:00:09 7D14649978DFC918C420CCDF6D191E51 87352 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSSysKit64.sys
2015-05-05 11:00:09 6F591025E6EDDC322E7C1B1A0E56F57A 87864 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\FileMon\x64\TFsFltX64.sys
2015-05-05 11:00:09 6416EFF7B5B704469B3B7AFB6665E71F 28472 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsDefenseBT64.sys
2015-05-05 11:00:09 5D430C9058F779C1161C6FFD208FCBAB 139064 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOKernelXP.sys
2015-05-05 11:00:09 5BBA074F184E6CDD338EF6671D477D81 23680 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TxArp6_64.sys
2015-05-05 11:00:09 5ABD35450743753AD4DF96A9EF8AA401 35544 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCHW.sys
2015-05-05 11:00:09 4FF67725C0FEFA475ECC207E510DD65A 38200 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\AntiRKX64.sys
2015-05-05 11:00:09 4A119DB19389D6547F7E458F58F7052E 43448 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tscpm.sys
2015-05-05 11:00:09 3B8351430B83209FCCAB15A6F7EC947B 77016 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOAccelerator.sys
2015-05-05 11:00:09 3AD20873FE5B644D904F7F325A37C230 204568 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSKsp.sys
2015-05-05 11:00:09 37BD419B17C411B0521A71F3FADDEB64 42296 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tscpm64.sys
2015-05-05 11:00:09 2E3CC606AE30D3FE4D2CC2DBE1A5AC5F 67896 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tssk.sys
2015-05-05 11:00:09 18721395882FE49075E1AF5FFCC6857B 27096 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TxArp6.sys
2015-05-05 11:00:09 131EC6434F4E265F1F56DAAB6775539F 34784 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TxArp.sys
2015-05-05 11:00:09 121012E27426F89D8A25D89004FBC49D 127800 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQSysMonX64.sys
2015-05-05 11:00:09 102FEA43113AC1F5DD4C8B4855DA8F18 22360 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCHelper.sys
2015-05-05 11:00:09 02390704F6AD8C9E937A220B64DC357A 150072 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\FileMon\i386\TFsFlt.sys
2015-05-05 10:59:48 F1F6FAAED8D8EBB4CF54D7877118609A 1320 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMTrayPlugin\QMAutoTaskPlugin\AutoTaskConfig.bat
2015-05-05 10:59:48 8D1CACD38FD50FD16902FADEE62890AF 79359 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\AdfilterExtension.crx
2015-05-05 10:59:47 E78E85ABCCA969929A00664A14C80673 280253 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\SysHomePage\GarbageSoftIcon.zip
2015-05-05 10:59:47 798BFAD9A857B33CFE6DBD2A2544BC5A 5723369 ----a-w- C:\ProgramData\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\QMRealTimeSpeedupSkinCenter.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\tray.exe"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\tray.exe"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
" QQPCTray"="C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe /regrun"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"FreeFallProtection"="C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe"
"BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp"
"IgfxTray"="C:\windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"Persistence"="C:\windows\system32\igfxpers.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "
==== Task Scheduler Jobs ======================
C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17.04.2015 20:28]
C:\windows\tasks\BYAIAMUF.job --a------ C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe []
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14.01.2014 18:46]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
==== Other Scheduled Tasks ======================
"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\SysNative\tasks\advSRS5" ["C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"]
"C:\windows\SysNative\tasks\BYAIAMUF" [C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe]
"C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\windows\SysNative\tasks\EasyBatteryManager" ["%ProgramFiles(x86)%\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe"]
"C:\windows\SysNative\tasks\EasyDisplayMgr" ["C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"]
"C:\windows\SysNative\tasks\EasySpeedUpManager" ["%programfiles(x86)%\Samsung\Easy Settings\EasySpeedUpManager.exe"]
"C:\windows\SysNative\tasks\FFSRConfigurer" ["C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe"]
"C:\windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\MovieColorEnhancer" ["%programfiles(x86)%\Samsung\Easy Settings\MovieColorEnhancer.exe"]
"C:\windows\SysNative\tasks\SAgent" ["C:\Program Files\Samsung\S Agent\CommonAgent.exe"]
"C:\windows\SysNative\tasks\SamsungSupportCenter" [%programfiles(x86)%\Samsung\Easy Support Center\SSCKbdHk.exe]
"C:\windows\SysNative\tasks\SCCSpeedBoot" ["%programfiles(x86)%\Samsung\Easy Settings\SCCSpeedBoot.exe"]
"C:\windows\SysNative\tasks\SmartSetting" ["%programfiles(x86)%\Samsung\Easy Settings\SmartSetting.exe"]
"C:\windows\SysNative\tasks\Trojan Killer" ["C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe"]
"C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
==== Chromium Look ======================
Google Chrome Version: 42.0.2311.135
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 18:22]
ooebklgpfnbcnpokahmdidgbmlcdepkm - No path found[]
Google Slides - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Karoshi - bookmark - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aojlcmjjlpijlapccagoecbfbpfiglfb
Google Drive - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Seznam Lištička - Email - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
YouTube - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Open Subtitles - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonfllophjimdlhgjgeemafmndfldldf
Chrome YouTube Downloader - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja
Google Search - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Bookmark Manager - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
MP3 Player - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadoojjbafjcfdjcafflfnoimccbnlfd
Skype Click to Call - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Seznam Lištička - Rychlá volba - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Downhill Jam - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjegjjfdamcmjikplaghiloojkpmdfm
Gmail - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== EOF on st 06.05.2015 at 12:24:39,34 ======================
Tool run by Samsung on st 06.05.2015 at 12:13:39,20.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Samsung\Downloads\zoek.exe [Scan all users] [Quick Scan]
==== Older Logs ======================
C:\zoek-results2015-05-05-224657.log 1305 bytes
==== Files Recently Created / Modified ======================
====== C:\windows ====
====== C:\Users\Samsung\AppData\Local\Temp ====
2015-05-05 21:26:26 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Samsung\AppData\Local\Temp\ReiSysUpdate.exe
2015-05-05 21:25:33 07A6BF655E4FC9ECA1FF261E1BCF5666 13368424 ----a-w- C:\Users\Samsung\AppData\Local\Temp\ReimagePackage.exe
2015-05-05 19:43:48 E12C035403AA6F4E16ACD81530A3A4BE 40872 ----a-w- C:\Users\Samsung\AppData\Local\Temp\nmc_temp\0000\nse\bin\nsak64.sys
2015-05-05 19:43:48 A496F1DFC34EEDF8FD34F7739A184787 1767720 ----a-w- C:\Users\Samsung\AppData\Local\Temp\nmc_temp\0000\nse\bin\NSE_W32.DLL
2015-05-05 19:43:48 6CFFA27F0256C43E853375C5749C576A 217272 ----a-w- C:\Users\Samsung\AppData\Local\Temp\nmc_temp\0000\nse\bin\statslib.dll
2015-05-05 19:43:32 A8235D366029C2F1FCDAD5481122C16B 427368 ----a-w- C:\Users\Samsung\AppData\Local\Temp\nmc_temp\0000\nse\bin\ncl.dll
2015-05-05 19:43:32 2AB5CC762B0AF715DAE408CFB20C59BB 530712 ----a-w- C:\Users\Samsung\AppData\Local\Temp\nmc_temp\0000\nse\bin\ncm3.dll
2015-05-05 16:31:21 091235F94956B7824F2FDC73E0288BB1 534528 ----a-w- C:\Users\Samsung\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2015-05-05 12:31:42 283B7B75710C97AE26B3BA959D391870 68890912 ----a-w- C:\Users\Samsung\AppData\Local\Temp\tmp76F.exe
2015-05-05 12:25:13 C2FEA2C30301D78A90B488A79EBFD715 90112 ----a-w- C:\Users\Samsung\AppData\Local\Temp\BDRepair\BDMDownload.dll
2015-05-05 12:25:13 581D31CB00E9C0EB2667C17441604975 332616 ----a-w- C:\Users\Samsung\AppData\Local\Temp\BDRepair\BDMNetGetInfo.dll
2015-05-05 11:13:32 EF35D4141E0FD5508A7C9F77976A5565 2635064 ----a-w- C:\Users\Samsung\AppData\Local\Temp\QMPluginMgr\QMBluescreenFixer.exe
2015-05-05 10:59:12 B189CEAE840F3E629534457CCB841778 199008 ----a-w- C:\Users\Samsung\AppData\Local\Temp\Tencent\QQPCMgr\~2e31df97\UpdateTrayIcon.exe
2015-05-05 10:57:34 4795A3CD5F978D2B803DD535C370FF6A 1496975 ----a-w- C:\Users\Samsung\AppData\Local\Temp\81430823308\1PlhBLkxUSg==2.exe
2015-05-05 10:57:32 7C82885901BC3FCAB33BEA521DB9AA35 49795 ----a-w- C:\Users\Samsung\AppData\Local\Temp\81430823308\SVJBLkxUSg==27036.exe
2015-05-05 10:55:27 214AA5BEFCB669450189F00231067055 48081248 ----a-w- C:\Users\Samsung\AppData\Local\Temp\qqpcmgr_v10.8.16208.227_71919_Silence.exe
2015-05-05 10:55:20 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Samsung\AppData\Local\Temp\81430823308\SVJBLkxUSg==10700.exe
2015-05-05 10:52:45 D6A85C6DAF512EAEBBCE01A5ABD91635 30391344 ----a-w- C:\Users\Samsung\AppData\Local\Temp\G0417_s_71353.exe
2015-05-05 10:49:57 04476763D3CFAB8C519C5097FCC7BE23 16433800 ----a-w- C:\Users\Samsung\AppData\Local\Temp\F0212_s_31184.exe
2015-04-26 11:50:37 B83D2774CDAF5016CD8765A630FA1150 107392 ----a-w- C:\Users\Samsung\AppData\Local\Temp\{7B1D302C-6DE2-4963-B2B5-EEA991A738FE}\ISBEW64.exe
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2015-05-05 12:18:37 5B1E07E27495BD8D72B1F62660FDFA7F 4 ----a-w- C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
====== C:\windows\SysWOW64\drivers =====
2015-05-05 11:46:59 DA947B9CAE18C14C497D01417E242FBE 28984 ----a-w- C:\windows\SysWOW64\drivers\TS888x64.sys
====== C:\windows\Sysnative =====
2015-04-26 11:47:55 82A5E8D1778F456C60B111936310583F 2080120 ----a-w- C:\windows\Sysnative\WavesGUILib64.dll
2015-04-26 11:47:54 9ADFF7BA865F8BEBB8D1B5ACE07DA01B 606336 ----a-w- C:\windows\Sysnative\SFSS_APO.dll
2015-04-26 11:47:53 CA1D7D09854D305A64B100DC1400BA21 331880 ----a-w- C:\windows\Sysnative\RtlCPAPI64.dll
2015-04-26 11:47:53 6969AC4AD1744E8F768945DE4E990DC3 1561744 ----a-w- C:\windows\Sysnative\RTSnMg64.cpl
2015-04-26 11:47:53 2523F152A2D48CC62273A21A3A26FF81 2743440 ----a-w- C:\windows\Sysnative\RtPgEx64.dll
2015-04-26 11:47:52 F970C3C1416F433E31ED238F6FC0DD7A 880784 ----a-w- C:\windows\Sysnative\RtkApi64.dll
2015-04-26 11:47:52 EFD79DD8C669DF061CCE180D5B70C96C 1264272 ----a-w- C:\windows\Sysnative\RTCOM64.dll
2015-04-26 11:47:52 DE9CEA653C8F59A46A9349A7D28BDC47 5911552 ----a-w- C:\windows\Sysnative\RCoRes64.dat
2015-04-26 11:47:52 2974717C6500919E920A355143F8F520 109200 ----a-w- C:\windows\Sysnative\RCoInstII64.dll
2015-04-26 11:47:52 2762306CD6A8AAC96D4D965EE939D00E 3643024 ----a-w- C:\windows\Sysnative\SETCE90.tmp
2015-04-26 11:47:51 FC6A1827D21BE5EBB92E5EBC2ED78B0A 74632 ----a-w- C:\windows\Sysnative\R4EEG64A.dll
2015-04-26 11:47:51 771C0DF44C272E40372E2A768741A52A 433544 ----a-w- C:\windows\Sysnative\R4EED64A.dll
2015-04-26 11:47:51 585DD76786DC05A26BCD2A749E403946 7163784 ----a-w- C:\windows\Sysnative\R4EEP64A.dll
2015-04-26 11:47:51 1FCB96AA8D6CEB99DE6D36D3965ADFD9 141192 ----a-w- C:\windows\Sysnative\R4EEL64A.dll
2015-04-26 11:47:51 11113FA625233DF821518B616C812B7D 123784 ----a-w- C:\windows\Sysnative\R4EEA64A.dll
2015-04-26 11:47:50 9CE3953998D0F0659F1CE9B4AA824AEF 7598456 ----a-w- C:\windows\Sysnative\MaxxAudioRealtek64.dll
2015-04-26 11:47:50 8B5090790A44C446EEC4D8313C916562 394616 ----a-w- C:\windows\Sysnative\MaxxVolumeSDAPO.dll
2015-04-26 11:47:50 55F6FB0356C7633C3B06F8FCB3106F3A 834936 ----a-w- C:\windows\Sysnative\MaxxAudioAPOShell64.dll
2015-04-26 11:47:50 343FF0AC3B26D18E33A9C538A88AEC23 2028920 ----a-w- C:\windows\Sysnative\MaxxAudioEQ64.dll
2015-04-26 11:47:49 A0EB7F22BAF4332CFB955B3E09A9F033 394616 ----a-w- C:\windows\Sysnative\MaxxAudioAPO30.dll
2015-04-26 11:47:47 A797EED94B22B29D3974CB20B66BE6C6 110592 ----a-w- C:\windows\Sysnative\CONEQMSAPOGUILibrary.dll
2015-04-26 11:47:47 107B9F178E0A585A417356F3826D22AC 2533952 ----a-w- C:\windows\Sysnative\FMAPO64.dll
2015-04-26 11:47:46 E16FE4D8982ACD755637F4CC9303E00C 202336 ----a-w- C:\windows\Sysnative\AERTAC64.dll
2015-04-26 11:47:46 B3E9EA31E37EDCC1D54CE20504549ABE 108640 ----a-w- C:\windows\Sysnative\AERTAR64.dll
====== C:\windows\Sysnative\drivers =====
2015-05-05 20:06:45 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-05-05 20:06:15 F49FB3C88E263AE9A246593B0BB29294 63704 ----a-w- C:\windows\Sysnative\drivers\mwac.sys
2015-05-05 20:06:15 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\windows\Sysnative\drivers\mbam.sys
2015-05-05 20:06:15 0307CF4184F4F22DB75F36ACCCEF7ED1 107736 ----a-w- C:\windows\Sysnative\drivers\mbamchameleon.sys
2015-05-05 16:27:48 46E85FE5F787FDABAE8EA8C571ADC53B 56136 ----a-w- C:\windows\Sysnative\drivers\BDMWrench_x64.sys
2015-05-05 16:26:13 AC5C57F6C95C5B2EE4FE78C7C93372A5 152392 ----a-w- C:\windows\Sysnative\drivers\BDArKit.SYS
2015-05-05 11:07:11 C97F538114FA88B2357F9EA6FB6BD216 99640 ----a-w- C:\windows\Sysnative\drivers\TAOAccelerator64.sys
2015-05-05 11:02:49 CA666E0DE4C3535099984C9373720BF2 38200 ----a-w- C:\windows\Sysnative\drivers\TSSKX64.sys
2015-05-05 11:02:33 A09E8A0D420147DAAA760763F6A6F8DC 174392 ----a-w- C:\windows\Sysnative\drivers\TAOKernel64.sys
2015-05-05 11:02:12 6F591025E6EDDC322E7C1B1A0E56F57A 87864 ----a-w- C:\windows\Sysnative\drivers\TFsFltX64.sys
2015-05-05 10:51:53 B070BE913D270FC77A53F8D4304AF94D 202576 ----a-w- C:\windows\Sysnative\drivers\bd0001.sys_34897
2015-05-05 10:51:53 B070BE913D270FC77A53F8D4304AF94D 202576 ----a-w- C:\windows\Sysnative\drivers\bd0001.sys_
2015-04-26 11:47:53 8524178B895E4BC04776B319DA3A70EC 4102928 ----a-w- C:\windows\Sysnative\drivers\RTKVHD64.sys
2015-04-26 11:47:52 77B5BDB2B46EAE4223BECE010549141C 329737 ----a-w- C:\windows\Sysnative\drivers\RTAIODAT.DAT
2015-04-26 11:41:34 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\windows\Sysnative\drivers\Msft_Kernel_usb3Hub_01009.Wdf
2015-04-26 11:41:30 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\windows\Sysnative\drivers\Msft_Kernel_XHCIPort_01009.Wdf
2015-04-15 11:06:02 4FB010DEA1028ED0A26F20D2F404210F 256992 ----a-w- C:\windows\Sysnative\drivers\avgldx64.sys
2015-04-15 09:16:27 1FA627E63195BF3BF636BFEF0D7190D4 155576 ----a-w- C:\windows\Sysnative\drivers\ksecpkg.sys
2015-04-15 09:16:27 063C09DB965E3DFD6F4F08416F6DB8F5 95672 ----a-w- C:\windows\Sysnative\drivers\ksecdd.sys
2015-04-15 09:16:14 F61634BEC53F73702A10DE69F6DCAF57 754688 ----a-w- C:\windows\Sysnative\drivers\http.sys
2015-04-09 12:11:14 CF87A58828B5709C7D01CEADD7B7CAF6 284128 ----a-w- C:\windows\Sysnative\drivers\avgidsdrivera.sys
2015-04-07 10:39:26 8841668E8396ED578CA283EF2F1D8383 291296 ----a-w- C:\windows\Sysnative\drivers\avgtdia.sys
====== C:\windows\Tasks ======
2015-05-05 12:31:31 D63464AA077339A5FEAE09BC442EB7C9 3254 ----a-w- C:\windows\Sysnative\Tasks\Trojan Killer
2015-05-05 10:53:02 F69F132A1AFFCBD630812ABF62D6728E 4728 ----a-w- C:\windows\Sysnative\Tasks\BYAIAMUF
2015-05-05 10:53:02 4003D864A80A0A038AB611E89E79E384 1694 ----a-w- C:\windows\Tasks\BYAIAMUF.job
2015-04-26 11:30:56 FE173545174A62F9CDC900A16827CDC1 3214 ----a-w- C:\windows\Sysnative\Tasks\advSRS5
====== C:\windows\Temp ======
======= C:\Program Files =====
2015-05-05 11:04:24 -------- d-----w- C:\Program Files\Common Files\Tencent
2015-04-26 11:40:40 -------- d-----w- C:\Program Files\Intel Corporation
======= C:\PROGRA~2 =====
2015-05-05 15:16:20 -------- d-----w- C:\PROGRA~2\AVG Web TuneUp
2015-05-05 13:01:57 -------- d-----w- C:\PROGRA~2\AVG
2015-05-05 11:02:07 -------- d-----w- C:\PROGRA~2\COMMON~1\Tencent
2015-05-05 10:59:42 -------- d-----w- C:\PROGRA~2\Tencent
2015-05-05 10:57:46 -------- d-----w- C:\PROGRA~2\Opera
2015-05-05 10:53:04 -------- d-----w- C:\PROGRA~2\69dc8177-a574-4dff-8461-b3267b078dcf
2015-05-05 10:51:38 -------- d-----w- C:\PROGRA~2\Seznam.cz
2015-04-18 07:12:55 -------- d-----w- C:\PROGRA~2\Foxit Software
2015-04-17 08:46:04 -------- d-----w- C:\PROGRA~2\COMMON~1\Java
2015-04-16 07:03:26 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype
======= C: =====
====== C:\Users\Samsung\AppData\Roaming ======
2015-05-05 19:43:32 -------- d-----w- C:\Users\Samsung\AppData\Local\Norman Malware Cleaner
2015-05-05 15:17:04 -------- d-----w- C:\Users\Samsung\AppData\Local\AVG Web TuneUp
2015-05-05 15:17:03 -------- d-----w- C:\Users\Samsung\AppData\Locallow\AVG Web TuneUp
2015-05-05 15:16:29 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Locallow\AVG Web TuneUp
2015-05-05 13:05:26 -------- d-----w- C:\Users\Samsung\AppData\Roaming\AVG2015
2015-05-05 13:04:58 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015
2015-05-05 13:04:30 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015
2015-05-05 13:04:29 -------- d-----w- C:\Users\Samsung\AppData\Roaming\TuneUp Software
2015-05-05 13:02:06 -------- d-----w- C:\windows\SysNative\config\systemprofile\AppData\Local\Avg2015
2015-05-05 12:56:24 -------- d-----w- C:\Users\Samsung\AppData\Local\Avg2015
2015-05-05 11:21:57 -------- d-----w- C:\Users\Samsung\AppData\Local\VS Revo Group
2015-05-05 11:02:57 -------- d-----w- C:\Users\Samsung\AppData\Local\Opera Software
2015-05-05 11:02:31 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Roaming\Tencent
2015-05-05 10:59:12 -------- d-----w- C:\Users\Samsung\AppData\Roaming\Tencent
2015-05-05 10:50:45 -------- d-----w- C:\Users\Samsung\AppData\Roaming\Seznam.cz
2015-04-26 11:43:39 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Roaming\Foxit Software
2015-04-26 11:40:20 CF99A9CEB3981CD15BCDBB958436839D 2533 ----a-w- C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt
2015-04-26 11:39:51 821F2BEEB9B46BDF064EA815882600A2 27554 ----a-w- C:\Users\Samsung\AppData\Local\WiDiSetupLog.20150426.133951.txt
2015-04-18 07:37:07 -------- d-----w- C:\windows\SysNative\config\systemprofile\AppData\Roaming\Foxit Software
2015-04-18 07:13:19 -------- d-----w- C:\Users\Samsung\AppData\Roaming\Foxit Software
2015-04-14 15:19:45 -------- d-----w- C:\Users\Samsung\AppData\Roaming\BitTorrent Maelstrom
2015-04-09 17:59:17 -------- d-----w- C:\Users\Default\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-09 17:59:17 -------- d-----w- C:\Users\Default User\AppData\Local\Garmin_Ltd._or_its_subsid
2015-04-09 17:58:51 -------- d-----w- C:\windows\sysWoW64\config\systemprofile\AppData\Local\Garmin_Ltd._or_its_subsid
====== C:\Users\Samsung ======
2015-05-06 09:48:24 !HASH: COULD NOT OPEN FILE !!!!! 112640 ----a-w- C:\Users\Samsung\Desktop\FRSTLauncher.exe
2015-05-06 09:27:10 235AF8645781CE73CB30302561F172DF 2101760 ----a-w- C:\Users\Samsung\Desktop\FRST64.exe
2015-05-06 09:26:56 235AF8645781CE73CB30302561F172DF 2101760 ----a-w- C:\Users\Samsung\Downloads\FRST64.exe
2015-05-05 22:07:37 2E1D22AC30F4B392CEAF3D7D59BE3626 2204160 ----a-w- C:\Users\Samsung\Downloads\adwcleaner_4.203.exe
2015-05-05 21:47:50 56A375A83CED75C331A67882D0C0F9DA 16502728 ----a-w- C:\Users\Samsung\Downloads\mbar-1.09.1.1004.exe
2015-05-05 21:23:44 D729E0726F77304B299085AFBA059B5F 768512 ----a-w- C:\Users\Samsung\Downloads\ReimageRepair.exe
2015-05-05 20:04:51 31D2409237481996E00505054E68BA3E 21540440 ----a-w- C:\Users\Samsung\Downloads\mbam-setup-2.1.4.1018.exe
2015-05-05 15:16:30 -------- d-----w- C:\ProgramData\AVG Web TuneUp
2015-05-05 13:04:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-05 13:03:21 -------- d-----w- C:\ProgramData\AVG2015
2015-05-05 12:56:24 -------- d--h--w- C:\ProgramData\Common Files
2015-05-05 12:31:13 -------- d-----w- C:\ProgramData\GridinSoft
2015-05-05 11:17:39 -------- d-----w- C:\ProgramData\TXQMPC
2015-05-05 10:59:09 -------- d-----w- C:\ProgramData\Tencent
2015-04-26 11:40:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-04-18 07:36:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2015-04-18 07:13:18 -------- d-----w- C:\Users\Public\Foxit Software
2015-04-18 07:13:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-04-16 07:03:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
====== C: exe-files ==
2015-05-06 10:13:11 D4AFF9AB1B2C3DC6C9D517C0AF2EFF62 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2554604388-228695639-1623551743-1000\$IR1UPMS.exe
2015-05-06 09:48:24 !HASH: COULD NOT OPEN FILE !!!!! 112640 ----a-w- C:\Users\Samsung\Desktop\FRSTLauncher.exe
2015-05-06 09:27:10 235AF8645781CE73CB30302561F172DF 2101760 ----a-w- C:\Users\Samsung\Desktop\FRST64.exe
2015-05-06 09:26:56 235AF8645781CE73CB30302561F172DF 2101760 ----a-w- C:\Users\Samsung\Downloads\FRST64.exe
2015-05-05 22:43:26 F68A5507E37C1FC1C17F6B1A6BFF582E 1308672 ----a-w- C:\$Recycle.Bin\S-1-5-21-2554604388-228695639-1623551743-1000\$RR1UPMS.exe
2015-05-05 22:07:37 2E1D22AC30F4B392CEAF3D7D59BE3626 2204160 ----a-w- C:\Users\Samsung\Downloads\adwcleaner_4.203.exe
2015-05-05 21:53:24 FE9BD656A5F251D2BB90151325DA1B14 54072 ----a-w- C:\Users\Samsung\Desktop\mbar\mbamdor.exe
2015-05-05 21:53:24 7CBC1070E51238E59F7535C8F2344FB6 821560 ----a-w- C:\Users\Samsung\Desktop\mbar\Plugins\fixdamage.exe
2015-05-05 21:53:24 5E29C495F48A9CFED856D097FED6ECE4 170296 ----a-w- C:\Users\Samsung\Desktop\mbar\mbar.exe
2015-05-05 21:47:50 56A375A83CED75C331A67882D0C0F9DA 16502728 ----a-w- C:\Users\Samsung\Downloads\mbar-1.09.1.1004.exe
2015-05-05 21:26:26 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Samsung\AppData\Local\Temp\ReiSysUpdate.exe
2015-05-05 21:25:33 07A6BF655E4FC9ECA1FF261E1BCF5666 13368424 ----a-w- C:\Users\Samsung\AppData\Local\Temp\ReimagePackage.exe
2015-05-05 21:23:44 D729E0726F77304B299085AFBA059B5F 768512 ----a-w- C:\Users\Samsung\Downloads\ReimageRepair.exe
2015-05-05 20:04:51 31D2409237481996E00505054E68BA3E 21540440 ----a-w- C:\Users\Samsung\Downloads\mbam-setup-2.1.4.1018.exe
2015-05-05 16:31:21 091235F94956B7824F2FDC73E0288BB1 534528 ----a-w- C:\Users\Samsung\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
2015-05-05 15:16:31 9797E6A49B81ECFE2F3BE9AC9C387718 736152 ----a-w- C:\ProgramData\AVG Web TuneUp\CrashReport\avgdumpx.exe
2015-05-05 15:16:31 1346C4C87969DE076DEB2E0CC551C31B 3029968 ----a-w- C:\ProgramData\AVG Web TuneUp\CrashReport\avgdiagex.exe
2015-05-05 15:16:26 70595A37D9C4647C195CDA11EDC2D251 2909720 ----a-w- C:\Program Files (x86)\AVG Web TuneUp\Uninstall.exe
2015-05-05 15:16:26 64093FC9034F0679D5E1F3875856FA7A 3033112 ----a-w- C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-05-05 15:16:25 91E41689E06FF48B029E877E2AD0E638 1402392 ----a-w- C:\Program Files (x86)\AVG Web TuneUp\avgcefrend.exe
2015-05-05 15:16:25 3D505FC003DCA28FDF11858D5F6140FA 982552 ----a-w- C:\Program Files (x86)\AVG Web TuneUp\lip.exe
2015-05-05 15:16:22 A2D61A676374FAE0C2CF029FAB71C96E 1105944 ----a-w- C:\Program Files (x86)\AVG Web TuneUp\BundleInstall.exe
2015-05-05 15:16:20 FFD80DC0CDA145C3376A5076360162C8 620056 ------w- C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2015-05-05 15:15:59 AAB4961F2E8F19AB6419D5B698EC870B 22647832 ----a-w- C:\Windows\Temp\ri_{33075ACA-77EA-4097-9635-0BE391CA1E50}.exe
2015-05-05 15:13:59 0122DC60AC2308F4979CBA2EC4942F97 7152488 ----a-w- C:\Program Files (x86)\AVG\AVG2015\Notification\Launcher.exe
2015-05-05 13:19:42 597D3B8AAC5E3A476D8E261E2D7B422B 727392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\FileSmash\bugreport.exe
2015-05-05 12:50:49 C10BAD831FEBD394EA7E7EAA99AB1222 5224784 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\PluginsSetupBak\QMDTLSDKSetup20141114.exe
2015-05-05 12:50:47 C9D912B4368D48A580834039EDD7701B 13209632 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\PluginsSetupBak\QQPhoneManager-5.1.2_710201.4552.pa.exe
2015-05-05 12:31:42 283B7B75710C97AE26B3BA959D391870 68890912 ----a-w- C:\Users\Samsung\AppData\Local\Temp\tmp76F.exe
2015-05-05 12:28:40 ADE31FE4E33721787FFF44C7DD1327F2 207200 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\qmspeedupplugin\phonerocket\dock_5.5.0.2\QQPCPhoneDock.exe
2015-05-05 12:28:40 597D3B8AAC5E3A476D8E261E2D7B422B 727392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\qmspeedupplugin\phonerocket\dock_5.5.0.2\bugreport.exe
2015-05-05 11:40:44 26087F34760FE35CBC43D6DE5E9259B2 2861712 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\PluginsSetupBak\QMSystemSetup_10.8.16208.227_2814024435.exe
2015-05-05 11:15:28 597D3B8AAC5E3A476D8E261E2D7B422B 727392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\qmspeedupplugin\phonerocket\dock_5.3.0.3\bugreport.exe
2015-05-05 11:13:49 EF35D4141E0FD5508A7C9F77976A5565 2635064 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\Plugins\PluginsSetupBak\QMBlueScreenFixSetup_10.8.16208.227_2492225013.exe
2015-05-05 11:13:32 EF35D4141E0FD5508A7C9F77976A5565 2635064 ----a-w- C:\Users\Samsung\AppData\Local\Temp\QMPluginMgr\QMBluescreenFixer.exe
2015-05-05 11:13:29 50CEC0A9E3793F52D5D075F938FBDC95 5627424 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\PCMgr_AndroidServer.exe
2015-05-05 11:11:58 9C2CDFB853E33762C10E250886F2DFF0 5043152 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\PhoneDockInstaller.exe
2015-05-05 11:11:02 819776A95B23B678C4027C236F802A69 575968 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRealTimeSpeedup.exe
2015-05-05 11:09:51 85B9215152BD9760395832F9BF5EEFAC 67936 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\CData.exe
2015-05-05 11:09:49 5DE3B7BA985848399BDB80645B32C648 235360 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QBFixerForGJ.exe
2015-05-05 11:09:47 78779BC6FE094DBBF364390F22150C7B 248160 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMRtpTips.exe
2015-05-05 11:09:17 45DCC6521321653B33F27F8E5150F1E7 117088 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMTrayPluginEdit0.exe
2015-05-05 11:08:20 8759AB57945DEBB34FE4F4507B890D13 240096 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\DrState.EXE
2015-05-05 11:02:07 AA692F79A6A987D901EBE73F8BF2C47B 294456 ----a-w- C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\bugreport_xf.exe
2015-05-05 11:02:07 16E27465FC02E6974704FD2187E92144 1097272 ----a-w- C:\Program Files (x86)\Common Files\Tencent\QQDownload\130\Tencentdl.exe
2015-05-05 11:01:38 16E27465FC02E6974704FD2187E92144 1097272 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\QQPCB1AndroidJmp\Tencentdl.exe
2015-05-05 11:01:07 6D7CFEC24CAB7113D12216EA311454F8 555360 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUpdate\QQPCUpdate.exe
2015-05-05 11:01:07 597D3B8AAC5E3A476D8E261E2D7B422B 727392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUpdate\bugreport.exe
2015-05-05 11:01:07 16E27465FC02E6974704FD2187E92144 1097272 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUpdate\tencentdl.exe
2015-05-05 10:59:58 FC03670374BE44BAA71770124A0968F1 293728 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOFrame.exe
2015-05-05 10:59:58 F42C3A52D13334A892A7EF995A57E1A8 162272 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQRepair.exe
2015-05-05 10:59:58 CD650B1FA1F9E62827B36CC3FADF058E 407904 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCXPNOTIFY.exe
2015-05-05 10:59:58 777C22AF26C551ABD145660506BCF006 293216 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TpkUpdate.exe
2015-05-05 10:59:58 623DD482FE5E3EC62A04FEFC9F4B6D5E 1522144 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\Uninst.exe
2015-05-05 10:59:58 5137D00B7873E304C20EC63FF2351264 39392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQRepairEx.exe
2015-05-05 10:59:58 50B2F69830A2F2E24BF5A17CDFB547DA 317792 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCUpdateAVLib.exe
2015-05-05 10:59:58 50301BE8AACD48A4E0C82A574C0EDD91 355296 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe
2015-05-05 10:59:58 178E35CF45620599BF8D6BC2B7460E02 74552 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCWSCController.exe
2015-05-05 10:59:58 16E27465FC02E6974704FD2187E92144 1097272 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\Tencentdl.exe
2015-05-05 10:59:58 10FD6A9DD1281F3CD3D723FDB62FBDAE 334304 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\UninstallTips.exe
2015-05-05 10:59:56 FAD9A8A16E2A2793AB06210E79CC42E8 105440 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftCmd.exe
2015-05-05 10:59:56 9C0DD65C187B103B269599CD3B0EE840 547168 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftGame.exe
2015-05-05 10:59:56 7C8C3FB2CB2E941ABDBF02DDBFB82657 297608 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRTP.exe
2015-05-05 10:59:56 73C3CEEBDA2BD54F5AE5BF20043EB8BF 1419744 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftMgr.exe
2015-05-05 10:59:56 6A7C223DF4D24FF085853117BD8E0C61 690656 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSysOptimize.exe
2015-05-05 10:59:56 665D79A9CB6D1E26B11512ECB69E4A88 612704 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftConfig.exe
2015-05-05 10:59:56 629320494B0057D75D0B6426453BB225 59744 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCStub.exe
2015-05-05 10:59:56 2468FC8CBC574FBF104C50760E59216B 1132896 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCSoftTrayTips.exe
2015-05-05 10:59:53 EE065A7345601208EFD874A15ADA3758 112992 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCFTSysShortTask.exe
2015-05-05 10:59:53 E9449F29322F9B10727723FCF492ECD7 686432 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCFileOpen.exe
2015-05-05 10:59:53 9C9284E7E7ACC433D56825B9553737F8 334176 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCmgrInstallGuide.exe
2015-05-05 10:59:53 7A92D2CC9C5263193242411C44AD869D 88544 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCMgr.exe
2015-05-05 10:59:53 711D6F2940B38ED0355F2A6FB59F5DC9 85944 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCClinicHelper64.exe
2015-05-05 10:59:53 6D7CFEC24CAB7113D12216EA311454F8 555360 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUpdate\QQPCMgrUpdate.exe
2015-05-05 10:59:53 6B518B9A219E3DF159F01E86205982F2 1186144 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\QMNetMon\QQPCNetFlow.exe
2015-05-05 10:59:53 63BE2A6F3B770154FEFF14A96A453892 334176 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPConfig.exe
2015-05-05 10:59:53 4CB4CD09B8A45154F645D464BA968FE2 68064 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCClinicHelper.exe
2015-05-05 10:59:53 4B45AAA51AC32C94BC919F8CAB1FD35B 440800 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCPatch.exe
2015-05-05 10:59:53 3DF0B96D10EF5F405B0787340AAEE85F 174432 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCExternal.exe
2015-05-05 10:59:53 15E9C3DE9366C1F0DDB87037F0FACA1E 23904 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCLaunch.exe
2015-05-05 10:59:53 0914E392BCCC4ABFA36FFA99BCD90E0D 530784 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCGameUpShow.exe
2015-05-05 10:59:53 01FA1DAE4B55D8A17DA5FC5A53BF3684 858464 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCLeakScan.exe
2015-05-05 10:59:52 F78A42CE6891AD4E07F29265C35CA95B 301536 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMSignScan.exe
2015-05-05 10:59:52 F488AFAA73F44D9F0416770E50549F9B 145888 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMSuperScan.EXE
2015-05-05 10:59:52 E9B910CACE9BEB73907929F8257C5700 358968 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQBrowserWebInstaller.exe
2015-05-05 10:59:52 E48F513AFD5851B397C56D03392F9183 387424 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMFeedBack.exe
2015-05-05 10:59:52 DFC0B592CCB111EA5AE688F2B95EAC33 121184 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMLspPing.exe
2015-05-05 10:59:52 D1A1EEBB8486FC33F448BBA4F646C732 1386976 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMAccountProtection.exe
2015-05-05 10:59:52 CA2A9355025A726D8BCF23244F6A72CF 432480 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMDeskTopGC.exe
2015-05-05 10:59:52 C9F42E4DCDE6ECF0BD7073F4F746F5D1 342368 ----a-w- C:\ProgramData\Tencent\QQPCMgr\Quarantine\QMQuarantine.exe
2015-05-05 10:59:52 C7A62FC1C385E9C317581C1ABB4DDD67 731488 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUsbGuard.exe
2015-05-05 10:59:52 C07A252BF50BCD98AF354260476BB555 207200 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMDL.exe
2015-05-05 10:59:52 AA692F79A6A987D901EBE73F8BF2C47B 294456 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\bugreport_xf.exe
2015-05-05 10:59:52 A9108424546743C76BCCFEEA36998330 1018336 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCClinic.exe
2015-05-05 10:59:52 A59BA33E97F4BFDC264FE29191097BBE 354656 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMRouterMgr.exe
2015-05-05 10:59:52 A1309ED2593640CCD639727932623EF6 301408 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMChExt.exe
2015-05-05 10:59:52 7D5492CC77BDF1593A7A7D599883270B 637280 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMGameSpeedup.exe
2015-05-05 10:59:52 7368EB11E33902012AB4C4F09D811916 440800 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\NetRepair.exe
2015-05-05 10:59:52 717BBC89D7D8FDAF69D958EADF5FE17C 678240 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCAVSetting.exe
2015-05-05 10:59:52 5D8604F4980F677E4B16E5F4AB14E6DB 162144 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\PluginInstaller.exe
2015-05-05 10:59:52 597D3B8AAC5E3A476D8E261E2D7B422B 727392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\QMBluescreenFixer\bugreport.exe
2015-05-05 10:59:52 597D3B8AAC5E3A476D8E261E2D7B422B 727392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\bugreport.exe
2015-05-05 10:59:52 55615087F60DE8289DFED5B98C0D3C15 219488 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMAutoClean.exe
2015-05-05 10:59:52 3823E783316A15CADD55F8D640F8D33A 616800 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMDLP.exe
2015-05-05 10:59:52 371CFFDEF275FB08ED18029808ABBF82 92512 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCBTU.exe
2015-05-05 10:59:52 327EBC3495719A6CB0AE44422C739FA2 55648 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMStateCheck.exe
2015-05-05 10:59:52 2C1B0BCE18FAD3647BEB979C321F09AE 112992 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMProviderUpdate.EXE
2015-05-05 10:59:52 264C6C9341146DC9BA36A402E6CF96C0 412000 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMTencentNews.exe
2015-05-05 10:59:52 125ACEF07C40C87860F8EA0AA165CB59 579936 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMAdFilter.exe
2015-05-05 10:59:52 09FE9527DF0728DD86B317E22469A094 375136 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMPersonalCenter.exe
2015-05-05 10:59:12 B189CEAE840F3E629534457CCB841778 199008 ----a-w- C:\Users\Samsung\AppData\Local\Temp\Tencent\QQPCMgr\~2e31df97\UpdateTrayIcon.exe
2015-05-05 10:57:34 4795A3CD5F978D2B803DD535C370FF6A 1496975 ----a-w- C:\Users\Samsung\AppData\Local\Temp\81430823308\1PlhBLkxUSg==2.exe
2015-05-05 10:57:32 7C82885901BC3FCAB33BEA521DB9AA35 49795 ----a-w- C:\Users\Samsung\AppData\Local\Temp\81430823308\SVJBLkxUSg==27036.exe
2015-05-05 10:55:27 214AA5BEFCB669450189F00231067055 48081248 ----a-w- C:\Users\Samsung\AppData\Local\Temp\qqpcmgr_v10.8.16208.227_71919_Silence.exe
2015-05-05 10:55:20 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Samsung\AppData\Local\Temp\81430823308\SVJBLkxUSg==10700.exe
2015-05-05 10:52:45 D6A85C6DAF512EAEBBCE01A5ABD91635 30391344 ----a-w- C:\Users\Samsung\AppData\Local\Temp\G0417_s_71353.exe
2015-05-05 10:49:57 04476763D3CFAB8C519C5097FCC7BE23 16433800 ----a-w- C:\Users\Samsung\AppData\Local\Temp\F0212_s_31184.exe
2015-05-01 09:57:44 5CBF70FD73ED1498448C471F9672E17E 1089104 ----a-w- C:\Program Files (x86)\Google\Update\Install\{5F585E2B-7429-4AB4-B34B-E6CFA7B57846}\42.0.2311.135_42.0.2311.90_chrome_updater.exe
2015-05-01 09:57:43 5CBF70FD73ED1498448C471F9672E17E 1089104 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.135\42.0.2311.135_42.0.2311.90_chrome_updater.exe
2015-04-29 15:52:25 3ACC2560DDC26922A726F5CFDA60E84F 1443160 ----a-w- C:\Users\Samsung\AppData\Roaming\BitTorrent\updates\7.9.3_40101.exe
=== C: other files ==
2015-05-06 09:33:37 15CE39ED4807E268643728B2C938CE4C 2921 ---h--w- C:\Users\Samsung\AppData\Local\Temp\~7E2F.bat
2015-05-05 20:06:45 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-05-05 20:06:15 F49FB3C88E263AE9A246593B0BB29294 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2015-05-05 20:06:15 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2015-05-05 20:06:15 0307CF4184F4F22DB75F36ACCCEF7ED1 107736 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2015-05-05 19:43:48 E12C035403AA6F4E16ACD81530A3A4BE 40872 ----a-w- C:\Users\Samsung\AppData\Local\Temp\nmc_temp\0000\nse\bin\nsak64.sys
2015-05-05 16:27:48 46E85FE5F787FDABAE8EA8C571ADC53B 56136 ----a-w- C:\Windows\System32\drivers\BDMWrench_x64.sys
2015-05-05 16:26:13 AC5C57F6C95C5B2EE4FE78C7C93372A5 152392 ----a-w- C:\Windows\System32\drivers\BDArKit.SYS
2015-05-05 15:16:25 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Program Files (x86)\AVG Web TuneUp\data.zip
2015-05-05 13:35:58 44518B98557E764F64EF514C5EC1392F 1856299 ----a-w- C:\Users\Samsung\AppData\Local\Temp\1430832956201504271def2.zip
2015-05-05 13:35:46 68E1BF37EDF4CC71600AE4EB917B9767 1500510 ----a-w- C:\Users\Samsung\AppData\Local\Temp\1430832943201504081engine2.zip
2015-05-05 11:46:59 DA947B9CAE18C14C497D01417E242FBE 28984 ----a-w- C:\Windows\SysWOW64\drivers\TS888x64.sys
2015-05-05 11:46:59 DA947B9CAE18C14C497D01417E242FBE 28984 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TS888x64.sys
2015-05-05 11:11:11 A8AE509C8E3F9154B52E7FFD28367969 33194 ----a-w- C:\ProgramData\Tencent\QQPCMgr\QMRealTimeSpeedupData\QMRealTimeSpeedupData.zip
2015-05-05 11:07:11 C97F538114FA88B2357F9EA6FB6BD216 99640 ----a-w- C:\Windows\System32\drivers\TAOAccelerator64.sys
2015-05-05 11:02:49 CA666E0DE4C3535099984C9373720BF2 38200 ----a-w- C:\Windows\System32\drivers\TSSKX64.sys
2015-05-05 11:02:33 A09E8A0D420147DAAA760763F6A6F8DC 174392 ----a-w- C:\Windows\System32\drivers\TAOKernel64.sys
2015-05-05 11:02:12 6F591025E6EDDC322E7C1B1A0E56F57A 87864 ----a-w- C:\Windows\System32\drivers\TFsFltX64.sys
2015-05-05 11:00:09 F728D2EA2E010F2461600BBB2FA70B1D 36280 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\AntiRK.sys
2015-05-05 11:00:09 F6D084403F8BB63E51EBD59F4159E0F9 16552 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCHW-x64.sys
2015-05-05 11:00:09 EF3AEEE5B5BBA20C72641132580443F4 60600 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk.sys
2015-05-05 11:00:09 E98D02E7A4FE8263E56210E89D5B6D39 138552 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOKernel.sys
2015-05-05 11:00:09 E8AA1EFB62E4A7881AF0A4A0280ED291 75832 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsNetMon.sys
2015-05-05 11:00:09 DA5F124A8D025AFA1E44E231AD222B8B 14008 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSDefenseBt.sys
2015-05-05 11:00:09 D07C33F0FF32C256940BE60D56E12B29 101560 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSSysKit.sys
2015-05-05 11:00:09 CA666E0DE4C3535099984C9373720BF2 38200 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tsskx64.sys
2015-05-05 11:00:09 C97F538114FA88B2357F9EA6FB6BD216 99640 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOAccelerator64.sys
2015-05-05 11:00:09 BEF6127F4CA8B1144BD1D2164A175315 62264 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk64.sys
2015-05-05 11:00:09 A09E8A0D420147DAAA760763F6A6F8DC 174392 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOKernel64.sys
2015-05-05 11:00:09 983AF404D1C4BE76D538D9593C74ABB4 108344 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQSysMon.sys
2015-05-05 11:00:09 9627D4EDFF04F1A843399C685DEEA015 54584 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsNetMonWfp64.sys
2015-05-05 11:00:09 9205D46FCAB6A7935F639290F595AFE4 31360 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TxArp_64.sys
2015-05-05 11:00:09 90E60E31C618ABCD1FEB2A51991C18E2 123864 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsFltMgr.sys
2015-05-05 11:00:09 8EA6D832A0CC0188F52F02244CF0B546 49080 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMIEProtect.sys
2015-05-05 11:00:09 82FC36CEA4BDB0F789801BB25BD1F67E 67896 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsNetMonWfp.sys
2015-05-05 11:00:09 7D14649978DFC918C420CCDF6D191E51 87352 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSSysKit64.sys
2015-05-05 11:00:09 6F591025E6EDDC322E7C1B1A0E56F57A 87864 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\FileMon\x64\TFsFltX64.sys
2015-05-05 11:00:09 6416EFF7B5B704469B3B7AFB6665E71F 28472 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsDefenseBT64.sys
2015-05-05 11:00:09 5D430C9058F779C1161C6FFD208FCBAB 139064 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOKernelXP.sys
2015-05-05 11:00:09 5BBA074F184E6CDD338EF6671D477D81 23680 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TxArp6_64.sys
2015-05-05 11:00:09 5ABD35450743753AD4DF96A9EF8AA401 35544 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCHW.sys
2015-05-05 11:00:09 4FF67725C0FEFA475ECC207E510DD65A 38200 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\AntiRKX64.sys
2015-05-05 11:00:09 4A119DB19389D6547F7E458F58F7052E 43448 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tscpm.sys
2015-05-05 11:00:09 3B8351430B83209FCCAB15A6F7EC947B 77016 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOAccelerator.sys
2015-05-05 11:00:09 3AD20873FE5B644D904F7F325A37C230 204568 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSKsp.sys
2015-05-05 11:00:09 37BD419B17C411B0521A71F3FADDEB64 42296 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tscpm64.sys
2015-05-05 11:00:09 2E3CC606AE30D3FE4D2CC2DBE1A5AC5F 67896 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tssk.sys
2015-05-05 11:00:09 18721395882FE49075E1AF5FFCC6857B 27096 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TxArp6.sys
2015-05-05 11:00:09 131EC6434F4E265F1F56DAAB6775539F 34784 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TxArp.sys
2015-05-05 11:00:09 121012E27426F89D8A25D89004FBC49D 127800 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQSysMonX64.sys
2015-05-05 11:00:09 102FEA43113AC1F5DD4C8B4855DA8F18 22360 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCHelper.sys
2015-05-05 11:00:09 02390704F6AD8C9E937A220B64DC357A 150072 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\FileMon\i386\TFsFlt.sys
2015-05-05 10:59:48 F1F6FAAED8D8EBB4CF54D7877118609A 1320 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMTrayPlugin\QMAutoTaskPlugin\AutoTaskConfig.bat
2015-05-05 10:59:48 8D1CACD38FD50FD16902FADEE62890AF 79359 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\AdfilterExtension.crx
2015-05-05 10:59:47 E78E85ABCCA969929A00664A14C80673 280253 ----a-w- C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\plugins\SysHomePage\GarbageSoftIcon.zip
2015-05-05 10:59:47 798BFAD9A857B33CFE6DBD2A2544BC5A 5723369 ----a-w- C:\ProgramData\Tencent\QQPCMgr\QMRealTimeSpeedupSkinCenter\QMRealTimeSpeedupSkinCenter.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\tray.exe"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\tray.exe"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
" QQPCTray"="C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe /regrun"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"FreeFallProtection"="C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe"
"BLEServicesCtrl"="C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe"
"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll,TrayApp"
"IgfxTray"="C:\windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"Persistence"="C:\windows\system32\igfxpers.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "
==== Task Scheduler Jobs ======================
C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17.04.2015 20:28]
C:\windows\tasks\BYAIAMUF.job --a------ C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe []
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14.01.2014 18:46]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
==== Other Scheduled Tasks ======================
"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\SysNative\tasks\advSRS5" ["C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"]
"C:\windows\SysNative\tasks\BYAIAMUF" [C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe]
"C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\windows\SysNative\tasks\EasyBatteryManager" ["%ProgramFiles(x86)%\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe"]
"C:\windows\SysNative\tasks\EasyDisplayMgr" ["C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"]
"C:\windows\SysNative\tasks\EasySpeedUpManager" ["%programfiles(x86)%\Samsung\Easy Settings\EasySpeedUpManager.exe"]
"C:\windows\SysNative\tasks\FFSRConfigurer" ["C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe"]
"C:\windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\MovieColorEnhancer" ["%programfiles(x86)%\Samsung\Easy Settings\MovieColorEnhancer.exe"]
"C:\windows\SysNative\tasks\SAgent" ["C:\Program Files\Samsung\S Agent\CommonAgent.exe"]
"C:\windows\SysNative\tasks\SamsungSupportCenter" [%programfiles(x86)%\Samsung\Easy Support Center\SSCKbdHk.exe]
"C:\windows\SysNative\tasks\SCCSpeedBoot" ["%programfiles(x86)%\Samsung\Easy Settings\SCCSpeedBoot.exe"]
"C:\windows\SysNative\tasks\SmartSetting" ["%programfiles(x86)%\Samsung\Easy Settings\SmartSetting.exe"]
"C:\windows\SysNative\tasks\Trojan Killer" ["C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe"]
"C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
==== Chromium Look ======================
Google Chrome Version: 42.0.2311.135
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14.07.2014 18:22]
ooebklgpfnbcnpokahmdidgbmlcdepkm - No path found[]
Google Slides - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Karoshi - bookmark - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aojlcmjjlpijlapccagoecbfbpfiglfb
Google Drive - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Seznam Lištička - Email - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
YouTube - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Open Subtitles - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonfllophjimdlhgjgeemafmndfldldf
Chrome YouTube Downloader - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja
Google Search - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Bookmark Manager - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
MP3 Player - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\kadoojjbafjcfdjcafflfnoimccbnlfd
Skype Click to Call - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Seznam Lištička - Rychlá volba - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
Downhill Jam - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjegjjfdamcmjikplaghiloojkpmdfm
Gmail - Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== EOF on st 06.05.2015 at 12:24:39,34 ======================
Re: asi Baidu a nějaký čínan
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe [355296 2015-05-05] (Tencent) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-2554604388-228695639-1623551743-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd) HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries) ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMGCShellExt64.dll [2015-04-07] (Tencent) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000 -> {309CD14B-E0DF-4197-BBD2-1DD771CAD782} URL = SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000 -> {6EA819C7-1B22-4C91-8F1B-05D34F997A43} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194 SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {309CD14B-E0DF-4197-BBD2-1DD771CAD782} URL = SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6EA819C7-1B22-4C91-8F1B-05D34F997A43} URL = http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194 BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSWebMon64.dat [2015-05-05] (Tencent) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\npQMExtensionsMozilla.dll [2015-05-05] (Tencent Technology (Shenzhen) Company Limited) CHR Extension: (Skype Click to Call) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-15] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRtp.exe [297608 2015-05-05] (Tencent) S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOFrame.exe [293728 2015-05-05] (Tencent) R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-05] () R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk64.sys [62264 2015-05-05] (Tencent) R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQSysMonX64.sys [127800 2015-05-05] (电脑管家) R2 TAOAccelerator; C:\windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-05-05] (Tencent) R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-05-05] (Tencent Technology(Shenzhen) Company Limited) R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-05-05] (电脑管家) R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TS888x64.sys [28984 2015-05-06] (Tencent) R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tscpm64.sys [42296 2015-05-05] (电脑管家) R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsDefenseBT64.sys [28472 2015-05-05] (Tencent) S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-05-05] (电脑管家) R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSSysKit64.sys [87352 2015-05-05] (电脑管家) S1 bd0001; system32\DRIVERS\bd0001.sys [X] S1 bd0002; system32\DRIVERS\bd0002.sys [X] S2 BDDefense; \??\C:\windows\system32\drivers\BDDefense.sys [X] S1 BdSandBox; system32\DRIVERS\BdSandBox.sys [X] S3 clwvd; system32\DRIVERS\clwvd.sys [X] S3 cpuz134; \??\C:\Users\Samsung\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X] S3 SBIOSIO; \??\C:\Users\Samsung\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X] C:\Program Files (x86)\AVG Web TuneUp C:\Program Files (x86)\Tencent C:\Program Files (x86)\Skype\Toolbars C:\Program Files (x86)\Baidu C:\Windows\System32\Drivers\TFsFltX64.sys C:\windows\system32\Drivers\TAOAccelerator64.sys C:\Windows\System32\Drivers\TAOKernel64.sys C:\Windows\System32\Drivers\TFsFltX64.sys 2015-05-06 11:48 - 2015-05-06 11:48 - 00112640 _____ (forum.viry.cz) C:\Users\Samsung\Downloads\FRSTLauncher.exe 2015-05-06 11:35 - 2015-05-06 11:49 - 00025705 _____ () C:\Users\Samsung\Desktop\FRST.txt 2015-05-06 11:27 - 2015-05-06 11:27 - 00112640 _____ (forum.viry.cz) C:\Users\Samsung\Desktop\FRSTLauncher.exe 2015-05-06 01:08 - 2015-05-06 01:08 - 00000808 _____ () C:\windows\PFRO.log 2015-05-06 01:08 - 2015-05-06 01:08 - 00000056 _____ () C:\windows\setupact.log 2015-05-06 01:08 - 2015-05-06 01:08 - 00000000 _____ () C:\windows\setuperr.log 2015-05-06 00:45 - 2015-05-06 00:46 - 00001305 _____ () C:\zoek-results.log 2015-05-06 00:43 - 2015-05-06 00:47 - 00000573 _____ () C:\runcheck.txt 2015-05-06 00:43 - 2015-05-06 00:43 - 01308672 _____ () C:\Users\Samsung\Downloads\zoek (1).exe 2015-05-06 00:42 - 2015-05-06 00:42 - 01308672 _____ () C:\Users\Samsung\Downloads\zoek.exe 2015-05-06 00:42 - 2015-05-06 00:42 - 00000000 ____D () C:\zoek_backup 2015-05-06 00:08 - 2015-05-06 01:07 - 00000000 ____D () C:\AdwCleaner 2015-05-06 00:07 - 2015-05-06 00:07 - 02204160 _____ () C:\Users\Samsung\Downloads\adwcleaner_4.203.exe 2015-05-05 23:56 - 2015-05-06 00:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-05-05 23:53 - 2015-05-06 00:30 - 00000000 ____D () C:\Users\Samsung\Desktop\mbar 2015-05-05 23:47 - 2015-05-05 23:49 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Samsung\Downloads\mbar-1.09.1.1004.exe 2015-05-05 23:23 - 2015-05-05 23:24 - 00768512 _____ (Reimage®) C:\Users\Samsung\Downloads\ReimageRepair.exe 2015-05-05 22:04 - 2015-05-05 22:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Samsung\Downloads\mbam-setup-2.1.4.1018.exe 2015-05-05 21:43 - 2015-05-05 21:43 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Norman Malware Cleaner 2015-05-05 18:27 - 2014-11-06 09:38 - 00056136 _____ (Baidu) C:\windows\system32\Drivers\BDMWrench_x64.sys 2015-05-05 18:26 - 2014-12-25 04:35 - 00152392 _____ (Baidu Technology) C:\windows\system32\Drivers\BDArKit.SYS 2015-05-05 17:17 - 2015-05-05 22:27 - 00000000 ____D () C:\Users\Samsung\AppData\Local\AVG Web TuneUp 2015-05-05 17:16 - 2015-05-05 17:16 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp 2015-05-05 17:16 - 2015-05-05 17:16 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp 2015-05-05 14:31 - 2015-05-05 14:35 - 00003254 _____ () C:\windows\System32\Tasks\Trojan Killer 2015-05-05 14:31 - 2015-05-05 14:31 - 00000000 ____D () C:\ProgramData\GridinSoft 2015-05-05 14:18 - 2015-05-05 14:52 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2015-05-05 13:46 - 2015-05-06 01:10 - 00028984 _____ (Tencent) C:\windows\SysWOW64\Drivers\TS888x64.sys 2015-05-05 13:17 - 2015-05-05 13:17 - 00000000 ____D () C:\ProgramData\TXQMPC 2015-05-05 13:07 - 2015-05-05 13:00 - 00099640 _____ (Tencent) C:\windows\system32\Drivers\TAOAccelerator64.sys 2015-05-05 13:04 - 2015-05-05 13:04 - 00000000 ____D () C:\Program Files\Common Files\Tencent 2015-05-05 13:02 - 2015-05-05 13:00 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\windows\system32\Drivers\TAOKernel64.sys 2015-05-05 13:02 - 2015-05-05 13:00 - 00087864 _____ (电脑管家) C:\windows\system32\Drivers\TFsFltX64.sys 2015-05-05 13:02 - 2015-05-05 13:00 - 00038200 _____ (电脑管家) C:\windows\system32\Drivers\TSSKX64.sys 2015-05-05 12:59 - 2015-05-05 14:20 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Tencent 2015-05-05 12:59 - 2015-05-05 13:47 - 00000000 ____D () C:\ProgramData\Tencent 2015-05-05 12:59 - 2015-05-05 12:59 - 00000000 ____D () C:\Program Files (x86)\Tencent 2015-05-05 12:53 - 2015-05-06 11:35 - 00001694 _____ () C:\windows\Tasks\BYAIAMUF.job 2015-05-05 12:53 - 2015-05-05 17:37 - 00000000 ____D () C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf 2015-05-05 12:53 - 2015-05-05 12:53 - 00004728 _____ () C:\windows\System32\Tasks\BYAIAMUF 2015-05-05 12:51 - 2015-04-03 07:01 - 00202576 _____ (Baidu) C:\windows\system32\Drivers\bd0001.sys_34897 2015-05-05 12:51 - 2014-12-05 11:35 - 00202576 _____ (Baidu) C:\windows\system32\Drivers\bd0001.sys_ 2015-04-26 13:40 - 2015-04-26 13:40 - 0002533 _____ () C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt 2014-03-03 18:26 - 2014-03-03 18:26 - 0001631 _____ () C:\Users\Samsung\AppData\Local\PDLSetup.20140303.172601.txt 2014-10-20 21:08 - 2014-10-20 21:08 - 0000218 _____ () C:\Users\Samsung\AppData\Local\recently-used.xbel 2015-04-26 13:39 - 2015-04-26 13:41 - 0027554 _____ () C:\Users\Samsung\AppData\Local\WiDiSetupLog.20150426.133951.txt 2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Samsung\AppData\Roaming\BYAIAMUF C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\BYAIAMUF.job => C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe AV: 电脑管家系统防护 (Disabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} AS: 电脑管家系统防护 (Disabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: asi Baidu a nějaký čínan
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-05-2015
Ran by Samsung at 2015-05-06 12:56:17 Run:1
Running from C:\Users\Samsung\Desktop
Loaded Profiles: Samsung (Available profiles: Samsung)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe [355296 2015-05-05] (Tencent)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMGCShellExt64.dll [2015-04-07] (Tencent)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000 -> {309CD14B-E0DF-4197-BBD2-1DD771CAD782} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000 -> {6EA819C7-1B22-4C91-8F1B-05D34F997A43} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {309CD14B-E0DF-4197-BBD2-1DD771CAD782} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6EA819C7-1B22-4C91-8F1B-05D34F997A43} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSWebMon64.dat [2015-05-05] (Tencent)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\npQMExtensionsMozilla.dll [2015-05-05] (Tencent Technology (Shenzhen) Company Limited)
CHR Extension: (Skype Click to Call) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRtp.exe [297608 2015-05-05] (Tencent)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOFrame.exe [293728 2015-05-05] (Tencent)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-05] ()
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk64.sys [62264 2015-05-05] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQSysMonX64.sys [127800 2015-05-05] (电脑管家)
R2 TAOAccelerator; C:\windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-05-05] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-05-05] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-05-05] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TS888x64.sys [28984 2015-05-06] (Tencent)
R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tscpm64.sys [42296 2015-05-05] (电脑管家)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsDefenseBT64.sys [28472 2015-05-05] (Tencent)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-05-05] (电脑管家)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSSysKit64.sys [87352 2015-05-05] (电脑管家)
S1 bd0001; system32\DRIVERS\bd0001.sys [X]
S1 bd0002; system32\DRIVERS\bd0002.sys [X]
S2 BDDefense; \??\C:\windows\system32\drivers\BDDefense.sys [X]
S1 BdSandBox; system32\DRIVERS\BdSandBox.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 cpuz134; \??\C:\Users\Samsung\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\Samsung\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
C:\Program Files (x86)\AVG Web TuneUp
C:\Program Files (x86)\Tencent
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\Baidu
C:\Windows\System32\Drivers\TFsFltX64.sys
C:\windows\system32\Drivers\TAOAccelerator64.sys
C:\Windows\System32\Drivers\TAOKernel64.sys
C:\Windows\System32\Drivers\TFsFltX64.sys
2015-05-06 11:48 - 2015-05-06 11:48 - 00112640 _____ (forum.viry.cz) C:\Users\Samsung\Downloads\FRSTLauncher.exe
2015-05-06 11:35 - 2015-05-06 11:49 - 00025705 _____ () C:\Users\Samsung\Desktop\FRST.txt
2015-05-06 11:27 - 2015-05-06 11:27 - 00112640 _____ (forum.viry.cz) C:\Users\Samsung\Desktop\FRSTLauncher.exe
2015-05-06 01:08 - 2015-05-06 01:08 - 00000808 _____ () C:\windows\PFRO.log
2015-05-06 01:08 - 2015-05-06 01:08 - 00000056 _____ () C:\windows\setupact.log
2015-05-06 01:08 - 2015-05-06 01:08 - 00000000 _____ () C:\windows\setuperr.log
2015-05-06 00:45 - 2015-05-06 00:46 - 00001305 _____ () C:\zoek-results.log
2015-05-06 00:43 - 2015-05-06 00:47 - 00000573 _____ () C:\runcheck.txt
2015-05-06 00:43 - 2015-05-06 00:43 - 01308672 _____ () C:\Users\Samsung\Downloads\zoek (1).exe
2015-05-06 00:42 - 2015-05-06 00:42 - 01308672 _____ () C:\Users\Samsung\Downloads\zoek.exe
2015-05-06 00:42 - 2015-05-06 00:42 - 00000000 ____D () C:\zoek_backup
2015-05-06 00:08 - 2015-05-06 01:07 - 00000000 ____D () C:\AdwCleaner
2015-05-06 00:07 - 2015-05-06 00:07 - 02204160 _____ () C:\Users\Samsung\Downloads\adwcleaner_4.203.exe
2015-05-05 23:56 - 2015-05-06 00:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-05 23:53 - 2015-05-06 00:30 - 00000000 ____D () C:\Users\Samsung\Desktop\mbar
2015-05-05 23:47 - 2015-05-05 23:49 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Samsung\Downloads\mbar-1.09.1.1004.exe
2015-05-05 23:23 - 2015-05-05 23:24 - 00768512 _____ (Reimage®) C:\Users\Samsung\Downloads\ReimageRepair.exe
2015-05-05 22:04 - 2015-05-05 22:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Samsung\Downloads\mbam-setup-2.1.4.1018.exe
2015-05-05 21:43 - 2015-05-05 21:43 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Norman Malware Cleaner
2015-05-05 18:27 - 2014-11-06 09:38 - 00056136 _____ (Baidu) C:\windows\system32\Drivers\BDMWrench_x64.sys
2015-05-05 18:26 - 2014-12-25 04:35 - 00152392 _____ (Baidu Technology) C:\windows\system32\Drivers\BDArKit.SYS
2015-05-05 17:17 - 2015-05-05 22:27 - 00000000 ____D () C:\Users\Samsung\AppData\Local\AVG Web TuneUp
2015-05-05 17:16 - 2015-05-05 17:16 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-05-05 17:16 - 2015-05-05 17:16 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-05-05 14:31 - 2015-05-05 14:35 - 00003254 _____ () C:\windows\System32\Tasks\Trojan Killer
2015-05-05 14:31 - 2015-05-05 14:31 - 00000000 ____D () C:\ProgramData\GridinSoft
2015-05-05 14:18 - 2015-05-05 14:52 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-05 13:46 - 2015-05-06 01:10 - 00028984 _____ (Tencent) C:\windows\SysWOW64\Drivers\TS888x64.sys
2015-05-05 13:17 - 2015-05-05 13:17 - 00000000 ____D () C:\ProgramData\TXQMPC
2015-05-05 13:07 - 2015-05-05 13:00 - 00099640 _____ (Tencent) C:\windows\system32\Drivers\TAOAccelerator64.sys
2015-05-05 13:04 - 2015-05-05 13:04 - 00000000 ____D () C:\Program Files\Common Files\Tencent
2015-05-05 13:02 - 2015-05-05 13:00 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\windows\system32\Drivers\TAOKernel64.sys
2015-05-05 13:02 - 2015-05-05 13:00 - 00087864 _____ (电脑管家) C:\windows\system32\Drivers\TFsFltX64.sys
2015-05-05 13:02 - 2015-05-05 13:00 - 00038200 _____ (电脑管家) C:\windows\system32\Drivers\TSSKX64.sys
2015-05-05 12:59 - 2015-05-05 14:20 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Tencent
2015-05-05 12:59 - 2015-05-05 13:47 - 00000000 ____D () C:\ProgramData\Tencent
2015-05-05 12:59 - 2015-05-05 12:59 - 00000000 ____D () C:\Program Files (x86)\Tencent
2015-05-05 12:53 - 2015-05-06 11:35 - 00001694 _____ () C:\windows\Tasks\BYAIAMUF.job
2015-05-05 12:53 - 2015-05-05 17:37 - 00000000 ____D () C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf
2015-05-05 12:53 - 2015-05-05 12:53 - 00004728 _____ () C:\windows\System32\Tasks\BYAIAMUF
2015-05-05 12:51 - 2015-04-03 07:01 - 00202576 _____ (Baidu) C:\windows\system32\Drivers\bd0001.sys_34897
2015-05-05 12:51 - 2014-12-05 11:35 - 00202576 _____ (Baidu) C:\windows\system32\Drivers\bd0001.sys_
2015-04-26 13:40 - 2015-04-26 13:40 - 0002533 _____ () C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt
2014-03-03 18:26 - 2014-03-03 18:26 - 0001631 _____ () C:\Users\Samsung\AppData\Local\PDLSetup.20140303.172601.txt
2014-10-20 21:08 - 2014-10-20 21:08 - 0000218 _____ () C:\Users\Samsung\AppData\Local\recently-used.xbel
2015-04-26 13:39 - 2015-04-26 13:41 - 0027554 _____ () C:\Users\Samsung\AppData\Local\WiDiSetupLog.20150426.133951.txt
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Samsung\AppData\Roaming\BYAIAMUF
C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\BYAIAMUF.job => C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AV: 电脑管家系统防护 (Disabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AS: 电脑管家系统防护 (Disabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ QQPCTray => Value could not be deleted.
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\GarminExpressTrayApp => Value not found.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => Value not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\GarminExpressTrayApp => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon" => Key deleted successfully.
"HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
"HKU\S-1-5-21-2554604388-228695639-1623551743-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{309CD14B-E0DF-4197-BBD2-1DD771CAD782}" => Key deleted successfully.
HKCR\CLSID\{309CD14B-E0DF-4197-BBD2-1DD771CAD782} => Key not found.
"HKU\S-1-5-21-2554604388-228695639-1623551743-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6EA819C7-1B22-4C91-8F1B-05D34F997A43}" => Key deleted successfully.
HKCR\CLSID\{6EA819C7-1B22-4C91-8F1B-05D34F997A43} => Key not found.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{309CD14B-E0DF-4197-BBD2-1DD771CAD782} => Key not found.
HKCR\CLSID\{309CD14B-E0DF-4197-BBD2-1DD771CAD782} => Key not found.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6EA819C7-1B22-4C91-8F1B-05D34F997A43} => Key not found.
HKCR\CLSID\{6EA819C7-1B22-4C91-8F1B-05D34F997A43} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => Key deleted successfully.
"HKCR\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@baidu.com/BaidusdDetectNPPlugin" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/QQPCMgr" => Key deleted successfully.
Could not move "C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\npQMExtensionsMozilla.dll" => Scheduled to move on reboot.
C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service deleted successfully.
QQPCRTP => Unable to stop service
QQPCRTP => Error deleting Service
TAOFrame => Service deleted successfully.
WtuSystemSupport => Service deleted successfully.
QMUdisk => Unable to stop service
QMUdisk => Service deleted successfully.
QQSysMonX64 => Unable to stop service
QQSysMonX64 => Error deleting Service
TAOAccelerator => Service stopped successfully.
TAOAccelerator => Service deleted successfully.
TAOKernelDriver => Unable to stop service
TAOKernelDriver => Service deleted successfully.
TFsFlt => Unable to stop service
TFsFlt => Error deleting Service
TS888x64 => Service stopped successfully.
TS888x64 => Service deleted successfully.
TSCPM => Unable to stop service
TSCPM => Service deleted successfully.
TSDefenseBt => Service stopped successfully.
TSDefenseBt => Service deleted successfully.
TSSKX64 => Service deleted successfully.
TSSysKit => Unable to stop service
TSSysKit => Error deleting Service
bd0001 => Service deleted successfully.
bd0002 => Service deleted successfully.
BDDefense => Service deleted successfully.
BdSandBox => Service deleted successfully.
clwvd => Service deleted successfully.
cpuz134 => Service deleted successfully.
SBIOSIO => Service deleted successfully.
C:\Program Files (x86)\AVG Web TuneUp => Moved successfully.
"C:\Program Files (x86)\Tencent" directory move:
Could not move "C:\Program Files (x86)\Tencent" directory. => Scheduled to move on reboot.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"C:\Program Files (x86)\Baidu" => File/Directory not found.
Could not move "C:\Windows\System32\Drivers\TFsFltX64.sys" => Scheduled to move on reboot.
C:\windows\system32\Drivers\TAOAccelerator64.sys => Moved successfully.
C:\Windows\System32\Drivers\TAOKernel64.sys => Moved successfully.
Could not move "C:\Windows\System32\Drivers\TFsFltX64.sys" => Scheduled to move on reboot.
"C:\Users\Samsung\Downloads\FRSTLauncher.exe" => File/Directory not found.
C:\Users\Samsung\Desktop\FRST.txt => Moved successfully.
C:\Users\Samsung\Desktop\FRSTLauncher.exe => Moved successfully.
C:\windows\PFRO.log => Moved successfully.
C:\windows\setupact.log => Moved successfully.
C:\windows\setuperr.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
"C:\runcheck.txt" => File/Directory not found.
"C:\Users\Samsung\Downloads\zoek (1).exe" => File/Directory not found.
C:\Users\Samsung\Downloads\zoek.exe => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Samsung\Downloads\adwcleaner_4.203.exe => Moved successfully.
C:\ProgramData\Malwarebytes' Anti-Malware (portable) => Moved successfully.
C:\Users\Samsung\Desktop\mbar => Moved successfully.
C:\Users\Samsung\Downloads\mbar-1.09.1.1004.exe => Moved successfully.
C:\Users\Samsung\Downloads\ReimageRepair.exe => Moved successfully.
C:\Users\Samsung\Downloads\mbam-setup-2.1.4.1018.exe => Moved successfully.
C:\Users\Samsung\AppData\Local\Norman Malware Cleaner => Moved successfully.
C:\windows\system32\Drivers\BDMWrench_x64.sys => Moved successfully.
C:\windows\system32\Drivers\BDArKit.SYS => Moved successfully.
C:\Users\Samsung\AppData\Local\AVG Web TuneUp => Moved successfully.
C:\ProgramData\AVG Web TuneUp => Moved successfully.
"C:\Program Files (x86)\AVG Web TuneUp" => File/Directory not found.
C:\windows\System32\Tasks\Trojan Killer => Moved successfully.
C:\ProgramData\GridinSoft => Moved successfully.
C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\windows\SysWOW64\Drivers\TS888x64.sys => Moved successfully.
C:\ProgramData\TXQMPC => Moved successfully.
"C:\windows\system32\Drivers\TAOAccelerator64.sys" => File/Directory not found.
"C:\Program Files\Common Files\Tencent" directory move:
Could not move "C:\Program Files\Common Files\Tencent" directory. => Scheduled to move on reboot.
"C:\windows\system32\Drivers\TAOKernel64.sys" => File/Directory not found.
Could not move "C:\windows\system32\Drivers\TFsFltX64.sys" => Scheduled to move on reboot.
C:\windows\system32\Drivers\TSSKX64.sys => Moved successfully.
C:\Users\Samsung\AppData\Roaming\Tencent => Moved successfully.
"C:\ProgramData\Tencent" directory move:
Could not move "C:\ProgramData\Tencent" directory. => Scheduled to move on reboot.
"C:\Program Files (x86)\Tencent" directory move:
Could not move "C:\Program Files (x86)\Tencent" directory. => Scheduled to move on reboot.
C:\windows\Tasks\BYAIAMUF.job => Moved successfully.
C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf => Moved successfully.
C:\windows\System32\Tasks\BYAIAMUF => Moved successfully.
C:\windows\system32\Drivers\bd0001.sys_34897 => Moved successfully.
C:\windows\system32\Drivers\bd0001.sys_ => Moved successfully.
C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt => Moved successfully.
C:\Users\Samsung\AppData\Local\PDLSetup.20140303.172601.txt => Moved successfully.
C:\Users\Samsung\AppData\Local\recently-used.xbel => Moved successfully.
C:\Users\Samsung\AppData\Local\WiDiSetupLog.20150426.133951.txt => Moved successfully.
C:\Users\Samsung\AppData\Roaming\BYAIAMUF => Moved successfully.
"C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe" => File/Directory not found.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\BYAIAMUF.job not found.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
AV: 电脑管家系统防护 (Disabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} => The item is protected. Make sure the software is uninstalled and its services is removed.
AS: 电脑管家系统防护 (Disabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} => The item is protected. Make sure the software is uninstalled and its services is removed.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.2 GB temporary data.
Ran by Samsung at 2015-05-06 12:56:17 Run:1
Running from C:\Users\Samsung\Desktop
Loaded Profiles: Samsung (Available profiles: Samsung)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCTray.exe [355296 2015-05-05] (Tencent)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMGCShellExt64.dll [2015-04-07] (Tencent)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hao123.com/?tn=91932766_hao_pg
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000 -> {309CD14B-E0DF-4197-BBD2-1DD771CAD782} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000 -> {6EA819C7-1B22-4C91-8F1B-05D34F997A43} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {309CD14B-E0DF-4197-BBD2-1DD771CAD782} URL =
SearchScopes: HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6EA819C7-1B22-4C91-8F1B-05D34F997A43} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSWebMon64.dat [2015-05-05] (Tencent)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @baidu.com/BaidusdDetectNPPlugin -> C:\Program Files (x86)\Baidu\BaiduSd\3.0.0.4605\explugin\npBaiduSDDetectPlug.dll No File
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\npQMExtensionsMozilla.dll [2015-05-05] (Tencent Technology (Shenzhen) Company Limited)
CHR Extension: (Skype Click to Call) - C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQPCRtp.exe [297608 2015-05-05] (Tencent)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TAOFrame.exe [293728 2015-05-05] (Tencent)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-05] ()
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QMUdisk64.sys [62264 2015-05-05] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\QQSysMonX64.sys [127800 2015-05-05] (电脑管家)
R2 TAOAccelerator; C:\windows\system32\Drivers\TAOAccelerator64.sys [99640 2015-05-05] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2015-05-05] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2015-05-05] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TS888x64.sys [28984 2015-05-06] (Tencent)
R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\tscpm64.sys [42296 2015-05-05] (电脑管家)
R1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TsDefenseBT64.sys [28472 2015-05-05] (Tencent)
S3 TSSKX64; C:\Windows\System32\drivers\tsskx64.sys [38200 2015-05-05] (电脑管家)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\TSSysKit64.sys [87352 2015-05-05] (电脑管家)
S1 bd0001; system32\DRIVERS\bd0001.sys [X]
S1 bd0002; system32\DRIVERS\bd0002.sys [X]
S2 BDDefense; \??\C:\windows\system32\drivers\BDDefense.sys [X]
S1 BdSandBox; system32\DRIVERS\BdSandBox.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 cpuz134; \??\C:\Users\Samsung\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 SBIOSIO; \??\C:\Users\Samsung\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]
C:\Program Files (x86)\AVG Web TuneUp
C:\Program Files (x86)\Tencent
C:\Program Files (x86)\Skype\Toolbars
C:\Program Files (x86)\Baidu
C:\Windows\System32\Drivers\TFsFltX64.sys
C:\windows\system32\Drivers\TAOAccelerator64.sys
C:\Windows\System32\Drivers\TAOKernel64.sys
C:\Windows\System32\Drivers\TFsFltX64.sys
2015-05-06 11:48 - 2015-05-06 11:48 - 00112640 _____ (forum.viry.cz) C:\Users\Samsung\Downloads\FRSTLauncher.exe
2015-05-06 11:35 - 2015-05-06 11:49 - 00025705 _____ () C:\Users\Samsung\Desktop\FRST.txt
2015-05-06 11:27 - 2015-05-06 11:27 - 00112640 _____ (forum.viry.cz) C:\Users\Samsung\Desktop\FRSTLauncher.exe
2015-05-06 01:08 - 2015-05-06 01:08 - 00000808 _____ () C:\windows\PFRO.log
2015-05-06 01:08 - 2015-05-06 01:08 - 00000056 _____ () C:\windows\setupact.log
2015-05-06 01:08 - 2015-05-06 01:08 - 00000000 _____ () C:\windows\setuperr.log
2015-05-06 00:45 - 2015-05-06 00:46 - 00001305 _____ () C:\zoek-results.log
2015-05-06 00:43 - 2015-05-06 00:47 - 00000573 _____ () C:\runcheck.txt
2015-05-06 00:43 - 2015-05-06 00:43 - 01308672 _____ () C:\Users\Samsung\Downloads\zoek (1).exe
2015-05-06 00:42 - 2015-05-06 00:42 - 01308672 _____ () C:\Users\Samsung\Downloads\zoek.exe
2015-05-06 00:42 - 2015-05-06 00:42 - 00000000 ____D () C:\zoek_backup
2015-05-06 00:08 - 2015-05-06 01:07 - 00000000 ____D () C:\AdwCleaner
2015-05-06 00:07 - 2015-05-06 00:07 - 02204160 _____ () C:\Users\Samsung\Downloads\adwcleaner_4.203.exe
2015-05-05 23:56 - 2015-05-06 00:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-05 23:53 - 2015-05-06 00:30 - 00000000 ____D () C:\Users\Samsung\Desktop\mbar
2015-05-05 23:47 - 2015-05-05 23:49 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Samsung\Downloads\mbar-1.09.1.1004.exe
2015-05-05 23:23 - 2015-05-05 23:24 - 00768512 _____ (Reimage®) C:\Users\Samsung\Downloads\ReimageRepair.exe
2015-05-05 22:04 - 2015-05-05 22:05 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Samsung\Downloads\mbam-setup-2.1.4.1018.exe
2015-05-05 21:43 - 2015-05-05 21:43 - 00000000 ____D () C:\Users\Samsung\AppData\Local\Norman Malware Cleaner
2015-05-05 18:27 - 2014-11-06 09:38 - 00056136 _____ (Baidu) C:\windows\system32\Drivers\BDMWrench_x64.sys
2015-05-05 18:26 - 2014-12-25 04:35 - 00152392 _____ (Baidu Technology) C:\windows\system32\Drivers\BDArKit.SYS
2015-05-05 17:17 - 2015-05-05 22:27 - 00000000 ____D () C:\Users\Samsung\AppData\Local\AVG Web TuneUp
2015-05-05 17:16 - 2015-05-05 17:16 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2015-05-05 17:16 - 2015-05-05 17:16 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2015-05-05 14:31 - 2015-05-05 14:35 - 00003254 _____ () C:\windows\System32\Tasks\Trojan Killer
2015-05-05 14:31 - 2015-05-05 14:31 - 00000000 ____D () C:\ProgramData\GridinSoft
2015-05-05 14:18 - 2015-05-05 14:52 - 00000004 _____ () C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-05 13:46 - 2015-05-06 01:10 - 00028984 _____ (Tencent) C:\windows\SysWOW64\Drivers\TS888x64.sys
2015-05-05 13:17 - 2015-05-05 13:17 - 00000000 ____D () C:\ProgramData\TXQMPC
2015-05-05 13:07 - 2015-05-05 13:00 - 00099640 _____ (Tencent) C:\windows\system32\Drivers\TAOAccelerator64.sys
2015-05-05 13:04 - 2015-05-05 13:04 - 00000000 ____D () C:\Program Files\Common Files\Tencent
2015-05-05 13:02 - 2015-05-05 13:00 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\windows\system32\Drivers\TAOKernel64.sys
2015-05-05 13:02 - 2015-05-05 13:00 - 00087864 _____ (电脑管家) C:\windows\system32\Drivers\TFsFltX64.sys
2015-05-05 13:02 - 2015-05-05 13:00 - 00038200 _____ (电脑管家) C:\windows\system32\Drivers\TSSKX64.sys
2015-05-05 12:59 - 2015-05-05 14:20 - 00000000 ____D () C:\Users\Samsung\AppData\Roaming\Tencent
2015-05-05 12:59 - 2015-05-05 13:47 - 00000000 ____D () C:\ProgramData\Tencent
2015-05-05 12:59 - 2015-05-05 12:59 - 00000000 ____D () C:\Program Files (x86)\Tencent
2015-05-05 12:53 - 2015-05-06 11:35 - 00001694 _____ () C:\windows\Tasks\BYAIAMUF.job
2015-05-05 12:53 - 2015-05-05 17:37 - 00000000 ____D () C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf
2015-05-05 12:53 - 2015-05-05 12:53 - 00004728 _____ () C:\windows\System32\Tasks\BYAIAMUF
2015-05-05 12:51 - 2015-04-03 07:01 - 00202576 _____ (Baidu) C:\windows\system32\Drivers\bd0001.sys_34897
2015-05-05 12:51 - 2014-12-05 11:35 - 00202576 _____ (Baidu) C:\windows\system32\Drivers\bd0001.sys_
2015-04-26 13:40 - 2015-04-26 13:40 - 0002533 _____ () C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt
2014-03-03 18:26 - 2014-03-03 18:26 - 0001631 _____ () C:\Users\Samsung\AppData\Local\PDLSetup.20140303.172601.txt
2014-10-20 21:08 - 2014-10-20 21:08 - 0000218 _____ () C:\Users\Samsung\AppData\Local\recently-used.xbel
2015-04-26 13:39 - 2015-04-26 13:41 - 0027554 _____ () C:\Users\Samsung\AppData\Local\WiDiSetupLog.20150426.133951.txt
2015-03-09 23:30 - 2015-03-09 23:30 - 0005487 _____ () C:\Users\Samsung\AppData\Roaming\BYAIAMUF
C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\BYAIAMUF.job => C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
AV: 电脑管家系统防护 (Disabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5}
AS: 电脑管家系统防护 (Disabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48}
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ QQPCTray => Value could not be deleted.
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\GarminExpressTrayApp => Value not found.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => Value not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run\\GarminExpressTrayApp => value deleted successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon" => Key deleted successfully.
"HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value not found.
"HKU\S-1-5-21-2554604388-228695639-1623551743-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{309CD14B-E0DF-4197-BBD2-1DD771CAD782}" => Key deleted successfully.
HKCR\CLSID\{309CD14B-E0DF-4197-BBD2-1DD771CAD782} => Key not found.
"HKU\S-1-5-21-2554604388-228695639-1623551743-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6EA819C7-1B22-4C91-8F1B-05D34F997A43}" => Key deleted successfully.
HKCR\CLSID\{6EA819C7-1B22-4C91-8F1B-05D34F997A43} => Key not found.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{309CD14B-E0DF-4197-BBD2-1DD771CAD782} => Key not found.
HKCR\CLSID\{309CD14B-E0DF-4197-BBD2-1DD771CAD782} => Key not found.
HKU\S-1-5-21-2554604388-228695639-1623551743-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6EA819C7-1B22-4C91-8F1B-05D34F997A43} => Key not found.
HKCR\CLSID\{6EA819C7-1B22-4C91-8F1B-05D34F997A43} => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => Key deleted successfully.
"HKCR\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@baidu.com/BaidusdDetectNPPlugin" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@qq.com/QQPCMgr" => Key deleted successfully.
Could not move "C:\Program Files (x86)\Tencent\QQPCMgr\10.8.16208.227\npQMExtensionsMozilla.dll" => Scheduled to move on reboot.
C:\Users\Samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service deleted successfully.
QQPCRTP => Unable to stop service
QQPCRTP => Error deleting Service
TAOFrame => Service deleted successfully.
WtuSystemSupport => Service deleted successfully.
QMUdisk => Unable to stop service
QMUdisk => Service deleted successfully.
QQSysMonX64 => Unable to stop service
QQSysMonX64 => Error deleting Service
TAOAccelerator => Service stopped successfully.
TAOAccelerator => Service deleted successfully.
TAOKernelDriver => Unable to stop service
TAOKernelDriver => Service deleted successfully.
TFsFlt => Unable to stop service
TFsFlt => Error deleting Service
TS888x64 => Service stopped successfully.
TS888x64 => Service deleted successfully.
TSCPM => Unable to stop service
TSCPM => Service deleted successfully.
TSDefenseBt => Service stopped successfully.
TSDefenseBt => Service deleted successfully.
TSSKX64 => Service deleted successfully.
TSSysKit => Unable to stop service
TSSysKit => Error deleting Service
bd0001 => Service deleted successfully.
bd0002 => Service deleted successfully.
BDDefense => Service deleted successfully.
BdSandBox => Service deleted successfully.
clwvd => Service deleted successfully.
cpuz134 => Service deleted successfully.
SBIOSIO => Service deleted successfully.
C:\Program Files (x86)\AVG Web TuneUp => Moved successfully.
"C:\Program Files (x86)\Tencent" directory move:
Could not move "C:\Program Files (x86)\Tencent" directory. => Scheduled to move on reboot.
C:\Program Files (x86)\Skype\Toolbars => Moved successfully.
"C:\Program Files (x86)\Baidu" => File/Directory not found.
Could not move "C:\Windows\System32\Drivers\TFsFltX64.sys" => Scheduled to move on reboot.
C:\windows\system32\Drivers\TAOAccelerator64.sys => Moved successfully.
C:\Windows\System32\Drivers\TAOKernel64.sys => Moved successfully.
Could not move "C:\Windows\System32\Drivers\TFsFltX64.sys" => Scheduled to move on reboot.
"C:\Users\Samsung\Downloads\FRSTLauncher.exe" => File/Directory not found.
C:\Users\Samsung\Desktop\FRST.txt => Moved successfully.
C:\Users\Samsung\Desktop\FRSTLauncher.exe => Moved successfully.
C:\windows\PFRO.log => Moved successfully.
C:\windows\setupact.log => Moved successfully.
C:\windows\setuperr.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
"C:\runcheck.txt" => File/Directory not found.
"C:\Users\Samsung\Downloads\zoek (1).exe" => File/Directory not found.
C:\Users\Samsung\Downloads\zoek.exe => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Samsung\Downloads\adwcleaner_4.203.exe => Moved successfully.
C:\ProgramData\Malwarebytes' Anti-Malware (portable) => Moved successfully.
C:\Users\Samsung\Desktop\mbar => Moved successfully.
C:\Users\Samsung\Downloads\mbar-1.09.1.1004.exe => Moved successfully.
C:\Users\Samsung\Downloads\ReimageRepair.exe => Moved successfully.
C:\Users\Samsung\Downloads\mbam-setup-2.1.4.1018.exe => Moved successfully.
C:\Users\Samsung\AppData\Local\Norman Malware Cleaner => Moved successfully.
C:\windows\system32\Drivers\BDMWrench_x64.sys => Moved successfully.
C:\windows\system32\Drivers\BDArKit.SYS => Moved successfully.
C:\Users\Samsung\AppData\Local\AVG Web TuneUp => Moved successfully.
C:\ProgramData\AVG Web TuneUp => Moved successfully.
"C:\Program Files (x86)\AVG Web TuneUp" => File/Directory not found.
C:\windows\System32\Tasks\Trojan Killer => Moved successfully.
C:\ProgramData\GridinSoft => Moved successfully.
C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 => Moved successfully.
C:\windows\SysWOW64\Drivers\TS888x64.sys => Moved successfully.
C:\ProgramData\TXQMPC => Moved successfully.
"C:\windows\system32\Drivers\TAOAccelerator64.sys" => File/Directory not found.
"C:\Program Files\Common Files\Tencent" directory move:
Could not move "C:\Program Files\Common Files\Tencent" directory. => Scheduled to move on reboot.
"C:\windows\system32\Drivers\TAOKernel64.sys" => File/Directory not found.
Could not move "C:\windows\system32\Drivers\TFsFltX64.sys" => Scheduled to move on reboot.
C:\windows\system32\Drivers\TSSKX64.sys => Moved successfully.
C:\Users\Samsung\AppData\Roaming\Tencent => Moved successfully.
"C:\ProgramData\Tencent" directory move:
Could not move "C:\ProgramData\Tencent" directory. => Scheduled to move on reboot.
"C:\Program Files (x86)\Tencent" directory move:
Could not move "C:\Program Files (x86)\Tencent" directory. => Scheduled to move on reboot.
C:\windows\Tasks\BYAIAMUF.job => Moved successfully.
C:\Program Files (x86)\69dc8177-a574-4dff-8461-b3267b078dcf => Moved successfully.
C:\windows\System32\Tasks\BYAIAMUF => Moved successfully.
C:\windows\system32\Drivers\bd0001.sys_34897 => Moved successfully.
C:\windows\system32\Drivers\bd0001.sys_ => Moved successfully.
C:\Users\Samsung\AppData\Local\IWDAudHelper.20150426.134020.txt => Moved successfully.
C:\Users\Samsung\AppData\Local\PDLSetup.20140303.172601.txt => Moved successfully.
C:\Users\Samsung\AppData\Local\recently-used.xbel => Moved successfully.
C:\Users\Samsung\AppData\Local\WiDiSetupLog.20150426.133951.txt => Moved successfully.
C:\Users\Samsung\AppData\Roaming\BYAIAMUF => Moved successfully.
"C:\Users\Samsung\AppData\Roaming\BYAIAMUF.exe" => File/Directory not found.
C:\windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\windows\Tasks\BYAIAMUF.job not found.
C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
AV: 电脑管家系统防护 (Disabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} => The item is protected. Make sure the software is uninstalled and its services is removed.
AS: 电脑管家系统防护 (Disabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} => The item is protected. Make sure the software is uninstalled and its services is removed.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.2 GB temporary data.
Re: asi Baidu a nějaký čínan
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: asi Baidu a nějaký čínan
Chrome ani iexplorer nejdou spustit, piši z telefonu.
Pokus použit neplatnou operaci na klíč registru, který je označen pro odstranění.
Pokus použit neplatnou operaci na klíč registru, který je označen pro odstranění.
Re: asi Baidu a nějaký čínan
Restart PC, registr se da dohromady
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?