Mohl by někdo prosím prověřit program conhost? jedná se o vir? Díky Jarda
Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
Ran by xxx (2015-08-15 15:20:46)
Running from C:\Users\xxx\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1483560829-4059200125-2850435868-500 - Administrator - Disabled)
Guest (S-1-5-21-1483560829-4059200125-2850435868-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1483560829-4059200125-2850435868-1039 - Limited - Enabled)
xxx (S-1-5-21-1483560829-4059200125-2850435868-1000 - Administrator - Enabled) => C:\Users\xxx
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 8.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{11A4D79B-672C-7FFF-B5F7-B4409B1194EF}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
ccc-core-static (x32 Version: 2010.0416.541.8279 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
ESET Smart Security (HKLM\...\{E4BA35A7-9715-4405-951E-E60B4ED0C7B0}) (Version: 8.0.312.3 - ESET, spol s r. o.)
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.2.0.0 - GIANTS Software)
Farming Simulator 2013 (HKLM-x32\...\FarmingSimulator2013CZ_is1) (Version: 1.0 - GIANTS Software)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.0.30.81 - Hewlett-Packard Company)
Kolekce The Sims™ 3 Moje městečko (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Kolekce The Sims™ 3 Styl 70., 80. a 90. let (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Kolekce The Sims™ 3 Zahradní mejdan (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Kolekce The Sims™ 3 Na plný plyn (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PC Inspector smart recovery (HKLM-x32\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
PC Wizard 2010.1.96 (HKLM-x32\...\PC Wizard 2010_is1) (Version: - CPUID)
PhotoFiltre (HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\...\PhotoFiltre) (Version: - )
pro verze 1.00 a 1.01 (HKLM-x32\...\patch do češtiny ke hře Vampire the Masquerade: ~0AB4C956_is1) (Version: - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1600.0 - SAMSUNG Electronics Co., Ltd.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Svátky a narozeniny 2.0.2 (HKLM-x32\...\Svátky a narozeniny_is1) (Version: - Martin Pospíšil, Brno)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.62.153 - Electronic Arts)
The Sims™ 3 Cestovní horečka (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 3 Diesel Kolekce (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Do Budoucnosti (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Domácí mazlíčci (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Hrátky osudu (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Luxusní bydlení – Kolekce (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Obludárium (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Povolání snů (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Přepychové ložnice Kolekce (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Roční období (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Sladké radosti Katy Perry (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 Studentský život (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 Tropický ráj (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Po setmění (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore)
Traktor 2 (HKLM-x32\...\Traktor 2_is1) (Version: 1.0 - TopQer, s.r.o.)
Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)
Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision)
Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden
Vampire - The Masquerade Bloodlines (x32 Version: 1.2 - Activision) Hidden
verze 1.01 (HKLM-x32\...\čeština do hry Vampire the Masquerade: Bloodlines_is1) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AAFEEB8-EF67-4DD6-8D2B-2A2236B0E1FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {0BA42DCC-CAF6-4B61-BEAF-33098CF1B567} - System32\Tasks\{CE033CE2-95A4-4529-ADCC-486F61AFFBDB} => C:\Users\xxx\Desktop\Diablo II\Diablo II.exe
Task: {12DED504-EA4D-4ED8-A095-CDEABBAA4FAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {1F2A0A9C-4B94-45D2-990E-8044D18B8E00} - System32\Tasks\{56422119-BB41-48AD-8992-2F9776656613} => C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe [2014-11-01] (GIANTS Software GmbH)
Task: {21D47376-DA7B-4A10-8EC6-5E080552A54F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {26319C54-3762-4E1D-8B67-BEF209E3A260} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {2B6A0DAC-D4B5-46EC-A6B2-2F3101AA740A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {4FBACE55-A520-4FB8-83D8-9FF86F32D686} - System32\Tasks\{74BDC985-181A-40CA-9B5B-835AFD0EBA37} => C:\Users\xxx\Desktop\Hry\Diablo II\Diablo II.exe [2011-01-05] (Blizzard North)
Task: {5904B59F-FB6A-486B-AE00-F6A2D79F8572} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {741EAF06-2E1D-42F5-AFE7-F2A07EFFF0FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPW10UpgradeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPW10UpgradeReminder.exe [2015-07-24] (Hewlett-Packard)
Task: {8B5C7372-A9D2-4641-954B-93A10493153B} - System32\Tasks\HPCeeScheduleForxxx => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {95F90FFB-1F30-40C7-9159-0D6F5F4E87D4} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B5FD0273-8332-40EA-B2D9-3516384870B7} - System32\Tasks\{4F1D8439-BFF0-4F05-9C9F-75F2A6D7D73E} => C:\Users\xxx\Desktop\Diablo II\Game.exe
Task: {C9DFC0EA-5DA0-4E05-BB02-CD928440523A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {DB4A504A-7BBC-42EF-9B18-1DF25949596D} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {DE015D78-9176-4A91-AD2A-242ADE539F52} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1483560829-4059200125-2850435868-1000
Task: {E346BE63-809E-48AC-A0BC-0A7AE9B31795} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {E7BD2430-206A-4E95-B6BE-5F50D35D6D46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FE4DD09C-61EA-4A8F-9B32-F0836B9C7E17} - System32\Tasks\{18799A3D-BF82-406D-9B62-0CB54939CAE1} => C:\Users\xxx\Desktop\Diablo II\Diablo II.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForxxx.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (Whitelisted) ==============
2013-05-15 19:17 - 2013-05-15 19:46 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-01-12 13:43 - 2010-03-15 12:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-06-04 13:07 - 2015-06-04 13:08 - 07479296 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
2015-06-04 13:07 - 2015-06-04 13:08 - 07479296 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
2015-06-04 13:07 - 2015-06-04 13:07 - 02418688 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\winnet32b.exe
2013-06-18 15:49 - 2010-03-09 15:34 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-01-12 12:43 - 2013-01-12 12:43 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A4A558F3-CFE9-4B28-9067-1CC60BBAD2E3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{66C7B8E8-4FEA-40E8-868C-BBF3DFC21D60}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DA708E77-6EBB-44CF-BC60-B7F6A2661AD7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0CFC39B0-78E6-4BD9-98FC-0431C9413E3B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{65984B4E-CB02-4EF0-920B-8767E3B0F1E3}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{12CD3936-7542-4D9B-A0C2-DFAC9CD62CD8}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{EBCFCE69-DA26-43BD-BE8F-F7F00A340A7B}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{7BE4706C-DC16-46EF-808D-7527FD7CFF7A}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{BE990384-F5F8-41D4-BA37-FBE71A33B3B8}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{68C2F642-100D-4DFF-8829-2158849F2A2C}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{20D13EF9-DA1C-47ED-AB8A-9ACE3BB85A27}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{0180A768-457E-4958-9FD5-F9547DDAD025}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{7AB57083-E94C-445B-909A-D65CA2C586A4}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{09369207-2140-4713-89C6-CE59CF95D194}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
==================== Faulty Device Manager Devices =============
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (08/15/2015 01:48:16 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Microsoft Office:
=========================
==================== Memory info ===========================
Processor: AMD Turion(tm) II P540 Dual-Core Processor
Percentage of memory in use: 35%
Total physical RAM: 3834.9 MB
Available physical RAM: 2489.38 MB
Total Virtual: 7668.01 MB
Available Virtual: 5930.5 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:240.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1D016B00)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of log ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Conhost
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
jaroslav.24
- Návštěvník
- Příspěvky: 71
- Registrován: 01 zář 2011 16:14
Re: Conhost
Additional scan result of Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
Ran by xxx (2015-08-15 15:20:46)
Running from C:\Users\xxx\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1483560829-4059200125-2850435868-500 - Administrator - Disabled)
Guest (S-1-5-21-1483560829-4059200125-2850435868-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1483560829-4059200125-2850435868-1039 - Limited - Enabled)
xxx (S-1-5-21-1483560829-4059200125-2850435868-1000 - Administrator - Enabled) => C:\Users\xxx
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 8.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{11A4D79B-672C-7FFF-B5F7-B4409B1194EF}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
ccc-core-static (x32 Version: 2010.0416.541.8279 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
ESET Smart Security (HKLM\...\{E4BA35A7-9715-4405-951E-E60B4ED0C7B0}) (Version: 8.0.312.3 - ESET, spol s r. o.)
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.2.0.0 - GIANTS Software)
Farming Simulator 2013 (HKLM-x32\...\FarmingSimulator2013CZ_is1) (Version: 1.0 - GIANTS Software)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.0.30.81 - Hewlett-Packard Company)
Kolekce The Sims™ 3 Moje městečko (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Kolekce The Sims™ 3 Styl 70., 80. a 90. let (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Kolekce The Sims™ 3 Zahradní mejdan (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Kolekce The Sims™ 3 Na plný plyn (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PC Inspector smart recovery (HKLM-x32\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
PC Wizard 2010.1.96 (HKLM-x32\...\PC Wizard 2010_is1) (Version: - CPUID)
PhotoFiltre (HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\...\PhotoFiltre) (Version: - )
pro verze 1.00 a 1.01 (HKLM-x32\...\patch do češtiny ke hře Vampire the Masquerade: ~0AB4C956_is1) (Version: - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1600.0 - SAMSUNG Electronics Co., Ltd.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Svátky a narozeniny 2.0.2 (HKLM-x32\...\Svátky a narozeniny_is1) (Version: - Martin Pospíšil, Brno)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.62.153 - Electronic Arts)
The Sims™ 3 Cestovní horečka (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 3 Diesel Kolekce (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Do Budoucnosti (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Domácí mazlíčci (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Hrátky osudu (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Luxusní bydlení – Kolekce (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Obludárium (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Povolání snů (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Přepychové ložnice Kolekce (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Roční období (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Sladké radosti Katy Perry (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 Studentský život (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 Tropický ráj (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Po setmění (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore)
Traktor 2 (HKLM-x32\...\Traktor 2_is1) (Version: 1.0 - TopQer, s.r.o.)
Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)
Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision)
Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden
Vampire - The Masquerade Bloodlines (x32 Version: 1.2 - Activision) Hidden
verze 1.01 (HKLM-x32\...\čeština do hry Vampire the Masquerade: Bloodlines_is1) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AAFEEB8-EF67-4DD6-8D2B-2A2236B0E1FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {0BA42DCC-CAF6-4B61-BEAF-33098CF1B567} - System32\Tasks\{CE033CE2-95A4-4529-ADCC-486F61AFFBDB} => C:\Users\xxx\Desktop\Diablo II\Diablo II.exe
Task: {12DED504-EA4D-4ED8-A095-CDEABBAA4FAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {1F2A0A9C-4B94-45D2-990E-8044D18B8E00} - System32\Tasks\{56422119-BB41-48AD-8992-2F9776656613} => C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe [2014-11-01] (GIANTS Software GmbH)
Task: {21D47376-DA7B-4A10-8EC6-5E080552A54F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {26319C54-3762-4E1D-8B67-BEF209E3A260} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {2B6A0DAC-D4B5-46EC-A6B2-2F3101AA740A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {4FBACE55-A520-4FB8-83D8-9FF86F32D686} - System32\Tasks\{74BDC985-181A-40CA-9B5B-835AFD0EBA37} => C:\Users\xxx\Desktop\Hry\Diablo II\Diablo II.exe [2011-01-05] (Blizzard North)
Task: {5904B59F-FB6A-486B-AE00-F6A2D79F8572} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {741EAF06-2E1D-42F5-AFE7-F2A07EFFF0FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPW10UpgradeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPW10UpgradeReminder.exe [2015-07-24] (Hewlett-Packard)
Task: {8B5C7372-A9D2-4641-954B-93A10493153B} - System32\Tasks\HPCeeScheduleForxxx => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {95F90FFB-1F30-40C7-9159-0D6F5F4E87D4} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B5FD0273-8332-40EA-B2D9-3516384870B7} - System32\Tasks\{4F1D8439-BFF0-4F05-9C9F-75F2A6D7D73E} => C:\Users\xxx\Desktop\Diablo II\Game.exe
Task: {C9DFC0EA-5DA0-4E05-BB02-CD928440523A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {DB4A504A-7BBC-42EF-9B18-1DF25949596D} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {DE015D78-9176-4A91-AD2A-242ADE539F52} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1483560829-4059200125-2850435868-1000
Task: {E346BE63-809E-48AC-A0BC-0A7AE9B31795} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {E7BD2430-206A-4E95-B6BE-5F50D35D6D46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FE4DD09C-61EA-4A8F-9B32-F0836B9C7E17} - System32\Tasks\{18799A3D-BF82-406D-9B62-0CB54939CAE1} => C:\Users\xxx\Desktop\Diablo II\Diablo II.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForxxx.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (Whitelisted) ==============
2013-05-15 19:17 - 2013-05-15 19:46 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-01-12 13:43 - 2010-03-15 12:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-06-04 13:07 - 2015-06-04 13:08 - 07479296 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
2015-06-04 13:07 - 2015-06-04 13:08 - 07479296 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
2015-06-04 13:07 - 2015-06-04 13:07 - 02418688 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\winnet32b.exe
2013-06-18 15:49 - 2010-03-09 15:34 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-01-12 12:43 - 2013-01-12 12:43 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A4A558F3-CFE9-4B28-9067-1CC60BBAD2E3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{66C7B8E8-4FEA-40E8-868C-BBF3DFC21D60}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DA708E77-6EBB-44CF-BC60-B7F6A2661AD7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0CFC39B0-78E6-4BD9-98FC-0431C9413E3B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{65984B4E-CB02-4EF0-920B-8767E3B0F1E3}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{12CD3936-7542-4D9B-A0C2-DFAC9CD62CD8}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{EBCFCE69-DA26-43BD-BE8F-F7F00A340A7B}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{7BE4706C-DC16-46EF-808D-7527FD7CFF7A}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{BE990384-F5F8-41D4-BA37-FBE71A33B3B8}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{68C2F642-100D-4DFF-8829-2158849F2A2C}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{20D13EF9-DA1C-47ED-AB8A-9ACE3BB85A27}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{0180A768-457E-4958-9FD5-F9547DDAD025}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{7AB57083-E94C-445B-909A-D65CA2C586A4}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{09369207-2140-4713-89C6-CE59CF95D194}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
==================== Faulty Device Manager Devices =============
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (08/15/2015 01:48:16 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Microsoft Office:
=========================
==================== Memory info ===========================
Processor: AMD Turion(tm) II P540 Dual-Core Processor
Percentage of memory in use: 35%
Total physical RAM: 3834.9 MB
Available physical RAM: 2489.38 MB
Total Virtual: 7668.01 MB
Available Virtual: 5930.5 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:240.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1D016B00)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of log ============================
Ran by xxx (2015-08-15 15:20:46)
Running from C:\Users\xxx\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1483560829-4059200125-2850435868-500 - Administrator - Disabled)
Guest (S-1-5-21-1483560829-4059200125-2850435868-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1483560829-4059200125-2850435868-1039 - Limited - Enabled)
xxx (S-1-5-21-1483560829-4059200125-2850435868-1000 - Administrator - Enabled) => C:\Users\xxx
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 8.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personální firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{11A4D79B-672C-7FFF-B5F7-B4409B1194EF}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
ccc-core-static (x32 Version: 2010.0416.541.8279 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
ESET Smart Security (HKLM\...\{E4BA35A7-9715-4405-951E-E60B4ED0C7B0}) (Version: 8.0.312.3 - ESET, spol s r. o.)
Farming Simulator 15 (HKLM-x32\...\FarmingSimulator2015CZ_is1) (Version: 1.2.0.0 - GIANTS Software)
Farming Simulator 2013 (HKLM-x32\...\FarmingSimulator2013CZ_is1) (Version: 1.0 - GIANTS Software)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{E1BB50BA-7CCB-47CD-9FE3-03AAE6EEF862}) (Version: 12.0.30.81 - Hewlett-Packard Company)
Kolekce The Sims™ 3 Moje městečko (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Kolekce The Sims™ 3 Styl 70., 80. a 90. let (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Kolekce The Sims™ 3 Zahradní mejdan (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Kolekce The Sims™ 3 Na plný plyn (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Microsoft .NET Framework 4.5.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
PC Inspector smart recovery (HKLM-x32\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
PC Wizard 2010.1.96 (HKLM-x32\...\PC Wizard 2010_is1) (Version: - CPUID)
PhotoFiltre (HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\...\PhotoFiltre) (Version: - )
pro verze 1.00 a 1.01 (HKLM-x32\...\patch do češtiny ke hře Vampire the Masquerade: ~0AB4C956_is1) (Version: - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.1600.0 - SAMSUNG Electronics Co., Ltd.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Svátky a narozeniny 2.0.2 (HKLM-x32\...\Svátky a narozeniny_is1) (Version: - Martin Pospíšil, Brno)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.62.153 - Electronic Arts)
The Sims™ 3 Cestovní horečka (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 3 Diesel Kolekce (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
The Sims™ 3 Do Budoucnosti (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Domácí mazlíčci (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Hrátky osudu (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Luxusní bydlení – Kolekce (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 Obludárium (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Povolání snů (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Přepychové ložnice Kolekce (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
The Sims™ 3 Roční období (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
The Sims™ 3 Sladké radosti Katy Perry (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
The Sims™ 3 Studentský život (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
The Sims™ 3 Tropický ráj (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Po setmění (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Titan Quest (HKLM-x32\...\{412B69AF-C352-4F6F-A318-B92B3CB9ACC6}) (Version: 1.00.0000 - Iron Lore)
Titan Quest Immortal Throne (HKLM-x32\...\{B5C5C17E-FEF6-4062-8151-A427AE8AF9D7}) (Version: 1.00.0000 - Iron Lore)
Traktor 2 (HKLM-x32\...\Traktor 2_is1) (Version: 1.0 - TopQer, s.r.o.)
Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)
Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision)
Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden
Vampire - The Masquerade Bloodlines (x32 Version: 1.2 - Activision) Hidden
verze 1.01 (HKLM-x32\...\čeština do hry Vampire the Masquerade: Bloodlines_is1) (Version: - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AAFEEB8-EF67-4DD6-8D2B-2A2236B0E1FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {0BA42DCC-CAF6-4B61-BEAF-33098CF1B567} - System32\Tasks\{CE033CE2-95A4-4529-ADCC-486F61AFFBDB} => C:\Users\xxx\Desktop\Diablo II\Diablo II.exe
Task: {12DED504-EA4D-4ED8-A095-CDEABBAA4FAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {1F2A0A9C-4B94-45D2-990E-8044D18B8E00} - System32\Tasks\{56422119-BB41-48AD-8992-2F9776656613} => C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe [2014-11-01] (GIANTS Software GmbH)
Task: {21D47376-DA7B-4A10-8EC6-5E080552A54F} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {26319C54-3762-4E1D-8B67-BEF209E3A260} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {2B6A0DAC-D4B5-46EC-A6B2-2F3101AA740A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {4FBACE55-A520-4FB8-83D8-9FF86F32D686} - System32\Tasks\{74BDC985-181A-40CA-9B5B-835AFD0EBA37} => C:\Users\xxx\Desktop\Hry\Diablo II\Diablo II.exe [2011-01-05] (Blizzard North)
Task: {5904B59F-FB6A-486B-AE00-F6A2D79F8572} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {741EAF06-2E1D-42F5-AFE7-F2A07EFFF0FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPW10UpgradeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPW10UpgradeReminder.exe [2015-07-24] (Hewlett-Packard)
Task: {8B5C7372-A9D2-4641-954B-93A10493153B} - System32\Tasks\HPCeeScheduleForxxx => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {95F90FFB-1F30-40C7-9159-0D6F5F4E87D4} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B5FD0273-8332-40EA-B2D9-3516384870B7} - System32\Tasks\{4F1D8439-BFF0-4F05-9C9F-75F2A6D7D73E} => C:\Users\xxx\Desktop\Diablo II\Game.exe
Task: {C9DFC0EA-5DA0-4E05-BB02-CD928440523A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {DB4A504A-7BBC-42EF-9B18-1DF25949596D} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {DE015D78-9176-4A91-AD2A-242ADE539F52} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1483560829-4059200125-2850435868-1000
Task: {E346BE63-809E-48AC-A0BC-0A7AE9B31795} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {E7BD2430-206A-4E95-B6BE-5F50D35D6D46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FE4DD09C-61EA-4A8F-9B32-F0836B9C7E17} - System32\Tasks\{18799A3D-BF82-406D-9B62-0CB54939CAE1} => C:\Users\xxx\Desktop\Diablo II\Diablo II.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForxxx.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (Whitelisted) ==============
2013-05-15 19:17 - 2013-05-15 19:46 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-01-12 13:43 - 2010-03-15 12:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2015-06-04 13:07 - 2015-06-04 13:08 - 07479296 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
2015-06-04 13:07 - 2015-06-04 13:08 - 07479296 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
2015-06-04 13:07 - 2015-06-04 13:07 - 02418688 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\winnet32b.exe
2013-06-18 15:49 - 2010-03-09 15:34 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-01-12 12:43 - 2013-01-12 12:43 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\xxx\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A4A558F3-CFE9-4B28-9067-1CC60BBAD2E3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{66C7B8E8-4FEA-40E8-868C-BBF3DFC21D60}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DA708E77-6EBB-44CF-BC60-B7F6A2661AD7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0CFC39B0-78E6-4BD9-98FC-0431C9413E3B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{65984B4E-CB02-4EF0-920B-8767E3B0F1E3}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{12CD3936-7542-4D9B-A0C2-DFAC9CD62CD8}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{EBCFCE69-DA26-43BD-BE8F-F7F00A340A7B}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{7BE4706C-DC16-46EF-808D-7527FD7CFF7A}] => (Allow) C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{BE990384-F5F8-41D4-BA37-FBE71A33B3B8}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{68C2F642-100D-4DFF-8829-2158849F2A2C}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{20D13EF9-DA1C-47ED-AB8A-9ACE3BB85A27}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{0180A768-457E-4958-9FD5-F9547DDAD025}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{7AB57083-E94C-445B-909A-D65CA2C586A4}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{09369207-2140-4713-89C6-CE59CF95D194}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
==================== Faulty Device Manager Devices =============
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Periferní zařízení Bluetooth
Description: Periferní zařízení Bluetooth
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (08/15/2015 01:48:16 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.
Microsoft Office:
=========================
==================== Memory info ===========================
Processor: AMD Turion(tm) II P540 Dual-Core Processor
Percentage of memory in use: 35%
Total physical RAM: 3834.9 MB
Available physical RAM: 2489.38 MB
Total Virtual: 7668.01 MB
Available Virtual: 5930.5 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:240.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1D016B00)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of log ============================
Re: Conhost
Krasny den Vam preju 
Ano, jedna se o vir - BitCoin miner.
Je OS legalni?
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
Nasledne udelejte novy sken z FRST/FRST64.exe a vlozte obsah logu FRST.txt (vlozil jste 2x Addition.txt).
Ano, jedna se o vir - BitCoin miner. Je OS legalni? V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Cleaning
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Nasledne udelejte novy sken z FRST/FRST64.exe a vlozte obsah logu FRST.txt (vlozil jste 2x Addition.txt).Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
jaroslav.24
- Návštěvník
- Příspěvky: 71
- Registrován: 01 zář 2011 16:14
Re: Conhost
Díky za odpověď.
Upřímně vám odpovím, že nevím. Notes jsem koupil v bazaru a tak doufám že snad ano. Sedmičky už tam byly a také spousta her a různých jiných věcí. Aktualizace stahuje tak snad je legální. Dokonce my nabízí zdarma win 10.
Vkládám logy
# AdwCleaner v5.000 - Logfile created 16/08/2015 at 09:56:30
# Updated 14/08/2015 by Xplode
# Database : 2015-08-15.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : xxx - TAMERLINE
# Running from : C:\Users\xxx\Desktop\adwcleaner_5.000.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\xxx\AppData\Local\apn
***** [ Files ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\e0ffeb74a004a820583314e2c3100266
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[-] Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C9DFBCF6-632F-4021-B3C8-D411A655A49B}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C9DFBCF6-632F-4021-B3C8-D411A655A49B}
***** [ Web browsers ] *****
*************************
:: Proxy settings cleared
:: Winsock settings cleared
*************************
C:\AdwCleaner[C1].txt - [2788 octets] - [16/08/2015 09:56:30]
C:\AdwCleaner[S1].txt - [2711 octets] - [16/08/2015 09:55:12]
########## EOF - C:\AdwCleaner[C1].txt - [2914 octets] ##########
Upřímně vám odpovím, že nevím. Notes jsem koupil v bazaru a tak doufám že snad ano. Sedmičky už tam byly a také spousta her a různých jiných věcí. Aktualizace stahuje tak snad je legální. Dokonce my nabízí zdarma win 10.
Vkládám logy
# AdwCleaner v5.000 - Logfile created 16/08/2015 at 09:56:30
# Updated 14/08/2015 by Xplode
# Database : 2015-08-15.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : xxx - TAMERLINE
# Running from : C:\Users\xxx\Desktop\adwcleaner_5.000.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Users\xxx\AppData\Local\apn
***** [ Files ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\e0ffeb74a004a820583314e2c3100266
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[-] Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
[!] Key Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C9DFBCF6-632F-4021-B3C8-D411A655A49B}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[!] Key Not Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C9DFBCF6-632F-4021-B3C8-D411A655A49B}
***** [ Web browsers ] *****
*************************
:: Proxy settings cleared
:: Winsock settings cleared
*************************
C:\AdwCleaner[C1].txt - [2788 octets] - [16/08/2015 09:56:30]
C:\AdwCleaner[S1].txt - [2711 octets] - [16/08/2015 09:55:12]
########## EOF - C:\AdwCleaner[C1].txt - [2914 octets] ##########
-
jaroslav.24
- Návštěvník
- Příspěvky: 71
- Registrován: 01 zář 2011 16:14
Re: Conhost
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:14-08-2015 01
Ran by xxx (administrator) on TAMERLINE (16-08-2015 10:03:37)
Running from C:\Users\xxx\Desktop
Loaded Profiles: xxx (Available Profiles: xxx)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
() C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Users\xxx\AppData\Roaming\Microsoft\Networking\winnet32b.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-16] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-18] (Microsoft Corporation)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-06-04] ()
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-06-04] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
CHR HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-1483560829-4059200125-2850435868-1000] => https://authenticationserver.djmato.cz: ... TAL_ACTION$
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
URLSearchHook: HKU\S-1-5-21-1483560829-4059200125-2850435868-1000 - (No Name) - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - No File
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1483560829-4059200125-2850435868-1000 -> DefaultScope {ED339DF8-D3F8-4C7F-8D9D-AE3797249E53} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1483560829-4059200125-2850435868-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1483560829-4059200125-2850435868-1000 -> {ED339DF8-D3F8-4C7F-8D9D-AE3797249E53} URL = hxxps://www.google.com/search?q={searchTerms}
BHO-x32: No Name -> {9e35e959-d723-4b5f-9207-2a94f8ab9068} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - No File
DPF: HKLM {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0B2C8D1C-3FE8-4591-A532-F78EF7874946}: [DhcpNameServer] 192.168.120.1 77.48.254.254
Tcpip\..\Interfaces\{89709285-5AA6-4845-8F4F-A63EEA90DA7E}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{89709285-5AA6-4845-8F4F-A63EEA90DA7E}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-05-15] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cpuz134; C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [21480 2010-07-09] (Windows (R) Win 7 DDK provider)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-10-25] (Devguru Co., Ltd)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-06] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-01-12] () [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-16 10:03 - 2015-08-16 10:04 - 00009257 _____ C:\Users\xxx\Desktop\FRST.txt
2015-08-16 09:56 - 2015-08-16 09:56 - 00003003 _____ C:\AdwCleaner[C1].txt
2015-08-16 09:55 - 2015-08-16 09:56 - 00002711 _____ C:\AdwCleaner[S1].txt
2015-08-16 09:54 - 2015-08-16 09:56 - 00000000 ____D C:\AdwCleaner
2015-08-16 09:53 - 2015-08-16 09:53 - 01563648 _____ C:\Users\xxx\Desktop\adwcleaner_5.000.exe
2015-08-16 08:50 - 2015-08-16 08:57 - 00000000 ____D C:\Users\xxx\Documents\German Truck Simulator
2015-08-15 17:42 - 2015-08-16 09:57 - 00000280 _____ C:\Windows\setupact.log
2015-08-15 17:42 - 2015-08-15 17:42 - 00000000 _____ C:\Windows\setuperr.log
2015-08-15 15:00 - 2015-08-16 10:03 - 00000000 ____D C:\FRST
2015-08-15 14:57 - 2015-08-15 14:57 - 00112640 _____ (forum.viry.cz) C:\Users\xxx\Desktop\FRSTLauncher.exe
2015-08-15 14:54 - 2015-08-15 14:55 - 02173952 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2015-08-15 14:37 - 2015-08-15 14:38 - 00000000 ____D C:\Windows\pss
2015-08-13 13:16 - 2015-08-13 13:16 - 00002131 _____ C:\Users\xxx\Desktop\Sims3Launcher – zástupce.lnk
2015-08-13 01:05 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 01:05 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 00:56 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-13 00:56 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-13 00:56 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-13 00:56 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-13 00:56 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-13 00:56 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-13 00:56 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-13 00:56 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-13 00:52 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-13 00:52 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-13 00:52 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-13 00:52 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-13 00:52 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-13 00:52 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-13 00:52 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-13 00:52 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-13 00:52 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-13 00:52 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-13 00:52 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-13 00:52 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-13 00:52 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-13 00:52 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-13 00:52 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-13 00:52 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-13 00:52 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-13 00:52 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-13 00:52 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-13 00:52 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-13 00:52 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-13 00:52 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-13 00:52 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-13 00:52 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-13 00:52 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-13 00:52 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-13 00:52 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-13 00:52 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-13 00:52 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-13 00:52 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-13 00:52 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-13 00:52 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-13 00:52 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-13 00:52 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-13 00:52 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-13 00:52 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-13 00:52 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-13 00:52 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-13 00:52 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-13 00:52 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-13 00:52 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-13 00:52 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-13 00:52 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-13 00:52 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-13 00:52 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-13 00:52 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-13 00:52 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-13 00:52 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-13 00:52 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-13 00:52 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-13 00:52 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-13 00:50 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-13 00:49 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-13 00:49 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-13 00:49 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-13 00:49 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-13 00:49 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-13 00:49 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-13 00:49 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-13 00:49 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-13 00:49 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-13 00:49 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-13 00:49 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-13 00:49 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-13 00:49 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-13 00:49 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-13 00:49 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-13 00:49 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-13 00:49 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-13 00:49 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-13 00:49 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-13 00:49 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-13 00:49 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-13 00:49 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-13 00:49 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-13 00:49 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-13 00:49 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-13 00:49 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-13 00:49 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-13 00:49 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-13 00:48 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-13 00:48 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-13 00:48 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-13 00:48 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-13 00:48 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-13 00:48 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-13 00:48 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-13 00:48 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-13 00:48 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-13 00:48 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-13 00:48 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-13 00:48 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-13 00:48 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-13 00:48 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-13 00:48 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-13 00:48 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-13 00:48 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-13 00:48 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-13 00:48 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-13 00:48 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-13 00:48 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-13 00:48 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-13 00:48 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-13 00:48 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-13 00:48 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-13 00:48 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-13 00:48 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-13 00:48 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-13 00:48 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-13 00:48 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-13 00:48 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-13 00:48 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-13 00:45 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-13 00:45 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-13 00:45 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-13 00:45 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-13 00:44 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-13 00:44 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-13 00:44 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-13 00:44 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-13 00:44 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-13 00:44 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-13 00:44 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-13 00:44 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-13 00:44 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-13 00:44 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-13 00:44 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-13 00:44 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-13 00:44 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-13 00:44 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-13 00:44 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-13 00:44 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-13 00:44 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-13 00:44 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-13 00:44 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-13 00:44 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-13 00:44 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-13 00:44 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-13 00:44 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-13 00:44 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-13 00:44 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-13 00:44 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-13 00:44 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-13 00:44 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-13 00:44 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-13 00:44 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-09 05:00 - 2015-08-09 05:03 - 00001233 _____ C:\Users\xxx\Desktop\vampire – zástupce.lnk
2015-08-09 04:41 - 2015-08-09 04:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampire - The Masquerade Bloodlines
2015-08-09 04:41 - 2015-08-09 04:41 - 00000298 _____ C:\Windows\vtmb.ini
2015-08-09 04:35 - 2015-08-09 04:35 - 00000000 ____D C:\Program Files (x86)\Activision
2015-08-09 04:26 - 2015-08-09 04:26 - 00000000 ____D C:\Program Files (x86)\Vampire - Bloodlines
2015-08-08 14:26 - 2015-08-08 14:26 - 00002960 _____ C:\Windows\System32\Tasks\{74BDC985-181A-40CA-9B5B-835AFD0EBA37}
2015-08-06 13:30 - 2015-08-07 07:40 - 00000000 ____D C:\Program Files (x86)\Farming Simulator 15 - Gold Edition
2015-08-06 13:11 - 2015-08-06 13:43 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-08-05 13:44 - 2015-08-14 20:07 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForxxx
2015-08-05 13:44 - 2015-08-14 20:07 - 00000324 _____ C:\Windows\Tasks\HPCeeScheduleForxxx.job
2015-08-05 13:41 - 2015-08-05 13:55 - 00000000 ____D C:\Users\xxx\AppData\Local\Hewlett-Packard
2015-08-05 13:41 - 2015-08-05 13:41 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Hewlett-Packard
2015-08-05 13:41 - 2015-08-05 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-08-05 13:38 - 2015-08-06 13:12 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-08-05 13:38 - 2015-08-05 13:38 - 00000000 ____D C:\System.sav
2015-08-05 13:37 - 2015-08-06 13:12 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2015-08-05 13:37 - 2015-08-05 13:37 - 00000000 ____D C:\Users\xxx\AppData\Roaming\hpqLog
2015-08-05 13:37 - 2015-08-05 13:37 - 00000000 ____D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}
2015-08-05 13:31 - 2015-08-05 13:38 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-08-04 13:36 - 2015-08-04 13:36 - 00000000 ____D C:\$SysReset
2015-08-04 09:55 - 2015-08-04 09:55 - 00008192 _____ C:\Windows\system32\config\userdiff
2015-08-04 09:38 - 2015-08-04 14:46 - 00000000 __SHD C:\Recovery
2015-08-04 08:28 - 2015-08-04 09:38 - 00010447 _____ C:\Windows\diagerr.xml
2015-08-04 08:28 - 2015-08-04 09:38 - 00009528 _____ C:\Windows\diagwrn.xml
2015-08-03 10:25 - 2015-08-04 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2015
2015-08-03 10:25 - 2015-08-03 10:25 - 00001211 _____ C:\Users\xxx\Desktop\Farming Simulator 15 .lnk
2015-08-03 10:21 - 2015-08-03 10:33 - 00000000 ____D C:\Program Files (x86)\Farming Simulator 2015
2015-08-03 09:57 - 2015-08-04 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2013
2015-08-03 09:57 - 2015-08-03 09:57 - 00001215 _____ C:\Users\xxx\Desktop\Farming Simulator 2013 .lnk
2015-08-03 09:55 - 2015-08-03 09:57 - 00000000 ____D C:\Program Files (x86)\Farming Simulator 2013
2015-08-03 07:40 - 2015-08-03 07:40 - 00000000 ____D C:\Users\xxx\Desktop\Farming-simulator-2013-CZ-full
2015-08-02 18:16 - 2015-08-02 18:16 - 00000779 _____ C:\Users\xxx\Desktop\Traktor 2.lnk
2015-08-02 18:16 - 2015-08-02 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
2015-08-02 18:15 - 2015-08-02 18:15 - 00000000 ____D C:\TopCD
2015-08-02 17:44 - 2015-08-02 18:10 - 480358400 _____ C:\Users\xxx\Desktop\TRAKTOR---Zetor-Simulátor-2.iso
2015-08-02 12:20 - 2015-08-04 09:37 - 00003156 _____ C:\Windows\System32\Tasks\{56422119-BB41-48AD-8992-2F9776656613}
2015-07-18 11:34 - 2015-07-18 11:34 - 00000000 ____D C:\Program Files (x86)\Svátky a narozeniny
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-16 10:04 - 2009-07-14 17:18 - 00669116 _____ C:\Windows\system32\perfh005.dat
2015-08-16 10:04 - 2009-07-14 17:18 - 00141744 _____ C:\Windows\system32\perfc005.dat
2015-08-16 10:04 - 2009-07-14 07:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-16 10:00 - 2013-01-11 20:02 - 01934610 _____ C:\Windows\WindowsUpdate.log
2015-08-16 09:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-16 09:56 - 2009-07-14 06:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-16 09:56 - 2009-07-14 06:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-15 09:19 - 2015-05-19 13:00 - 00000000 ____D C:\Users\xxx\Desktop\System
2015-08-14 07:23 - 2015-05-19 15:57 - 00000012 _____ C:\Users\xxx\intlname.ols
2015-08-13 07:15 - 2014-12-14 20:41 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 07:15 - 2014-05-06 22:39 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 06:59 - 2009-07-14 06:45 - 00413232 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 00:57 - 2013-08-04 10:25 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 00:57 - 2013-01-12 15:47 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 15:53 - 2015-06-08 07:44 - 00000000 ___RD C:\Users\xxx\Desktop\fotky
2015-08-12 07:17 - 2013-12-25 18:37 - 00000000 ____D C:\Users\xxx\AppData\Local\CrashDumps
2015-08-12 07:17 - 2013-01-12 13:44 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DAEMON Tools Lite
2015-08-11 09:14 - 2015-05-24 09:21 - 00000000 ____D C:\Users\xxx\Desktop\Hry
2015-08-09 14:07 - 2013-01-11 20:03 - 00000000 ____D C:\Users\xxx
2015-08-09 04:45 - 2013-01-12 13:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-09 01:18 - 2013-01-11 23:09 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-08 18:59 - 2014-05-12 19:00 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-08 15:52 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-06 14:24 - 2013-01-11 19:53 - 00000000 ____D C:\Windows\Panther
2015-08-06 14:17 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-05 17:14 - 2013-03-17 15:43 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2015-08-05 17:11 - 2015-03-20 16:59 - 00000000 ____D C:\ProgramData\Apple
2015-08-05 13:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-08-05 13:36 - 2013-01-11 23:22 - 00110424 _____ C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-04 14:40 - 2013-05-18 08:21 - 00000000 ____D C:\Windows\system32\SPReview
2015-08-04 14:40 - 2013-01-12 13:12 - 00000000 ____D C:\Windows\SysWOW64\Futuremark
2015-08-04 14:40 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2015-08-04 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2015-08-04 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-08-04 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2015-08-04 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-04 14:39 - 2015-05-26 04:56 - 00000000 ____D C:\Program Files\AMD
2015-08-04 14:39 - 2015-05-26 04:55 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-04 14:39 - 2015-05-24 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-08-04 14:39 - 2015-05-07 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-04 14:39 - 2015-05-06 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-08-04 14:39 - 2014-01-19 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-04 14:39 - 2013-10-11 07:43 - 00000000 ____D C:\Windows\system32\MpEngineStore
2015-08-04 14:39 - 2013-08-07 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-04 14:39 - 2013-05-10 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre
2015-08-04 14:39 - 2013-04-25 20:41 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-08-04 14:39 - 2013-04-12 18:21 - 00000000 ____D C:\Windows\system32\EventProviders
2015-08-04 14:39 - 2013-01-12 13:44 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-04 14:39 - 2013-01-12 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-04 14:39 - 2013-01-12 12:42 - 00000000 ____D C:\Program Files\ATI Technologies
2015-08-04 14:39 - 2013-01-12 01:37 - 00000000 ____D C:\ProgramData\AMD
2015-08-04 14:39 - 2009-07-14 17:36 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-04 14:39 - 2009-07-14 17:36 - 00000000 ____D C:\Windows\ShellNew
2015-08-04 14:39 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Recovery
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-08-04 13:26 - 2015-05-26 05:02 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Raptr
2015-08-04 13:22 - 2013-01-12 12:44 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-04 13:20 - 2015-05-26 04:52 - 00000000 ____D C:\AMD
2015-08-04 10:47 - 2015-05-26 05:02 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-04 09:37 - 2015-05-19 16:02 - 00003996 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-08-04 09:37 - 2014-01-19 14:18 - 00002878 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-08-04 09:37 - 2013-04-13 18:09 - 00003300 _____ C:\Windows\System32\Tasks\SidebarExecute
2015-08-04 09:37 - 2013-01-11 23:09 - 00003962 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-04 09:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-08-03 10:34 - 2015-05-06 14:51 - 00000000 ____D C:\Users\xxx\Documents\My Games
2015-08-02 12:18 - 2015-05-24 18:16 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-07-27 11:11 - 2015-05-06 00:23 - 00000000 ___SD C:\Windows\system32\GWX
==================== Files in the root of some directories =======
2015-05-26 15:44 - 2015-05-26 15:44 - 0000017 _____ () C:\Users\xxx\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-03 19:28
==================== End of log ============================
Ran by xxx (administrator) on TAMERLINE (16-08-2015 10:03:37)
Running from C:\Users\xxx\Desktop
Loaded Profiles: xxx (Available Profiles: xxx)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
() C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Users\xxx\AppData\Roaming\Microsoft\Networking\winnet32b.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-04-16] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-18] (Microsoft Corporation)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-06-04] ()
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-06-04] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
CHR HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-1483560829-4059200125-2850435868-1000] => https://authenticationserver.djmato.cz: ... TAL_ACTION$
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
URLSearchHook: HKU\S-1-5-21-1483560829-4059200125-2850435868-1000 - (No Name) - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - No File
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1483560829-4059200125-2850435868-1000 -> DefaultScope {ED339DF8-D3F8-4C7F-8D9D-AE3797249E53} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1483560829-4059200125-2850435868-1000 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1483560829-4059200125-2850435868-1000 -> {ED339DF8-D3F8-4C7F-8D9D-AE3797249E53} URL = hxxps://www.google.com/search?q={searchTerms}
BHO-x32: No Name -> {9e35e959-d723-4b5f-9207-2a94f8ab9068} -> No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - No File
DPF: HKLM {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0B2C8D1C-3FE8-4591-A532-F78EF7874946}: [DhcpNameServer] 192.168.120.1 77.48.254.254
Tcpip\..\Interfaces\{89709285-5AA6-4845-8F4F-A63EEA90DA7E}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{89709285-5AA6-4845-8F4F-A63EEA90DA7E}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-26] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-05-15] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cpuz134; C:\Program Files (x86)\CPUID\PC Wizard 2010\pcwiz_x64.sys [21480 2010-07-09] (Windows (R) Win 7 DDK provider)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-10-25] (Devguru Co., Ltd)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-05-06] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-01-12] () [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-16 10:03 - 2015-08-16 10:04 - 00009257 _____ C:\Users\xxx\Desktop\FRST.txt
2015-08-16 09:56 - 2015-08-16 09:56 - 00003003 _____ C:\AdwCleaner[C1].txt
2015-08-16 09:55 - 2015-08-16 09:56 - 00002711 _____ C:\AdwCleaner[S1].txt
2015-08-16 09:54 - 2015-08-16 09:56 - 00000000 ____D C:\AdwCleaner
2015-08-16 09:53 - 2015-08-16 09:53 - 01563648 _____ C:\Users\xxx\Desktop\adwcleaner_5.000.exe
2015-08-16 08:50 - 2015-08-16 08:57 - 00000000 ____D C:\Users\xxx\Documents\German Truck Simulator
2015-08-15 17:42 - 2015-08-16 09:57 - 00000280 _____ C:\Windows\setupact.log
2015-08-15 17:42 - 2015-08-15 17:42 - 00000000 _____ C:\Windows\setuperr.log
2015-08-15 15:00 - 2015-08-16 10:03 - 00000000 ____D C:\FRST
2015-08-15 14:57 - 2015-08-15 14:57 - 00112640 _____ (forum.viry.cz) C:\Users\xxx\Desktop\FRSTLauncher.exe
2015-08-15 14:54 - 2015-08-15 14:55 - 02173952 _____ (Farbar) C:\Users\xxx\Desktop\FRST64.exe
2015-08-15 14:37 - 2015-08-15 14:38 - 00000000 ____D C:\Windows\pss
2015-08-13 13:16 - 2015-08-13 13:16 - 00002131 _____ C:\Users\xxx\Desktop\Sims3Launcher – zástupce.lnk
2015-08-13 01:05 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 01:05 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 00:56 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-13 00:56 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-13 00:56 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-13 00:56 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-13 00:56 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-13 00:56 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-13 00:56 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-13 00:56 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-13 00:52 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-13 00:52 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-13 00:52 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-13 00:52 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-13 00:52 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-13 00:52 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-13 00:52 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-13 00:52 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-13 00:52 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-13 00:52 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-13 00:52 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-13 00:52 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-13 00:52 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-13 00:52 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-13 00:52 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-13 00:52 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-13 00:52 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-13 00:52 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-13 00:52 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-13 00:52 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-13 00:52 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-13 00:52 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-13 00:52 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-13 00:52 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-13 00:52 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-13 00:52 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-13 00:52 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-13 00:52 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-13 00:52 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-13 00:52 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-13 00:52 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-13 00:52 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-13 00:52 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-13 00:52 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-13 00:52 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-13 00:52 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-13 00:52 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-13 00:52 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-13 00:52 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-13 00:52 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-13 00:52 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-13 00:52 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-13 00:52 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-13 00:52 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-13 00:52 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-13 00:52 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-13 00:52 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-13 00:52 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-13 00:52 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-13 00:52 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-13 00:52 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-13 00:52 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-13 00:52 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-13 00:50 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-13 00:49 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-13 00:49 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-13 00:49 - 2015-07-16 22:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-13 00:49 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-13 00:49 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-13 00:49 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-13 00:49 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-13 00:49 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-13 00:49 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-13 00:49 - 2015-07-16 22:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-13 00:49 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-13 00:49 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-13 00:49 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-13 00:49 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-13 00:49 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-13 00:49 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-13 00:49 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-13 00:49 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-13 00:49 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-13 00:49 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-13 00:49 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-13 00:49 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-13 00:49 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-13 00:49 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-13 00:49 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-13 00:49 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-13 00:49 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-13 00:49 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-13 00:48 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-13 00:48 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-13 00:48 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-13 00:48 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-13 00:48 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-13 00:48 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-13 00:48 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-13 00:48 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-13 00:48 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-13 00:48 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-13 00:48 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-13 00:48 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-13 00:48 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-13 00:48 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-13 00:48 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-13 00:48 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-13 00:48 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-13 00:48 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-13 00:48 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-13 00:48 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-13 00:48 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-13 00:48 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-13 00:48 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-13 00:48 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-13 00:48 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-13 00:48 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-13 00:48 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-13 00:48 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-13 00:48 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-13 00:48 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-13 00:48 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-13 00:48 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-13 00:45 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-13 00:45 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-13 00:45 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-13 00:45 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-13 00:44 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-13 00:44 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-13 00:44 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-13 00:44 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-13 00:44 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-13 00:44 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-13 00:44 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-13 00:44 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-13 00:44 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-13 00:44 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-13 00:44 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-13 00:44 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-13 00:44 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-13 00:44 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-13 00:44 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-13 00:44 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-13 00:44 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-13 00:44 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-13 00:44 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-13 00:44 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-13 00:44 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-13 00:44 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-13 00:44 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-13 00:44 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-13 00:44 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-13 00:44 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-13 00:44 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-13 00:44 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-13 00:44 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-13 00:44 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-13 00:44 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-13 00:44 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-09 05:00 - 2015-08-09 05:03 - 00001233 _____ C:\Users\xxx\Desktop\vampire – zástupce.lnk
2015-08-09 04:41 - 2015-08-09 04:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vampire - The Masquerade Bloodlines
2015-08-09 04:41 - 2015-08-09 04:41 - 00000298 _____ C:\Windows\vtmb.ini
2015-08-09 04:35 - 2015-08-09 04:35 - 00000000 ____D C:\Program Files (x86)\Activision
2015-08-09 04:26 - 2015-08-09 04:26 - 00000000 ____D C:\Program Files (x86)\Vampire - Bloodlines
2015-08-08 14:26 - 2015-08-08 14:26 - 00002960 _____ C:\Windows\System32\Tasks\{74BDC985-181A-40CA-9B5B-835AFD0EBA37}
2015-08-06 13:30 - 2015-08-07 07:40 - 00000000 ____D C:\Program Files (x86)\Farming Simulator 15 - Gold Edition
2015-08-06 13:11 - 2015-08-06 13:43 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-08-05 13:44 - 2015-08-14 20:07 - 00003174 _____ C:\Windows\System32\Tasks\HPCeeScheduleForxxx
2015-08-05 13:44 - 2015-08-14 20:07 - 00000324 _____ C:\Windows\Tasks\HPCeeScheduleForxxx.job
2015-08-05 13:41 - 2015-08-05 13:55 - 00000000 ____D C:\Users\xxx\AppData\Local\Hewlett-Packard
2015-08-05 13:41 - 2015-08-05 13:41 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Hewlett-Packard
2015-08-05 13:41 - 2015-08-05 13:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-08-05 13:38 - 2015-08-06 13:12 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-08-05 13:38 - 2015-08-05 13:38 - 00000000 ____D C:\System.sav
2015-08-05 13:37 - 2015-08-06 13:12 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2015-08-05 13:37 - 2015-08-05 13:37 - 00000000 ____D C:\Users\xxx\AppData\Roaming\hpqLog
2015-08-05 13:37 - 2015-08-05 13:37 - 00000000 ____D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}
2015-08-05 13:31 - 2015-08-05 13:38 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-08-04 13:36 - 2015-08-04 13:36 - 00000000 ____D C:\$SysReset
2015-08-04 09:55 - 2015-08-04 09:55 - 00008192 _____ C:\Windows\system32\config\userdiff
2015-08-04 09:38 - 2015-08-04 14:46 - 00000000 __SHD C:\Recovery
2015-08-04 08:28 - 2015-08-04 09:38 - 00010447 _____ C:\Windows\diagerr.xml
2015-08-04 08:28 - 2015-08-04 09:38 - 00009528 _____ C:\Windows\diagwrn.xml
2015-08-03 10:25 - 2015-08-04 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2015
2015-08-03 10:25 - 2015-08-03 10:25 - 00001211 _____ C:\Users\xxx\Desktop\Farming Simulator 15 .lnk
2015-08-03 10:21 - 2015-08-03 10:33 - 00000000 ____D C:\Program Files (x86)\Farming Simulator 2015
2015-08-03 09:57 - 2015-08-04 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Farming Simulator 2013
2015-08-03 09:57 - 2015-08-03 09:57 - 00001215 _____ C:\Users\xxx\Desktop\Farming Simulator 2013 .lnk
2015-08-03 09:55 - 2015-08-03 09:57 - 00000000 ____D C:\Program Files (x86)\Farming Simulator 2013
2015-08-03 07:40 - 2015-08-03 07:40 - 00000000 ____D C:\Users\xxx\Desktop\Farming-simulator-2013-CZ-full
2015-08-02 18:16 - 2015-08-02 18:16 - 00000779 _____ C:\Users\xxx\Desktop\Traktor 2.lnk
2015-08-02 18:16 - 2015-08-02 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TopCD
2015-08-02 18:15 - 2015-08-02 18:15 - 00000000 ____D C:\TopCD
2015-08-02 17:44 - 2015-08-02 18:10 - 480358400 _____ C:\Users\xxx\Desktop\TRAKTOR---Zetor-Simulátor-2.iso
2015-08-02 12:20 - 2015-08-04 09:37 - 00003156 _____ C:\Windows\System32\Tasks\{56422119-BB41-48AD-8992-2F9776656613}
2015-07-18 11:34 - 2015-07-18 11:34 - 00000000 ____D C:\Program Files (x86)\Svátky a narozeniny
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-16 10:04 - 2009-07-14 17:18 - 00669116 _____ C:\Windows\system32\perfh005.dat
2015-08-16 10:04 - 2009-07-14 17:18 - 00141744 _____ C:\Windows\system32\perfc005.dat
2015-08-16 10:04 - 2009-07-14 07:13 - 01584554 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-16 10:00 - 2013-01-11 20:02 - 01934610 _____ C:\Windows\WindowsUpdate.log
2015-08-16 09:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-16 09:56 - 2009-07-14 06:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-16 09:56 - 2009-07-14 06:45 - 00022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-15 09:19 - 2015-05-19 13:00 - 00000000 ____D C:\Users\xxx\Desktop\System
2015-08-14 07:23 - 2015-05-19 15:57 - 00000012 _____ C:\Users\xxx\intlname.ols
2015-08-13 07:15 - 2014-12-14 20:41 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 07:15 - 2014-05-06 22:39 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 06:59 - 2009-07-14 06:45 - 00413232 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 00:57 - 2013-08-04 10:25 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 00:57 - 2013-01-12 15:47 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 15:53 - 2015-06-08 07:44 - 00000000 ___RD C:\Users\xxx\Desktop\fotky
2015-08-12 07:17 - 2013-12-25 18:37 - 00000000 ____D C:\Users\xxx\AppData\Local\CrashDumps
2015-08-12 07:17 - 2013-01-12 13:44 - 00000000 ____D C:\Users\xxx\AppData\Roaming\DAEMON Tools Lite
2015-08-11 09:14 - 2015-05-24 09:21 - 00000000 ____D C:\Users\xxx\Desktop\Hry
2015-08-09 14:07 - 2013-01-11 20:03 - 00000000 ____D C:\Users\xxx
2015-08-09 04:45 - 2013-01-12 13:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-09 01:18 - 2013-01-11 23:09 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-08 18:59 - 2014-05-12 19:00 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-08 15:52 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-08-06 14:24 - 2013-01-11 19:53 - 00000000 ____D C:\Windows\Panther
2015-08-06 14:17 - 2015-07-10 18:25 - 00000000 ___HD C:\$Windows.~BT
2015-08-05 17:14 - 2013-03-17 15:43 - 00000000 ____D C:\Users\xxx\AppData\Roaming\vlc
2015-08-05 17:11 - 2015-03-20 16:59 - 00000000 ____D C:\ProgramData\Apple
2015-08-05 13:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-08-05 13:36 - 2013-01-11 23:22 - 00110424 _____ C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-04 14:40 - 2013-05-18 08:21 - 00000000 ____D C:\Windows\system32\SPReview
2015-08-04 14:40 - 2013-01-12 13:12 - 00000000 ____D C:\Windows\SysWOW64\Futuremark
2015-08-04 14:40 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2015-08-04 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2015-08-04 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-08-04 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2015-08-04 14:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-04 14:39 - 2015-05-26 04:56 - 00000000 ____D C:\Program Files\AMD
2015-08-04 14:39 - 2015-05-26 04:55 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-04 14:39 - 2015-05-24 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-08-04 14:39 - 2015-05-07 15:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-04 14:39 - 2015-05-06 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-08-04 14:39 - 2014-01-19 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-04 14:39 - 2013-10-11 07:43 - 00000000 ____D C:\Windows\system32\MpEngineStore
2015-08-04 14:39 - 2013-08-07 13:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-04 14:39 - 2013-05-10 17:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre
2015-08-04 14:39 - 2013-04-25 20:41 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-08-04 14:39 - 2013-04-12 18:21 - 00000000 ____D C:\Windows\system32\EventProviders
2015-08-04 14:39 - 2013-01-12 13:44 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-04 14:39 - 2013-01-12 13:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-04 14:39 - 2013-01-12 12:42 - 00000000 ____D C:\Program Files\ATI Technologies
2015-08-04 14:39 - 2013-01-12 01:37 - 00000000 ____D C:\ProgramData\AMD
2015-08-04 14:39 - 2009-07-14 17:36 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-04 14:39 - 2009-07-14 17:36 - 00000000 ____D C:\Windows\ShellNew
2015-08-04 14:39 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Recovery
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2015-08-04 14:39 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-08-04 13:26 - 2015-05-26 05:02 - 00000000 ____D C:\Users\xxx\AppData\Roaming\Raptr
2015-08-04 13:22 - 2013-01-12 12:44 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-04 13:20 - 2015-05-26 04:52 - 00000000 ____D C:\AMD
2015-08-04 10:47 - 2015-05-26 05:02 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-04 09:37 - 2015-05-19 16:02 - 00003996 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-08-04 09:37 - 2014-01-19 14:18 - 00002878 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-08-04 09:37 - 2013-04-13 18:09 - 00003300 _____ C:\Windows\System32\Tasks\SidebarExecute
2015-08-04 09:37 - 2013-01-11 23:09 - 00003962 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-04 09:37 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-08-03 10:34 - 2015-05-06 14:51 - 00000000 ____D C:\Users\xxx\Documents\My Games
2015-08-02 12:18 - 2015-05-24 18:16 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-07-27 11:11 - 2015-05-06 00:23 - 00000000 ___SD C:\Windows\system32\GWX
==================== Files in the root of some directories =======
2015-05-26 15:44 - 2015-05-26 15:44 - 0000017 _____ () C:\Users\xxx\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-03 19:28
==================== End of log ============================
Re: Conhost
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: Folder: C:\Users\xxx\AppData\Roaming\Microsoft\Networking HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd) Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-06-04] () Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-06-04] () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File CHR HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms} HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668 HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668 URLSearchHook: HKU\S-1-5-21-1483560829-4059200125-2850435868-1000 - (No Name) - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - No File SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms} SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms} FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] 2015-08-16 09:56 - 2015-08-16 09:56 - 00003003 _____ C:\AdwCleaner[C1].txt 2015-08-16 09:55 - 2015-08-16 09:56 - 00002711 _____ C:\AdwCleaner[S1].txt 2015-08-16 09:54 - 2015-08-16 09:56 - 00000000 ____D C:\AdwCleaner 2015-08-16 09:53 - 2015-08-16 09:53 - 01563648 _____ C:\Users\xxx\Desktop\adwcleaner_5.000.exe 2015-08-15 14:57 - 2015-08-15 14:57 - 00112640 _____ (forum.viry.cz) C:\Users\xxx\Desktop\FRSTLauncher.exe 2015-06-04 13:07 - 2015-06-04 13:08 - 07479296 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe 2015-06-04 13:07 - 2015-06-04 13:08 - 07479296 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe 2015-06-04 13:07 - 2015-06-04 13:07 - 02418688 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\winnet32b.exe C:\Users\xxx\AppData\Roaming\Microsoft\Networking EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
jaroslav.24
- Návštěvník
- Příspěvky: 71
- Registrován: 01 zář 2011 16:14
Re: Conhost
Fix result of Farbar Recovery Scan Tool (x64) Version:14-08-2015 01
Ran by xxx (2015-08-16 12:37:35) Run:1
Running from C:\Users\xxx\Desktop
Loaded Profiles: xxx (Available Profiles: xxx)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Folder: C:\Users\xxx\AppData\Roaming\Microsoft\Networking
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-06-04] ()
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-06-04] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
URLSearchHook: HKU\S-1-5-21-1483560829-4059200125-2850435868-1000 - (No Name) - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - No File
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
2015-08-16 09:56 - 2015-08-16 09:56 - 00003003 _____ C:\AdwCleaner[C1].txt
2015-08-16 09:55 - 2015-08-16 09:56 - 00002711 _____ C:\AdwCleaner[S1].txt
2015-08-16 09:54 - 2015-08-16 09:56 - 00000000 ____D C:\AdwCleaner
2015-08-16 09:53 - 2015-08-16 09:53 - 01563648 _____ C:\Users\xxx\Desktop\adwcleaner_5.000.exe
2015-08-15 14:57 - 2015-08-15 14:57 - 00112640 _____ (forum.viry.cz) C:\Users\xxx\Desktop\FRSTLauncher.exe
2015-06-04 13:07 - 2015-06-04 13:08 - 07479296 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
2015-06-04 13:07 - 2015-06-04 13:08 - 07479296 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
2015-06-04 13:07 - 2015-06-04 13:07 - 02418688 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\winnet32b.exe
C:\Users\xxx\AppData\Roaming\Microsoft\Networking
EmptyTemp:
End
*****************
Processes closed successfully.
========================= Folder: C:\Users\xxx\AppData\Roaming\Microsoft\Networking ========================
2015-06-04 13:07 - 2015-06-04 13:07 - 0494606 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\inet32upd.exe
2015-06-04 13:07 - 2015-06-04 13:07 - 0626176 _____ (The cURL library, http://curl.haxx.se/) C:\Users\xxx\AppData\Roaming\Microsoft\Networking\libcurl.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 1704448 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\xxx\AppData\Roaming\Microsoft\Networking\libeay32.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 0112142 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\libgcc_s_dw2-1.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 0279955 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\libidn-11.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 0148760 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\libpdcurses.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 0963232 _____ (Microsoft Corporation) C:\Users\xxx\AppData\Roaming\Microsoft\Networking\msvcr120.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 0119704 _____ (Open Source Software community LGPL) C:\Users\xxx\AppData\Roaming\Microsoft\Networking\pthreadGC2.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 0021201 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\skein.cl
2015-06-04 13:07 - 2015-06-04 13:07 - 0364544 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\xxx\AppData\Roaming\Microsoft\Networking\ssleay32.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 2418688 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\winnet32b.exe
2015-06-04 13:07 - 2015-06-04 13:07 - 0131598 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\zlib1.dll
====== End of Folder: ======
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe => moved successfully.
C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe => moved successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{9e35e959-d723-4b5f-9207-2a94f8ab9068} => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => key removed successfully
HKCR\Wow6432Node\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\AdwCleaner[C1].txt => moved successfully.
C:\AdwCleaner[S1].txt => moved successfully.
C:\AdwCleaner => moved successfully.
C:\Users\xxx\Desktop\adwcleaner_5.000.exe => moved successfully.
C:\Users\xxx\Desktop\FRSTLauncher.exe => moved successfully.
"C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe" => File/Folder not found.
"C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe" => File/Folder not found.
C:\Users\xxx\AppData\Roaming\Microsoft\Networking\winnet32b.exe => moved successfully.
C:\Users\xxx\AppData\Roaming\Microsoft\Networking => moved successfully.
EmptyTemp: => 225.9 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 12:37:50 ====
Ran by xxx (2015-08-16 12:37:35) Run:1
Running from C:\Users\xxx\Desktop
Loaded Profiles: xxx (Available Profiles: xxx)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Folder: C:\Users\xxx\AppData\Roaming\Microsoft\Networking
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-26] (Disc Soft Ltd)
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe [2015-06-04] ()
Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe [2015-06-04] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
CHR HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
URLSearchHook: HKU\S-1-5-21-1483560829-4059200125-2850435868-1000 - (No Name) - {9e35e959-d723-4b5f-9207-2a94f8ab9068} - No File
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
2015-08-16 09:56 - 2015-08-16 09:56 - 00003003 _____ C:\AdwCleaner[C1].txt
2015-08-16 09:55 - 2015-08-16 09:56 - 00002711 _____ C:\AdwCleaner[S1].txt
2015-08-16 09:54 - 2015-08-16 09:56 - 00000000 ____D C:\AdwCleaner
2015-08-16 09:53 - 2015-08-16 09:53 - 01563648 _____ C:\Users\xxx\Desktop\adwcleaner_5.000.exe
2015-08-15 14:57 - 2015-08-15 14:57 - 00112640 _____ (forum.viry.cz) C:\Users\xxx\Desktop\FRSTLauncher.exe
2015-06-04 13:07 - 2015-06-04 13:08 - 07479296 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe
2015-06-04 13:07 - 2015-06-04 13:08 - 07479296 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe
2015-06-04 13:07 - 2015-06-04 13:07 - 02418688 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\winnet32b.exe
C:\Users\xxx\AppData\Roaming\Microsoft\Networking
EmptyTemp:
End
*****************
Processes closed successfully.
========================= Folder: C:\Users\xxx\AppData\Roaming\Microsoft\Networking ========================
2015-06-04 13:07 - 2015-06-04 13:07 - 0494606 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\inet32upd.exe
2015-06-04 13:07 - 2015-06-04 13:07 - 0626176 _____ (The cURL library, http://curl.haxx.se/) C:\Users\xxx\AppData\Roaming\Microsoft\Networking\libcurl.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 1704448 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\xxx\AppData\Roaming\Microsoft\Networking\libeay32.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 0112142 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\libgcc_s_dw2-1.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 0279955 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\libidn-11.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 0148760 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\libpdcurses.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 0963232 _____ (Microsoft Corporation) C:\Users\xxx\AppData\Roaming\Microsoft\Networking\msvcr120.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 0119704 _____ (Open Source Software community LGPL) C:\Users\xxx\AppData\Roaming\Microsoft\Networking\pthreadGC2.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 0021201 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\skein.cl
2015-06-04 13:07 - 2015-06-04 13:07 - 0364544 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\xxx\AppData\Roaming\Microsoft\Networking\ssleay32.dll
2015-06-04 13:07 - 2015-06-04 13:07 - 2418688 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\winnet32b.exe
2015-06-04 13:07 - 2015-06-04 13:07 - 0131598 _____ () C:\Users\xxx\AppData\Roaming\Microsoft\Networking\zlib1.dll
====== End of Folder: ======
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe => moved successfully.
C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe => moved successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.
"HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\Main\\Search Bar => value removed successfully
HKU\S-1-5-21-1483560829-4059200125-2850435868-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{9e35e959-d723-4b5f-9207-2a94f8ab9068} => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0}" => key removed successfully
HKCR\Wow6432Node\CLSID\{15C4DF55-4B67-495A-A3D3-A497C4A49EE0} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\AdwCleaner[C1].txt => moved successfully.
C:\AdwCleaner[S1].txt => moved successfully.
C:\AdwCleaner => moved successfully.
C:\Users\xxx\Desktop\adwcleaner_5.000.exe => moved successfully.
C:\Users\xxx\Desktop\FRSTLauncher.exe => moved successfully.
"C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost32.exe" => File/Folder not found.
"C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\conhost64.exe" => File/Folder not found.
C:\Users\xxx\AppData\Roaming\Microsoft\Networking\winnet32b.exe => moved successfully.
C:\Users\xxx\AppData\Roaming\Microsoft\Networking => moved successfully.
EmptyTemp: => 225.9 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 12:37:50 ====
Re: Conhost
Takze jeste uklidime.
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
-
jaroslav.24
- Návštěvník
- Příspěvky: 71
- Registrován: 01 zář 2011 16:14
Re: Conhost
Děkuji. A moc.
Re: Conhost
Nemate zac, rad jsem pomohl 
Preju prijemnou nedeli.
Mejte se krasne a treba zase nekdy
Preju prijemnou nedeli.
Mejte se krasne a treba zase nekdy
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?