Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by Petr (administrator) on BIG-MIKE (06-11-2015 19:47:10)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(tsvr.com) C:\Users\Petr\AppData\Roaming\TSv\TSvr.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(DTools LIMITED) C:\ProgramData\7WdsManPro7\WdsManPro.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15081.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8510680 2015-09-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1394392 2015-09-04] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-741035711-12348475-2984234956-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-741035711-12348475-2984234956-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{b1c91c6b-557d-418b-ab35-b5f4c528fadd}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-19] (Oracle Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> hxxp://www.delta-homes.com/?type=hp&ts=1444632 ... 2_S3PHWT33
FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default
FF NewTab: chrome://quick_start/content/index.html
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @alawar.com/npapi -> C:\WINDOWS\npapi.dll [2014-01-29] (Alawar)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: sidebar - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\sidebarff@gmail.com [2015-11-06] [not signed]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\ich@maltegoetz.de.xpi [2015-08-16]
FF Extension: AdBlock for YouTube™ - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2015-09-20]
FF Extension: Google Translator for Firefox - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\translator@zoli.bod.xpi [2015-08-13]
FF Extension: Adblock Plus - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: Greasemonkey - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-09-30]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\extensions\defsearchp@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\extensions\deskCutv2@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\extensions\default_newtabff@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [sidebarff@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\extensions\sidebarff@gmail.com
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mibfbmhijjgpkmobcfdlelpccpeafoom] - <no Path/update_url>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-11] (Intel Corporation)
R2 IhPul; C:\Users\Petr\AppData\Roaming\TSv\TSvr.exe [396944 2015-09-21] (tsvr.com)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [298200 2015-09-04] (Realtek Semiconductor)
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [169632 2015-10-10] (TODO: <公司名>)
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-16] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WdsManPro; C:\ProgramData\7WdsManPro7\WdsManPro.exe [435712 2015-10-10] (DTools LIMITED) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-08-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-08-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-06 19:47 - 2015-11-06 19:48 - 00013520 _____ C:\Users\Petr\Desktop\FRST.txt
2015-11-06 19:47 - 2015-11-06 19:47 - 00000000 ____D C:\FRST
2015-11-06 19:46 - 2015-11-06 19:46 - 02198528 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-11-06 19:45 - 2015-11-06 19:46 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-11-06 19:31 - 2015-11-06 19:31 - 00016148 _____ C:\WINDOWS\system32\BIG-MIKE_Petr_HistoryPrediction.bin
2015-11-06 18:31 - 2015-11-06 18:31 - 00000001 _____ C:\WINDOWS\SysWOW64\en.html
2015-11-06 16:33 - 2015-11-06 16:33 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Brave Giant
2015-11-06 16:32 - 2015-11-06 19:00 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-06 16:30 - 2015-11-06 16:30 - 00000572 _____ C:\WINDOWS\PFRO.log
2015-11-06 16:24 - 2015-11-06 16:24 - 00002307 _____ C:\Users\Petr\Desktop\Hry zdarma.lnk
2015-11-06 16:24 - 2015-11-06 16:24 - 00002297 _____ C:\Users\Petr\Desktop\Nové hry.lnk
2015-11-06 16:24 - 2015-11-06 16:24 - 00001381 _____ C:\Users\Petr\Desktop\Lovci démonů 2 - Nová kapitola.lnk
2015-11-06 16:24 - 2015-11-06 16:24 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar
2015-11-06 16:21 - 2015-11-06 16:21 - 00000000 ____D C:\Program Files (x86)\Alawar.cs
2015-11-06 00:13 - 2015-11-06 01:10 - 1023723384 _____ C:\Users\Petr\Desktop\Fantomas-se-zlobí-2-CZ-Dabing,Dobrodružný,Komedie,-Francie,Itálie,-1965.avi
2015-11-05 14:58 - 2015-11-06 16:14 - 00370416 _____ C:\Users\Petr\Desktop\DemonHunter2ANewChapterCs_6D3394.exe
2015-11-05 14:14 - 2015-11-05 15:02 - 739599833 _____ C:\Users\Petr\Desktop\camy1.mkv
2015-11-04 22:01 - 2015-11-04 22:05 - 236962716 _____ C:\Users\Petr\Desktop\Saint.mp4
2015-11-03 12:16 - 2015-11-06 16:13 - 00000000 ____D C:\Users\Petr\AppData\Local\CrossLoop
2015-11-01 23:29 - 2015-11-01 23:29 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Teyon
2015-11-01 14:50 - 2015-11-01 16:23 - 1667264512 _____ C:\Users\Petr\Desktop\Sejmi.Prezidenta.2014.BDRip.XviD.CZ-TreZzoR.avi
2015-10-30 09:57 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 09:57 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 09:57 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 09:56 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 09:56 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 09:56 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 09:56 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 09:56 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 09:56 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 09:56 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 09:56 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 09:56 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 09:56 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 09:56 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 09:56 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 09:56 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 09:56 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 09:56 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 09:56 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 09:56 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 09:56 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 09:56 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 09:56 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 09:56 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 09:56 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 09:56 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 09:56 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 09:56 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 09:56 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 09:56 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 09:56 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 09:56 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 09:56 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 09:56 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-28 12:28 - 2015-10-28 12:28 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\IcarusGames
2015-10-27 22:12 - 2015-10-27 22:12 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Games
2015-10-27 18:19 - 2015-10-27 22:00 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Five-BN Games
2015-10-27 02:07 - 2015-10-27 02:07 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\N_Tri Studio
2015-10-25 17:27 - 2015-10-25 17:27 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Alawar Stargaze
2015-10-21 10:56 - 2015-10-21 10:56 - 00000000 ____D C:\WINDOWS\system32\log
2015-10-17 13:43 - 2015-10-17 13:43 - 00000000 ____D C:\Users\Petr\hirens
2015-10-15 07:30 - 2015-10-15 09:15 - 1622366208 _____ C:\Users\Petr\Desktop\terminator 3.avi
2015-10-14 00:35 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 00:35 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 00:35 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 00:35 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 00:35 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 00:35 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 00:35 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 00:35 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 00:35 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 00:35 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 00:35 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 00:35 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 00:35 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 00:35 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 00:35 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 00:35 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 00:35 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 00:35 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 00:35 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 00:35 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 00:35 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 00:35 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 00:35 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 00:35 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 00:35 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 00:35 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 00:35 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 00:35 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 00:35 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 00:35 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 00:35 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 00:35 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 00:35 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 00:35 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 00:35 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 00:35 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 00:35 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-12 07:47 - 2015-10-21 10:55 - 00000000 ____D C:\Users\Petr\AppData\Roaming\WinZipper
2015-10-12 07:47 - 2015-10-12 07:47 - 00000000 ____D C:\Program Files (x86)\SFK
2015-10-12 07:46 - 2015-10-12 07:47 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TSv
2015-10-12 07:46 - 2015-10-12 07:46 - 00000350 _____ C:\WINDOWS\SysWOW64\data.bin
2015-10-12 07:45 - 2015-10-12 07:46 - 00000000 ____D C:\ProgramData\7WdsManPro7
2015-10-11 17:57 - 2015-10-11 17:57 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-10-11 17:57 - 2015-10-11 17:57 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-10-11 17:57 - 2015-10-11 17:57 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-10-10 00:07 - 2015-10-12 20:49 - 00000333 _____ C:\Users\Petr\Desktop\111.txt
2015-10-09 16:51 - 2015-10-09 16:51 - 00000000 ____D C:\Users\Petr\AppData\Roaming\CyberCradle
2015-10-07 22:37 - 2015-10-07 22:37 - 00000000 ____D C:\Users\Petr\AppData\Roaming\AlawarEntertainment
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-06 19:46 - 2015-08-13 01:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-06 19:33 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-06 16:36 - 2015-08-13 00:32 - 00004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5DAED6D2-6611-4277-A0F6-5D0627307908}
2015-11-06 16:35 - 2015-08-16 13:58 - 01951294 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-06 16:35 - 2015-07-10 17:02 - 00808930 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-06 16:35 - 2015-07-10 17:02 - 00181640 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-06 16:32 - 2015-09-22 13:45 - 00000000 ____D C:\ProgramData\AlawarWrapper
2015-11-06 16:32 - 2015-08-12 23:58 - 00000000 ____D C:\Users\Petr\Documents\Youcam
2015-11-06 16:30 - 2015-08-15 23:17 - 00000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2015-11-06 16:30 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-06 16:30 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-06 16:12 - 2015-09-22 23:02 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hry.cz
2015-11-06 11:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-05 15:15 - 2015-09-22 23:09 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Artifex Mundi
2015-11-03 13:45 - 2015-08-13 20:20 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2015-11-02 02:09 - 2015-08-31 09:20 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-01 20:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-31 02:52 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 19:42 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 14:49 - 2015-08-31 09:19 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-27 13:54 - 2015-09-22 13:20 - 00000000 ____D C:\Users\Petr\Desktop\špidla
2015-10-27 13:54 - 2015-08-16 10:21 - 00000000 ____D C:\Users\Petr\Desktop\L+N
2015-10-26 13:44 - 2015-08-16 14:00 - 00000000 ____D C:\Users\Petr
2015-10-22 22:08 - 2015-08-24 18:52 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2015-10-22 13:02 - 2015-09-19 09:38 - 00000230 _____ C:\Users\Petr\Desktop\kassel.txt
2015-10-18 14:07 - 2015-09-18 14:07 - 00003234 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPetr
2015-10-18 14:07 - 2015-09-18 14:07 - 00000346 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job
2015-10-17 16:14 - 2015-09-09 17:33 - 00000270 __RSH C:\ProgramData\ntuser.pol
2015-10-16 04:10 - 2015-10-02 06:27 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-10-02 06:27 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 00:44 - 2015-08-15 14:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 00:39 - 2015-08-15 14:49 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-12 07:46 - 2015-08-13 00:39 - 00001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-12 07:46 - 2015-08-13 00:39 - 00001442 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-12 07:45 - 2015-10-04 15:05 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-12 07:45 - 2015-10-04 15:05 - 00000000 ____D C:\ProgramData\nWdsManPron
2015-10-12 07:44 - 2015-08-16 18:15 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-11 17:57 - 2015-08-16 13:54 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-10-11 17:57 - 2015-08-16 13:54 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-10-11 17:57 - 2015-07-30 21:46 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-10-11 17:57 - 2015-07-30 21:45 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-10-10 22:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-07 22:35 - 2015-10-03 20:02 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Opera Software
2015-10-07 09:15 - 2015-07-10 13:20 - 00231864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Files in the root of some directories =======
2015-09-29 22:04 - 2015-09-29 22:04 - 0004608 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-04 15:05 - 2015-10-12 07:45 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Petr\Desktop" je 10559 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
# AdwCleaner v5.018 - Logfile created 06/11/2015 at 21:25:30
# Updated 05/11/2015 by Xplode
# Database : 2015-11-03.2 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Petr - BIG-MIKE
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.018.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : SSFK
[-] Service Deleted : WdsManPro
[-] Service Deleted : IhPul
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\SFK
[-] Folder Deleted : C:\ProgramData\SecurityUtility
[-] Folder Deleted : C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8
[-] Folder Deleted : C:\ProgramData\7WdsManPro7
[-] Folder Deleted : C:\ProgramData\nWdsManPron
[-] Folder Deleted : C:\Users\Petr\AppData\Local\Amigo
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\istartsurf
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\WinZipper
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\Browser-Security
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\TSv
***** [ Files ] *****
[-] File Deleted : C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [default_newtabff@gmail.com]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [defsearchp@gmail.com]
[-] Key Deleted : HKCU\Software\V9
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
[-] Key Deleted : HKCU\Software\AppDataLow\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
[-] Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
[-] Key Deleted : HKLM\SOFTWARE\hdcode
[-] Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
[-] Key Deleted : HKLM\SOFTWARE\FFPluginHp
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\TSv
***** [ Web browsers ] *****
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "delta-homes");
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3018 bytes] ##########
# Updated 05/11/2015 by Xplode
# Database : 2015-11-03.2 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Petr - BIG-MIKE
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.018.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : SSFK
[-] Service Deleted : WdsManPro
[-] Service Deleted : IhPul
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\SFK
[-] Folder Deleted : C:\ProgramData\SecurityUtility
[-] Folder Deleted : C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8
[-] Folder Deleted : C:\ProgramData\7WdsManPro7
[-] Folder Deleted : C:\ProgramData\nWdsManPron
[-] Folder Deleted : C:\Users\Petr\AppData\Local\Amigo
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\istartsurf
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\WinZipper
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\Browser-Security
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\TSv
***** [ Files ] *****
[-] File Deleted : C:\WINDOWS\SysNative\log\iSafeKrnlCall.log
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [default_newtabff@gmail.com]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [defsearchp@gmail.com]
[-] Key Deleted : HKCU\Software\V9
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
[-] Key Deleted : HKCU\Software\AppDataLow\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
[-] Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
[-] Key Deleted : HKLM\SOFTWARE\hdcode
[-] Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
[-] Key Deleted : HKLM\SOFTWARE\FFPluginHp
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\TSv
***** [ Web browsers ] *****
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "delta-homes");
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3018 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by Petr (administrator) on BIG-MIKE (06-11-2015 22:25:03)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8510680 2015-09-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1394392 2015-09-04] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-741035711-12348475-2984234956-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-741035711-12348475-2984234956-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{b1c91c6b-557d-418b-ab35-b5f4c528fadd}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-19] (Oracle Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> hxxp://www.delta-homes.com/?type=hp&ts=1444632 ... 2_S3PHWT33
FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @alawar.com/npapi -> C:\WINDOWS\npapi.dll [2014-01-29] (Alawar)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: sidebar - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\sidebarff@gmail.com [2015-11-06] [not signed]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\ich@maltegoetz.de.xpi [2015-08-16]
FF Extension: AdBlock for YouTube™ - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2015-09-20]
FF Extension: Google Translator for Firefox - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\translator@zoli.bod.xpi [2015-08-13]
FF Extension: Adblock Plus - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: Greasemonkey - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-09-30]
FF HKLM-x32\...\Firefox\Extensions: [sidebarff@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\extensions\sidebarff@gmail.com
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mibfbmhijjgpkmobcfdlelpccpeafoom] - <no Path/update_url>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-11] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [298200 2015-09-04] (Realtek Semiconductor)
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-16] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-08-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-08-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-06 21:27 - 2015-11-06 21:27 - 00016148 _____ C:\WINDOWS\system32\BIG-MIKE_Petr_HistoryPrediction.bin
2015-11-06 21:19 - 2015-11-06 21:25 - 00000000 ____D C:\AdwCleaner
2015-11-06 21:19 - 2015-11-06 21:19 - 01713664 _____ C:\Users\Petr\Desktop\adwcleaner_5.018.exe
2015-11-06 19:49 - 2015-11-06 19:49 - 00010708 _____ C:\Users\Petr\Desktop\Addition.txt
2015-11-06 19:47 - 2015-11-06 22:25 - 00012035 _____ C:\Users\Petr\Desktop\FRST.txt
2015-11-06 19:47 - 2015-11-06 22:25 - 00000000 ____D C:\FRST
2015-11-06 19:46 - 2015-11-06 22:25 - 02198528 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-11-06 19:45 - 2015-11-06 19:46 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-11-06 16:33 - 2015-11-06 16:33 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Brave Giant
2015-11-06 16:32 - 2015-11-06 21:56 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-06 16:30 - 2015-11-06 16:30 - 00000572 _____ C:\WINDOWS\PFRO.log
2015-11-06 16:24 - 2015-11-06 16:24 - 00001381 _____ C:\Users\Petr\Desktop\Lovci démonů 2 - Nová kapitola.lnk
2015-11-06 16:24 - 2015-11-06 16:24 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar
2015-11-06 16:21 - 2015-11-06 16:21 - 00000000 ____D C:\Program Files (x86)\Alawar.cs
2015-11-06 00:13 - 2015-11-06 01:10 - 1023723384 _____ C:\Users\Petr\Desktop\Fantomas-se-zlobí-2-CZ-Dabing,Dobrodružný,Komedie,-Francie,Itálie,-1965.avi
2015-11-05 14:58 - 2015-11-06 16:14 - 00370416 _____ C:\Users\Petr\Desktop\DemonHunter2ANewChapterCs_6D3394.exe
2015-11-05 14:14 - 2015-11-05 15:02 - 739599833 _____ C:\Users\Petr\Desktop\camy1.mkv
2015-11-04 22:01 - 2015-11-04 22:05 - 236962716 _____ C:\Users\Petr\Desktop\Saint.mp4
2015-11-03 12:16 - 2015-11-06 16:13 - 00000000 ____D C:\Users\Petr\AppData\Local\CrossLoop
2015-11-01 23:29 - 2015-11-01 23:29 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Teyon
2015-11-01 14:50 - 2015-11-01 16:23 - 1667264512 _____ C:\Users\Petr\Desktop\Sejmi.Prezidenta.2014.BDRip.XviD.CZ-TreZzoR.avi
2015-10-30 09:57 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 09:57 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 09:57 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 09:56 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 09:56 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 09:56 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 09:56 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 09:56 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 09:56 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 09:56 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 09:56 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 09:56 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 09:56 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 09:56 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 09:56 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 09:56 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 09:56 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 09:56 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 09:56 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 09:56 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 09:56 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 09:56 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 09:56 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 09:56 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 09:56 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 09:56 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 09:56 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 09:56 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 09:56 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 09:56 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 09:56 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 09:56 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 09:56 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 09:56 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-28 12:28 - 2015-10-28 12:28 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\IcarusGames
2015-10-27 22:12 - 2015-10-27 22:12 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Games
2015-10-27 18:19 - 2015-10-27 22:00 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Five-BN Games
2015-10-27 02:07 - 2015-10-27 02:07 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\N_Tri Studio
2015-10-25 17:27 - 2015-10-25 17:27 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Alawar Stargaze
2015-10-21 10:56 - 2015-11-06 21:25 - 00000000 ____D C:\WINDOWS\system32\log
2015-10-17 13:43 - 2015-10-17 13:43 - 00000000 ____D C:\Users\Petr\hirens
2015-10-15 07:30 - 2015-10-15 09:15 - 1622366208 _____ C:\Users\Petr\Desktop\terminator 3.avi
2015-10-14 00:35 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 00:35 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 00:35 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 00:35 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 00:35 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 00:35 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 00:35 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 00:35 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 00:35 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 00:35 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 00:35 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 00:35 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 00:35 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 00:35 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 00:35 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 00:35 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 00:35 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 00:35 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 00:35 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 00:35 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 00:35 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 00:35 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 00:35 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 00:35 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 00:35 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 00:35 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 00:35 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 00:35 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 00:35 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 00:35 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 00:35 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 00:35 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 00:35 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 00:35 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 00:35 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 00:35 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 00:35 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-12 07:46 - 2015-10-12 07:46 - 00000350 _____ C:\WINDOWS\SysWOW64\data.bin
2015-10-11 17:57 - 2015-10-11 17:57 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-10-11 17:57 - 2015-10-11 17:57 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-10-11 17:57 - 2015-10-11 17:57 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-10-10 00:07 - 2015-10-12 20:49 - 00000333 _____ C:\Users\Petr\Desktop\111.txt
2015-10-09 16:51 - 2015-10-09 16:51 - 00000000 ____D C:\Users\Petr\AppData\Roaming\CyberCradle
2015-10-07 22:37 - 2015-10-07 22:37 - 00000000 ____D C:\Users\Petr\AppData\Roaming\AlawarEntertainment
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-06 21:46 - 2015-08-13 01:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-06 21:31 - 2015-08-16 13:58 - 01951294 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-06 21:31 - 2015-07-10 17:02 - 00808930 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-06 21:31 - 2015-07-10 17:02 - 00181640 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-06 21:28 - 2015-08-12 23:58 - 00000000 ____D C:\Users\Petr\Documents\Youcam
2015-11-06 21:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-06 21:26 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-06 21:25 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-06 16:36 - 2015-08-13 00:32 - 00004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5DAED6D2-6611-4277-A0F6-5D0627307908}
2015-11-06 16:32 - 2015-09-22 13:45 - 00000000 ____D C:\ProgramData\AlawarWrapper
2015-11-06 16:30 - 2015-08-15 23:17 - 00000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2015-11-06 16:12 - 2015-09-22 23:02 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hry.cz
2015-11-06 11:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-05 15:15 - 2015-09-22 23:09 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Artifex Mundi
2015-11-03 13:45 - 2015-08-13 20:20 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2015-11-02 02:09 - 2015-08-31 09:20 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-01 20:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-31 02:52 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 19:42 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 14:49 - 2015-08-31 09:19 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-27 13:54 - 2015-09-22 13:20 - 00000000 ____D C:\Users\Petr\Desktop\špidla
2015-10-27 13:54 - 2015-08-16 10:21 - 00000000 ____D C:\Users\Petr\Desktop\L+N
2015-10-26 13:44 - 2015-08-16 14:00 - 00000000 ____D C:\Users\Petr
2015-10-22 22:08 - 2015-08-24 18:52 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2015-10-22 13:02 - 2015-09-19 09:38 - 00000230 _____ C:\Users\Petr\Desktop\kassel.txt
2015-10-18 14:07 - 2015-09-18 14:07 - 00003234 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPetr
2015-10-18 14:07 - 2015-09-18 14:07 - 00000346 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job
2015-10-17 16:14 - 2015-09-09 17:33 - 00000270 __RSH C:\ProgramData\ntuser.pol
2015-10-16 04:10 - 2015-10-02 06:27 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-10-02 06:27 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 00:44 - 2015-08-15 14:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 00:39 - 2015-08-15 14:49 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-12 07:46 - 2015-08-13 00:39 - 00001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-12 07:46 - 2015-08-13 00:39 - 00001442 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-12 07:45 - 2015-10-04 15:05 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-12 07:44 - 2015-08-16 18:15 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-11 17:57 - 2015-08-16 13:54 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-10-11 17:57 - 2015-08-16 13:54 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-10-11 17:57 - 2015-07-30 21:46 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-10-11 17:57 - 2015-07-30 21:45 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-10-10 22:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-07 22:35 - 2015-10-03 20:02 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Opera Software
2015-10-07 09:15 - 2015-07-10 13:20 - 00231864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Files in the root of some directories =======
2015-09-29 22:04 - 2015-09-29 22:04 - 0004608 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-04 15:05 - 2015-10-12 07:45 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-04 20:12
==================== End of FRST.txt ============================
Ran by Petr (administrator) on BIG-MIKE (06-11-2015 22:25:03)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8510680 2015-09-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1394392 2015-09-04] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-741035711-12348475-2984234956-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-741035711-12348475-2984234956-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{b1c91c6b-557d-418b-ab35-b5f4c528fadd}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-19] (Oracle Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> hxxp://www.delta-homes.com/?type=hp&ts=1444632 ... 2_S3PHWT33
FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @alawar.com/npapi -> C:\WINDOWS\npapi.dll [2014-01-29] (Alawar)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: sidebar - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\sidebarff@gmail.com [2015-11-06] [not signed]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\ich@maltegoetz.de.xpi [2015-08-16]
FF Extension: AdBlock for YouTube™ - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2015-09-20]
FF Extension: Google Translator for Firefox - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\translator@zoli.bod.xpi [2015-08-13]
FF Extension: Adblock Plus - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: Greasemonkey - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-09-30]
FF HKLM-x32\...\Firefox\Extensions: [sidebarff@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\extensions\sidebarff@gmail.com
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mibfbmhijjgpkmobcfdlelpccpeafoom] - <no Path/update_url>
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-11] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [298200 2015-09-04] (Realtek Semiconductor)
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-16] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-08-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-08-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-06 21:27 - 2015-11-06 21:27 - 00016148 _____ C:\WINDOWS\system32\BIG-MIKE_Petr_HistoryPrediction.bin
2015-11-06 21:19 - 2015-11-06 21:25 - 00000000 ____D C:\AdwCleaner
2015-11-06 21:19 - 2015-11-06 21:19 - 01713664 _____ C:\Users\Petr\Desktop\adwcleaner_5.018.exe
2015-11-06 19:49 - 2015-11-06 19:49 - 00010708 _____ C:\Users\Petr\Desktop\Addition.txt
2015-11-06 19:47 - 2015-11-06 22:25 - 00012035 _____ C:\Users\Petr\Desktop\FRST.txt
2015-11-06 19:47 - 2015-11-06 22:25 - 00000000 ____D C:\FRST
2015-11-06 19:46 - 2015-11-06 22:25 - 02198528 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-11-06 19:45 - 2015-11-06 19:46 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-11-06 16:33 - 2015-11-06 16:33 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Brave Giant
2015-11-06 16:32 - 2015-11-06 21:56 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-06 16:30 - 2015-11-06 16:30 - 00000572 _____ C:\WINDOWS\PFRO.log
2015-11-06 16:24 - 2015-11-06 16:24 - 00001381 _____ C:\Users\Petr\Desktop\Lovci démonů 2 - Nová kapitola.lnk
2015-11-06 16:24 - 2015-11-06 16:24 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar
2015-11-06 16:21 - 2015-11-06 16:21 - 00000000 ____D C:\Program Files (x86)\Alawar.cs
2015-11-06 00:13 - 2015-11-06 01:10 - 1023723384 _____ C:\Users\Petr\Desktop\Fantomas-se-zlobí-2-CZ-Dabing,Dobrodružný,Komedie,-Francie,Itálie,-1965.avi
2015-11-05 14:58 - 2015-11-06 16:14 - 00370416 _____ C:\Users\Petr\Desktop\DemonHunter2ANewChapterCs_6D3394.exe
2015-11-05 14:14 - 2015-11-05 15:02 - 739599833 _____ C:\Users\Petr\Desktop\camy1.mkv
2015-11-04 22:01 - 2015-11-04 22:05 - 236962716 _____ C:\Users\Petr\Desktop\Saint.mp4
2015-11-03 12:16 - 2015-11-06 16:13 - 00000000 ____D C:\Users\Petr\AppData\Local\CrossLoop
2015-11-01 23:29 - 2015-11-01 23:29 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Teyon
2015-11-01 14:50 - 2015-11-01 16:23 - 1667264512 _____ C:\Users\Petr\Desktop\Sejmi.Prezidenta.2014.BDRip.XviD.CZ-TreZzoR.avi
2015-10-30 09:57 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 09:57 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 09:57 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 09:56 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 09:56 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 09:56 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 09:56 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 09:56 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 09:56 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 09:56 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 09:56 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 09:56 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 09:56 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 09:56 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 09:56 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 09:56 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 09:56 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 09:56 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 09:56 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 09:56 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 09:56 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 09:56 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 09:56 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 09:56 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 09:56 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 09:56 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 09:56 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 09:56 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 09:56 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 09:56 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 09:56 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 09:56 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 09:56 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 09:56 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-28 12:28 - 2015-10-28 12:28 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\IcarusGames
2015-10-27 22:12 - 2015-10-27 22:12 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Games
2015-10-27 18:19 - 2015-10-27 22:00 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Five-BN Games
2015-10-27 02:07 - 2015-10-27 02:07 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\N_Tri Studio
2015-10-25 17:27 - 2015-10-25 17:27 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Alawar Stargaze
2015-10-21 10:56 - 2015-11-06 21:25 - 00000000 ____D C:\WINDOWS\system32\log
2015-10-17 13:43 - 2015-10-17 13:43 - 00000000 ____D C:\Users\Petr\hirens
2015-10-15 07:30 - 2015-10-15 09:15 - 1622366208 _____ C:\Users\Petr\Desktop\terminator 3.avi
2015-10-14 00:35 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 00:35 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 00:35 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 00:35 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 00:35 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 00:35 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 00:35 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 00:35 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 00:35 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 00:35 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 00:35 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 00:35 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 00:35 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 00:35 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 00:35 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 00:35 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 00:35 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 00:35 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 00:35 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 00:35 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 00:35 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 00:35 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 00:35 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 00:35 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 00:35 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 00:35 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 00:35 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 00:35 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 00:35 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 00:35 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 00:35 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 00:35 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 00:35 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 00:35 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 00:35 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 00:35 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 00:35 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-12 07:46 - 2015-10-12 07:46 - 00000350 _____ C:\WINDOWS\SysWOW64\data.bin
2015-10-11 17:57 - 2015-10-11 17:57 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-10-11 17:57 - 2015-10-11 17:57 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-10-11 17:57 - 2015-10-11 17:57 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-10-10 00:07 - 2015-10-12 20:49 - 00000333 _____ C:\Users\Petr\Desktop\111.txt
2015-10-09 16:51 - 2015-10-09 16:51 - 00000000 ____D C:\Users\Petr\AppData\Roaming\CyberCradle
2015-10-07 22:37 - 2015-10-07 22:37 - 00000000 ____D C:\Users\Petr\AppData\Roaming\AlawarEntertainment
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-06 21:46 - 2015-08-13 01:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-06 21:31 - 2015-08-16 13:58 - 01951294 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-06 21:31 - 2015-07-10 17:02 - 00808930 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-06 21:31 - 2015-07-10 17:02 - 00181640 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-06 21:28 - 2015-08-12 23:58 - 00000000 ____D C:\Users\Petr\Documents\Youcam
2015-11-06 21:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-06 21:26 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-06 21:25 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-06 16:36 - 2015-08-13 00:32 - 00004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5DAED6D2-6611-4277-A0F6-5D0627307908}
2015-11-06 16:32 - 2015-09-22 13:45 - 00000000 ____D C:\ProgramData\AlawarWrapper
2015-11-06 16:30 - 2015-08-15 23:17 - 00000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2015-11-06 16:12 - 2015-09-22 23:02 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hry.cz
2015-11-06 11:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-05 15:15 - 2015-09-22 23:09 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Artifex Mundi
2015-11-03 13:45 - 2015-08-13 20:20 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2015-11-02 02:09 - 2015-08-31 09:20 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-01 20:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-31 02:52 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 19:42 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 14:49 - 2015-08-31 09:19 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-27 13:54 - 2015-09-22 13:20 - 00000000 ____D C:\Users\Petr\Desktop\špidla
2015-10-27 13:54 - 2015-08-16 10:21 - 00000000 ____D C:\Users\Petr\Desktop\L+N
2015-10-26 13:44 - 2015-08-16 14:00 - 00000000 ____D C:\Users\Petr
2015-10-22 22:08 - 2015-08-24 18:52 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2015-10-22 13:02 - 2015-09-19 09:38 - 00000230 _____ C:\Users\Petr\Desktop\kassel.txt
2015-10-18 14:07 - 2015-09-18 14:07 - 00003234 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPetr
2015-10-18 14:07 - 2015-09-18 14:07 - 00000346 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job
2015-10-17 16:14 - 2015-09-09 17:33 - 00000270 __RSH C:\ProgramData\ntuser.pol
2015-10-16 04:10 - 2015-10-02 06:27 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-10-02 06:27 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 00:44 - 2015-08-15 14:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 00:39 - 2015-08-15 14:49 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-12 07:46 - 2015-08-13 00:39 - 00001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-12 07:46 - 2015-08-13 00:39 - 00001442 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-12 07:45 - 2015-10-04 15:05 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-12 07:44 - 2015-08-16 18:15 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-11 17:57 - 2015-08-16 13:54 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-10-11 17:57 - 2015-08-16 13:54 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-10-11 17:57 - 2015-07-30 21:46 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-10-11 17:57 - 2015-07-30 21:45 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-10-10 22:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-07 22:35 - 2015-10-03 20:02 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Opera Software
2015-10-07 09:15 - 2015-07-10 13:20 - 00231864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
==================== Files in the root of some directories =======
2015-09-29 22:04 - 2015-09-29 22:04 - 0004608 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-04 15:05 - 2015-10-12 07:45 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-04 20:12
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
Edge HomeButtonPage: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> hxxp://www.delta-homes.com/?type=hp&ts= ... 2_S3PHWT33
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Fix result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by Petr (2015-11-06 22:56:41) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\Software Microsoft Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
Edge HomeButtonPage: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> hxxp://www.delta-homes.com/?type=hp&ts= ... 2_S3PHWT33
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
End
*****************
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ACE2902B-53E2-437C-B231-1A68E530FF27}" => key removed successfully
HKCR\CLSID\{ACE2902B-53E2-437C-B231-1A68E530FF27} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ACE2902B-53E2-437C-B231-1A68E530FF27}" => key removed successfully
HKCR\Wow6432Node\CLSID\{ACE2902B-53E2-437C-B231-1A68E530FF27} => key not found.
HKU\S-1-5-21-741035711-12348475-2984234956-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-741035711-12348475-2984234956-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-741035711-12348475-2984234956-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ACE2902B-53E2-437C-B231-1A68E530FF27}" => key removed successfully
HKCR\CLSID\{ACE2902B-53E2-437C-B231-1A68E530FF27} => key not found.
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage => value removed successfully
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully
==== End of Fixlog 22:56:41 ====
Ran by Petr (2015-11-06 22:56:41) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\Software Microsoft Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
Edge HomeButtonPage: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> hxxp://www.delta-homes.com/?type=hp&ts= ... 2_S3PHWT33
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
End
*****************
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ACE2902B-53E2-437C-B231-1A68E530FF27}" => key removed successfully
HKCR\CLSID\{ACE2902B-53E2-437C-B231-1A68E530FF27} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ACE2902B-53E2-437C-B231-1A68E530FF27}" => key removed successfully
HKCR\Wow6432Node\CLSID\{ACE2902B-53E2-437C-B231-1A68E530FF27} => key not found.
HKU\S-1-5-21-741035711-12348475-2984234956-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-741035711-12348475-2984234956-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-741035711-12348475-2984234956-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ACE2902B-53E2-437C-B231-1A68E530FF27}" => key removed successfully
HKCR\CLSID\{ACE2902B-53E2-437C-B231-1A68E530FF27} => key not found.
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage => value removed successfully
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully
==== End of Fixlog 22:56:41 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Smazáno a opraveno. Log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?