Dobrý den.
mám problém s pc zpomaluje se a někdy i sekne..asi vir....eset to nevyřešil ani malwarebytes.
log z FRST
¨
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
Ran by DUŠAN (administrator) on DUŠAN-PC (09-12-2015 12:30:57)
Running from C:\Users\DUŠAN\Desktop
Loaded Profiles: DUŠAN (Available Profiles: DUŠAN)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Inc.) C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Users\DUŠAN\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(BitTorrent Inc.) C:\Users\DUŠAN\AppData\Roaming\uTorrent\uTorrent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(BitTorrent Inc.) C:\Users\DUŠAN\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
() C:\Program Files (x86)\Common Files\NMSAccessU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(BitTorrent Inc.) C:\Users\DUŠAN\AppData\Roaming\uTorrent\updates\3.4.5_41372\utorrentie.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AMD) C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Users\DUŠAN\AppData\Roaming\VampireSagaHL\Caches\mdm
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\STInternetGuard.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-04-17] (Egis Technology Inc.)
HKLM\...\Run: [AutoLockProcess] => C:\Program Files\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe [451912 2010-06-03] (Acer Inc.)
HKLM\...\Run: [Acer PowerSaver] => C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe [536576 2009-04-17] (Acer Incorporated)
HKLM\...\Run: [Acer SmartBoot] => C:\Program Files\Acer\Acer SmartBoot\ASLTray.exe [448000 2009-05-13] (Acer Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13269064 2013-02-05] (Realtek Semiconductor)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [826368 2011-02-19] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3884368 2015-07-27] (Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5473104 2015-09-03] (Crawler Group, LLC)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-11-17] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-04-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [336992 2012-12-09] (Power Software Ltd)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1009288 2012-09-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-06-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Plugin Install] => C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [86016 2015-08-19] ()
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\DUŠAN\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-11-18] (AMD)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\DUŠAN\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92296 2012-12-19] ()
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [6875136 2013-03-27] (FreeDownloadManager.ORG)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [CCleaner Monitoring] => C:\PROGRAM FILES\CCLEANER\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [BlazeServoTool] => C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [286720 2010-03-06] (BlazeVideo Company)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50137728 2015-11-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [uTorrent] => C:\Users\DUŠAN\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-03] (BitTorrent Inc.)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: H - H:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: M - M:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: N - N:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {17270ab8-632a-11e4-93cf-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {203edf4a-1c75-11e4-a103-90fba6e0cb6c} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {30bf076c-c3b1-11e3-93ea-90fba6e0cb6c} - K:\LGAutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {322fd738-2ae9-11e4-b5a9-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {b2a22ed1-21f3-11e4-b55f-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {bf8f62c8-2c45-11e4-91b6-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {e725ba53-0e29-11e3-bfe2-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {ee93d2ea-fc80-11e4-b444-cc378fc26e2e} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => No File
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-04-17] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-04-17] (Egis Technology Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2296456D-B5B2-48AD-8BBF-AD9288CAF52D}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F3ECC031-1FB7-4B1A-8850-65F102911402}: [NameServer] 194.228.211.33 160.218.161.60
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.alawarhry.cz/?pid=6
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=extensa_e440&r=17360712g405pe426u125b46n17280
URLSearchHook: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2186473
SearchScopes: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ493
SearchScopes: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2186473
SearchScopes: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 -> {B3638E7E-30DD-4D75-872E-12A7B5870A41} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=^U3&apn_dtid=^YYYYYY^YY^CZ&apn_uid=8F4A9F7F-FAF8-49B7-8329-660CAC627673&apn_sauid=6D232B64-D508-4EA3-8890-5FE8340EB008
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard64.dll [2015-07-27] (Crawler Group, LLC)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\ProgramData\LangSoft\WebIE.dll [2013-04-30] ()
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation)
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard.dll [2015-07-27] (Crawler Group, LLC)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-03-11] (FreeDownloadManager.ORG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll [2013-04-30] ()
Toolbar: HKLM-x32 - @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\SysWow64\Msdxm6.ocx [2000-04-21] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Windows\SysWow64\Msdxm6.ocx [2000-04-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-11] (Adobe Systems, Inc.)
FF Plugin-x32: @alawar.com/npapi -> C:\Windows\npapi.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2011-09-09] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-19] (Apple Inc.)
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\askcom.xml [2013-02-08]
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\firmycz.xml [2012-10-15]
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\mapycz.xml [2012-10-15]
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\webdesignpodcast.xml [2014-01-10]
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\zbocz.xml [2012-10-15]
FF Extension: pushOK - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\pushOK@AlawarDigital.xpi [2014-05-28] [not signed]
FF Extension: Xinha Here! - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{5B280457-4290-40c2-9441-EA647775F824}.xpi [2015-06-09]
FF Extension: Torrent Finder Toolbar - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\TFToolbarX@torrent-finder.xpi [2015-07-09]
FF Extension: Video AdBlock for Firefox - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-10-04] [not signed]
FF Extension: Google Translator for Firefox - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\translator@zoli.bod.xpi [2015-11-02]
FF Extension: Seznam lištička - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2015-11-26]
FF Extension: No Name - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\Extensions\jid0-zs24wecdcQo0Lp18D7QOV4WSZFo@jetpack.xpi [2015-08-07] [not signed]
FF Extension: Google™ Translator - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2015-12-01]
FF Extension: Video DownloadHelper - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-07-30] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Překladač Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-18]
CHR Extension: (Prezentace Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-23]
CHR Extension: (Torrent Search) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2014-07-13]
CHR Extension: (Dokumenty Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-23]
CHR Extension: (Disk Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Web Design Project Online Marketplace) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdohnoncgnjdlijjpnebkggepaocgopo [2015-06-16]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-11-26]
CHR Extension: (YouTube) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-23]
CHR Extension: (VLC Media Player) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcjgjamoeolafobhnpnhjgpaobjehcp [2015-09-10]
CHR Extension: (Logo Maker) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciojdpgahhgdpmlhnocojjfhkfdmemdh [2015-01-31]
CHR Extension: (Vyhledávání Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (HTML Editor) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacmeeeegjoaddfondbeaaafohldgfof [2014-09-15]
CHR Extension: (PageEdit) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebkclgoaabaibghklgknnjdemknjaeic [2015-06-10]
CHR Extension: (Spyware Terminator Internet Guard) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\elbjpfdfllhaioofjgmiaekihidancnc [2015-07-28]
CHR Extension: (Easy WebContent Free HTML Editor) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\encbaekhkcjjmhbcghnlcaiifdmfeokn [2014-09-15]
CHR Extension: (Invite All (for Facebook)) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopekjehpibhfpjjcokfmhcaeiclddih [2015-08-07]
CHR Extension: (Tabulky Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-23]
CHR Extension: (uTorrent easy client) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfiejlelblhoaflnjajjjjkkgbeifpn [2015-12-06]
CHR Extension: (Web page captures from browser) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fomlbefjpamblimccfdomfgpgokdljcg [2015-06-09]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-11-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AlterNote Editor) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljkfahiahjhhpmpihngnommookkneji [2015-10-19]
CHR Extension: (HTML Editor for Drive) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmgpiigchjeclbkocfndppmhmfjdhbah [2015-06-09]
CHR Extension: (ShiftEdit) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2015-09-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-10-28]
CHR Extension: (Gmail) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Profile: C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-09]
CHR Extension: (Dokumenty Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-09]
CHR Extension: (Disk Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-09]
CHR Extension: (YouTube) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-09]
CHR Extension: (Vyhledávání Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-09]
CHR Extension: (Tabulky Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-09]
CHR Extension: (Bookmark Manager) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-09]
CHR Extension: (Freemake Video Converter) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2015-06-09]
CHR Extension: (Skype Click to Call) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-09]
CHR Extension: (Peněženka Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-09]
CHR Extension: (Gmail) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-09]
CHR HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-06-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 ASLSvc; C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe [502784 2009-05-13] (Acer Incorporated) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 eLockService; C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe [30016 2010-06-03] (Acer Inc.)
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2009-02-18] () [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NMSAccessU; C:\Program Files (x86)\Common Files\NMSAccessU.exe [65536 2007-01-25] () [File not signed]
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [77824 2011-01-03] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-01-22] (Crawler Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5400848 2014-11-03] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AgileVpn; C:\Program Files (x86)\WAN Miniport IKEv2\AgileVpn.exe "%SysData%" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-04-03] ()
S3 c_su_1b; C:\Windows\System32\Drivers\c_su_1b.sys [32750 2003-08-14] (Anoto AB) [File not signed]
S3 c_su_1b; C:\Windows\SysWOW64\Drivers\c_su_1b.sys [32750 2003-08-28] (Anoto AB) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R0 eLock2BurnerLockDriver; C:\Windows\System32\DRIVERS\eLock2BurnerLockDriver.sys [25120 2008-03-12] (Acer, Inc.)
R2 eLock2FSCTLDriver; C:\Windows\System32\DRIVERS\eLock2FSCTLDriver.sys [100384 2008-03-11] (Acer, Inc.)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [244736 2013-02-17] (Huawei Technologies Co., Ltd.)
R3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [164736 2015-10-07] (ITE )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-04-03] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-09] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-11-27] (Windows (R) Win 7 DDK provider)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-12-07] ()
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 DRIVER_B; \??\C:\Windows\system32\Drivers\DRIVER_BIN64 [X]
S1 iSafeKrnl; \??\C:\Program Files (x86)\iSafe\iSafeKrnl.sys [X]
S3 iSafeKrnlBoot; system32\DRIVERS\iSafeKrnlBoot.sys [X]
S1 iSafeKrnlKit; \??\C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys [X]
S1 iSafeKrnlR3; \??\C:\Program Files (x86)\iSafe\iSafeKrnlR3.sys [X]
S1 iSafeNetFilter; \??\C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]
S3 ProcessMonitor; \??\C:\Program Files\Safetica Free\ProcessMonitorDriver.sys [X]
S3 Safetica; \??\C:\Program Files\Safetica Free\safetica.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-09 12:30 - 2015-12-09 12:30 - 00043562 _____ C:\Users\DUŠAN\Desktop\FRST.txt
2015-12-09 12:30 - 2015-12-09 12:30 - 00000000 ____D C:\FRST
2015-12-09 12:29 - 2015-12-09 12:29 - 02369024 _____ (Farbar) C:\Users\DUŠAN\Desktop\FRST64.exe
2015-12-09 10:38 - 2015-12-09 10:39 - 00000000 ____D C:\Users\DUŠAN\Documents\malware_test
2015-12-09 10:38 - 2015-12-09 10:38 - 00000000 ____D C:\Nová složka
2015-12-09 09:43 - 2015-12-09 09:43 - 00000000 _____ C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-12-09 09:02 - 2015-12-09 09:10 - 00000000 ____D C:\ec00ee52fed569a60dd9b70e4b
2015-12-08 20:51 - 2015-12-08 20:51 - 00001416 _____ C:\Users\DUŠAN\Desktop\GravelySilent_HouseofDeadlockCE.exe – zástupce.lnk
2015-12-08 20:51 - 2015-12-08 20:51 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Enki Games
2015-12-08 18:53 - 2015-12-08 18:53 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView
2015-12-08 18:53 - 2015-12-08 18:53 - 00000000 ____D C:\Program Files (x86)\NirSoft
2015-12-08 14:42 - 2015-12-09 10:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-08 14:42 - 2015-12-08 14:42 - 00001070 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-08 14:42 - 2015-12-08 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-08 14:42 - 2015-12-08 14:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-08 14:42 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-08 14:42 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-08 14:37 - 2015-12-08 14:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-12-08 14:37 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-07 23:29 - 2015-12-07 23:29 - 00000000 ____D C:\c9e75cd517b8e8ef35b7
2015-12-07 22:56 - 2015-12-09 08:53 - 00000000 ____D C:\Users\DUŠAN\AppData\LocalLow\uTorrent
2015-12-07 22:14 - 2015-12-07 22:14 - 00001449 _____ C:\Users\DUŠAN\Desktop\Midnight Mysteries - Edgar Allan Poe Conspiracy.exe – zástupce.lnk
2015-12-07 14:11 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-07 14:11 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-07 14:11 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-07 14:11 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-07 14:11 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-07 14:11 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-07 14:11 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-07 14:11 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-06 18:04 - 2015-12-06 18:04 - 00000189 _____ C:\Users\DUŠAN\Documents\ahomeo.txt
2015-12-05 13:42 - 2015-12-05 13:42 - 00000000 ____D C:\Users\DUŠAN\Documents\My Filehippo Downloads
2015-12-05 11:43 - 2015-12-08 21:46 - 00235642 _____ C:\Windows\ntbtlog.txt
2015-12-04 15:24 - 2015-12-04 15:29 - 00038844 _____ C:\Users\DUŠAN\Documents\cc_20151204_152335.reg
2015-12-04 13:30 - 2015-12-04 13:30 - 00006696 ____N C:\bootsqm.dat
2015-11-25 10:35 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-11-25 10:35 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-25 10:35 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-25 10:35 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-25 10:35 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-25 10:35 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-25 10:35 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-25 10:35 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-11-25 10:35 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-11-25 10:35 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-22 14:50 - 2015-11-22 14:53 - 132866782 _____ C:\Users\DUŠAN\Downloads\DAO_PRC_CP_1_1.1 (1).dazip
2015-11-22 14:49 - 2015-11-22 14:53 - 132866782 _____ C:\Users\DUŠAN\Downloads\DAO_PRC_CP_1_1.1.dazip
2015-11-20 11:35 - 2015-11-20 11:35 - 08974253 _____ C:\Users\DUŠAN\Downloads\Flexibile French.wmv
2015-11-18 12:17 - 2015-11-18 12:17 - 00000000 ____D C:\Users\DUŠAN\Downloads\eset
2015-11-18 12:16 - 2015-11-18 12:16 - 00001258 _____ C:\Users\DUŠAN\Downloads\eset.zip
2015-11-18 11:27 - 2015-11-18 11:28 - 00000000 ____D C:\Users\DUŠAN\Documents\javagrafika
2015-11-18 11:06 - 2015-11-18 11:06 - 02975173 _____ C:\Users\DUŠAN\Downloads\Programujeme_hru_v_C.pdf
2015-11-18 11:03 - 2015-11-18 11:03 - 00000000 ____D C:\Users\DUŠAN\Downloads\ZdrojoveKodyDirectX_1
2015-11-15 12:06 - 2015-11-15 12:06 - 00046508 _____ C:\Users\DUŠAN\Downloads\cestne prohlaseni ele_plyn.pdf
2015-11-12 10:02 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 09:46 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 09:46 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 09:46 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 09:46 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 09:46 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 09:46 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 09:46 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 09:46 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 09:46 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 09:46 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 09:46 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 09:46 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 09:46 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 09:46 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 09:46 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 09:46 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 09:46 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 09:46 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 09:46 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 09:46 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 09:46 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 09:46 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 09:46 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 09:46 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 09:46 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 09:46 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 09:46 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 09:46 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 09:46 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 09:46 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 09:46 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 09:46 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 09:46 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 09:46 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 09:46 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 09:46 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 09:46 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 09:46 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 09:46 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 09:46 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 09:46 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 09:46 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 09:46 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 09:46 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 09:46 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 09:46 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 09:46 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 09:46 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 09:46 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 09:46 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 09:46 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 09:46 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 09:46 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 09:46 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 09:46 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 09:46 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 09:46 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 09:46 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 09:46 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 09:46 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 09:46 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 09:46 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 09:46 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 09:46 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 09:45 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 09:45 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 09:45 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 09:45 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 09:45 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 09:45 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 09:45 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 09:45 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 09:45 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 09:45 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 09:45 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 09:45 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 09:45 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 09:45 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 09:45 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 09:45 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 09:45 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 09:45 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 09:45 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 09:45 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 09:45 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 09:45 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 09:45 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 09:45 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 09:45 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 09:45 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 09:45 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 09:45 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 09:45 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 09:44 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 09:44 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 09:44 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 09:44 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 09:44 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 09:44 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 09:44 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 09:44 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 09:44 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 09:44 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 09:44 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 09:44 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 09:44 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 15:48 - 2015-11-27 17:28 - 00000000 ____D C:\ProgramData\BioWare
2015-11-10 15:37 - 2015-11-27 17:26 - 00000000 ____D C:\ProgramData\Media Center Programs
2015-11-09 20:06 - 2015-11-09 20:06 - 00002603 _____ C:\Users\Public\Desktop\PatchCleaner.lnk
2015-11-09 20:06 - 2015-11-09 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeDev
2015-11-09 20:06 - 2015-11-09 20:06 - 00000000 ____D C:\Program Files (x86)\HomeDev
2015-11-09 19:12 - 2015-11-09 19:12 - 00012366 _____ C:\Users\DUŠAN\Documents\cc_20151109_191244.reg
2015-11-09 17:06 - 2015-11-28 12:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-09 17:06 - 2015-11-09 17:06 - 00002011 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-09 17:06 - 2015-11-09 17:06 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-09 15:47 - 2015-11-09 15:47 - 00001991 _____ C:\Users\Public\Desktop\ExtremeCopy.lnk
2015-11-09 15:47 - 2015-11-09 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExtremeCopy
2015-11-09 15:47 - 2015-11-09 15:47 - 00000000 ____D C:\Program Files (x86)\Easersoft
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-09 12:32 - 2015-07-28 09:49 - 00000000 ____D C:\Users\DUŠAN\AppData\LocalLow\Spyware Terminator
2015-12-09 12:31 - 2012-08-05 13:54 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\uTorrent
2015-12-09 12:30 - 2009-10-05 22:17 - 00000000 ____D C:\Windows
2015-12-09 12:24 - 2014-01-08 12:09 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Skype
2015-12-09 12:20 - 2012-08-19 17:53 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-09 11:42 - 2015-04-17 16:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-09 10:51 - 2012-12-02 23:47 - 00000000 ____D C:\Program Files (x86)\Recepty doma
2015-12-09 10:20 - 2012-08-19 17:53 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-09 09:24 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-09 09:24 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-09 09:19 - 2014-06-12 09:41 - 00000000 ____D C:\Users\DUŠAN\AppData\Local\Adobe
2015-12-09 08:58 - 2012-12-08 10:51 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Seznam.cz
2015-12-09 08:52 - 2013-05-31 18:36 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2015-12-09 08:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-08 23:36 - 2014-03-04 01:34 - 00000000 ____D C:\Program Files (x86)\WAN Miniport IKEv2
2015-12-08 23:36 - 2010-06-10 07:41 - 00000000 ____D C:\Windows\Downloaded Installations
2015-12-08 23:35 - 2014-01-06 21:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-08 20:52 - 2012-07-19 11:08 - 00000000 ____D C:\ProgramData\Temp
2015-12-08 18:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-08 16:58 - 2014-11-27 10:40 - 00000000 ____D C:\ProgramData\Spyware Terminator
2015-12-08 14:42 - 2014-11-26 21:02 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Malwarebytes
2015-12-08 14:33 - 2012-08-22 17:33 - 00000000 ____D C:\Users\DUŠAN\Desktop\tvorba_www
2015-12-08 14:20 - 2012-10-02 23:10 - 00000000 ____D C:\Users\DUŠAN\AppData\Local\CrashDumps
2015-12-07 15:10 - 2013-04-29 13:39 - 00016152 _____ C:\Windows\system32\Drivers\SWDUMon.sys
2015-12-07 10:44 - 2015-08-04 14:20 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2015-12-06 21:29 - 2012-08-02 16:37 - 00000000 ____D C:\Users\DUŠAN\Downloads\torrenty
2015-12-05 21:33 - 2015-06-11 12:24 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-05 14:33 - 2012-07-19 20:38 - 00785038 _____ C:\Windows\system32\perfh005.dat
2015-12-05 14:33 - 2012-07-19 20:38 - 00185538 _____ C:\Windows\system32\perfc005.dat
2015-12-05 14:33 - 2009-07-14 06:13 - 01911202 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-05 14:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-05 14:22 - 2015-10-17 19:27 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\MPC-HC
2015-12-05 10:24 - 2015-05-02 11:30 - 00002147 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-04 22:39 - 2015-02-22 09:31 - 00000000 ____D C:\Users\DUŠAN\AppData\Local\JDownloader 2.0
2015-12-04 15:39 - 2013-07-19 00:14 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Free Download Manager
2015-12-04 14:49 - 2012-08-04 10:11 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-03 16:39 - 2012-12-13 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
2015-12-02 10:15 - 2012-08-19 17:53 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 10:15 - 2012-08-19 17:53 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-29 12:04 - 2015-10-04 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-11-29 12:04 - 2015-01-31 20:55 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-11-27 17:28 - 2014-12-18 15:54 - 00000000 ____D C:\Users\DUŠAN\Documents\BioWare
2015-11-27 17:26 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-26 17:56 - 2014-06-06 01:12 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Brave Giant
2015-11-26 09:40 - 2015-10-18 18:03 - 00000000 ____D C:\Windows\rescache
2015-11-26 08:49 - 2009-07-14 05:45 - 05482632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-24 08:54 - 2012-07-19 20:59 - 00000000 ____D C:\ProgramData\Skype
2015-11-23 17:03 - 2015-10-28 14:30 - 00000894 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2015-11-23 17:03 - 2015-10-28 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-11-23 17:03 - 2015-09-19 20:24 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2015-11-18 11:17 - 2013-10-13 19:25 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Notepad++
2015-11-11 23:49 - 2013-08-14 15:01 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 23:33 - 2014-02-19 11:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 23:33 - 2012-07-19 13:56 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 23:32 - 2010-06-10 07:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 23:16 - 2012-07-19 11:11 - 01885916 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 23:10 - 2009-07-14 03:34 - 00000864 _____ C:\Windows\win.ini
2015-11-11 23:09 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 09:42 - 2015-06-11 12:24 - 00003952 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-11-11 09:42 - 2015-04-17 16:49 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 09:42 - 2015-04-17 16:49 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 09:42 - 2015-04-17 16:49 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-10 14:50 - 2012-08-05 15:50 - 00000000 ____D C:\Users\DUŠAN\Documents\www
2015-11-10 14:47 - 2012-07-20 20:23 - 00000000 ____D C:\Users\DUŠAN\Documents\My Games
2015-11-10 14:44 - 2012-07-27 14:57 - 00000000 ____D C:\Users\DUŠAN\Documents\doc
2015-11-10 14:24 - 2014-09-15 16:27 - 00000000 ____D C:\Users\DUŠAN\Documents\Incomedia
2015-11-10 13:59 - 2015-04-22 22:00 - 00000000 ____D C:\Program Files (x86)\GStudio7
2015-11-10 13:59 - 2015-04-22 22:00 - 00000000 _____ C:\Windows\SysWOW64\WIN.INI
2015-11-10 13:59 - 2015-04-22 22:00 - 00000000 _____ C:\Windows\SysWOW64\SYSTEM.INI
2015-11-10 13:52 - 2014-01-01 13:38 - 00000000 ____D C:\Users\DUŠAN\Documents\Circuits
2015-11-10 13:36 - 2012-08-20 15:29 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2015-11-10 13:33 - 2013-12-03 13:11 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Brackets
2015-11-10 13:16 - 2015-03-30 18:17 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\QCAD
2015-11-10 12:51 - 2013-11-11 17:48 - 00000000 ____D C:\Program Files (x86)\WebSite X5 v10 - Professional
2015-11-10 12:36 - 2013-10-25 14:51 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Alzex
2015-11-10 12:35 - 2014-07-23 13:09 - 00000000 ____D C:\ProgramData\FitLinie
2015-11-10 12:12 - 2014-04-05 09:05 - 00000000 ____D C:\Users\DUŠAN\Desktop\be9
2015-11-10 12:12 - 2014-01-02 19:09 - 00000000 ____D C:\Users\DUŠAN\Desktop\udrba
2015-11-10 12:12 - 2013-07-16 10:32 - 00000000 ____D C:\Users\DUŠAN\Desktop\video
2015-11-10 12:12 - 2012-11-16 13:39 - 00000000 ____D C:\Users\DUŠAN\Desktop\grafika
2015-11-10 12:12 - 2012-11-16 11:25 - 00000000 ____D C:\Users\DUŠAN\Desktop\logo
2015-11-10 11:46 - 2012-11-16 11:26 - 00000000 ____D C:\Users\DUŠAN\Desktop\hry
2015-11-09 23:25 - 2013-10-16 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
2015-11-09 23:04 - 2010-06-10 08:01 - 00000000 ____D C:\ProgramData\Nero
2015-11-09 23:04 - 2010-06-10 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-11-09 23:04 - 2010-06-10 08:01 - 00000000 ____D C:\Program Files (x86)\Nero
2015-11-09 21:49 - 2012-11-29 16:30 - 00000000 ____D C:\QuickLogoDesigner
2015-11-09 21:08 - 2015-11-07 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-09 17:08 - 2014-12-26 11:16 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-09 17:06 - 2010-06-10 08:07 - 00000000 ____D C:\ProgramData\Adobe
2015-11-09 16:01 - 2012-07-19 12:50 - 00002570 _____ C:\Windows\wininit.ini
2015-11-09 16:01 - 2012-07-19 12:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-09 12:30 - 2014-10-31 17:13 - 00000000 ____D C:\ProgramData\CanonIJPLM
==================== Files in the root of some directories =======
2007-01-25 02:52 - 2007-01-25 02:52 - 0065536 _____ () C:\Program Files (x86)\Common Files\NMSAccessU.exe
2012-08-31 10:53 - 2013-06-14 19:41 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2012-12-14 19:32 - 2013-07-31 19:10 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2012-12-17 13:05 - 2014-11-23 15:21 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-06-26 14:51 - 2015-09-09 15:47 - 0000034 _____ () C:\Users\DUŠAN\AppData\Roaming\AdobeWLCMCache.dat
2013-03-14 18:47 - 2013-03-14 18:47 - 0000046 _____ () C:\Users\DUŠAN\AppData\Roaming\Camdata.ini
2013-03-14 18:47 - 2013-03-14 18:47 - 0000408 _____ () C:\Users\DUŠAN\AppData\Roaming\CamLayout.ini
2013-03-14 18:47 - 2013-03-14 18:47 - 0000408 _____ () C:\Users\DUŠAN\AppData\Roaming\CamShapes.ini
2013-03-14 18:47 - 2013-03-14 18:47 - 0004510 _____ () C:\Users\DUŠAN\AppData\Roaming\CamStudio.cfg
2013-04-05 17:19 - 2013-08-01 00:39 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Filtr IIIExport Adobe CS5 – předvolby
2014-09-27 23:31 - 2014-09-27 23:31 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2012-11-05 00:16 - 2012-11-05 00:16 - 0000355 _____ () C:\Users\DUŠAN\AppData\Roaming\fontcacheev1.dat
2014-02-23 15:18 - 2014-02-24 00:54 - 7978188 _____ () C:\Users\DUŠAN\AppData\Roaming\log.sflog
2015-09-13 16:19 - 2015-09-13 18:07 - 0000115 _____ () C:\Users\DUŠAN\AppData\Roaming\LogFile.txt
2014-05-21 15:03 - 2014-05-21 15:03 - 0000005 _____ () C:\Users\DUŠAN\AppData\Roaming\mbam.context.scan
2013-04-11 21:47 - 2015-10-04 19:08 - 0000164 _____ () C:\Users\DUŠAN\AppData\Roaming\PLGComp.ini
2015-06-21 14:31 - 2015-07-11 20:06 - 0040960 _____ () C:\Users\DUŠAN\AppData\Roaming\SharedSettings.ccs
2013-06-20 18:00 - 2014-08-16 00:40 - 0000600 _____ () C:\Users\DUŠAN\AppData\Roaming\winscp.rnd
2014-05-02 23:46 - 2014-11-23 14:31 - 0001728 _____ () C:\Users\DUŠAN\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2012-09-07 12:32 - 2014-11-11 13:35 - 0000079 _____ () C:\Users\DUŠAN\AppData\Local\CrystalDiskMark30.ini
2015-03-04 16:45 - 2015-09-05 17:20 - 0008192 _____ () C:\Users\DUŠAN\AppData\Local\file__0.localstorage
2015-03-31 21:33 - 2015-03-31 21:33 - 0000000 ___SH () C:\Users\DUŠAN\AppData\Local\LumaEmu
2015-10-06 11:04 - 2015-10-06 11:04 - 0010128 _____ () C:\Users\DUŠAN\AppData\Local\recently-used.xbel
2014-05-23 16:07 - 2015-03-08 16:46 - 0007606 _____ () C:\Users\DUŠAN\AppData\Local\Resmon.ResmonCfg
2012-11-18 17:11 - 2012-11-19 02:39 - 0001280 _____ () C:\Users\DUŠAN\AppData\Local\SRDownloader.nast
2013-06-12 11:14 - 2013-06-18 11:26 - 0000088 __RSH () C:\ProgramData\177580EEF3.sys
2014-01-19 15:37 - 2014-10-31 14:43 - 0007503 _____ () C:\ProgramData\hpzinstall.log
2013-06-12 11:14 - 2013-06-18 11:26 - 0002516 ___SH () C:\ProgramData\KGyGaAvL.sys
2015-10-07 15:39 - 2015-11-22 11:43 - 0006259 _____ () C:\ProgramData\LmeUSB.log
2015-10-07 15:39 - 2015-11-22 11:43 - 0006134 _____ () C:\ProgramData\LmeZJSW.log
2015-10-07 15:39 - 2015-11-22 11:43 - 0006253 _____ () C:\ProgramData\LSDmbTH.log
2012-11-02 14:18 - 2014-12-02 20:17 - 0000930 _____ () C:\ProgramData\{902EC888-8381-0DA4-9751-000054BD003C}
Files to move or delete:
====================
C:\Users\DUŠAN\comcat5.dll
Some files in TEMP:
====================
C:\Users\DUŠAN\AppData\Local\Temp\proxy_vole1905037336237296608.dll
C:\Users\DUŠAN\AppData\Local\Temp\proxy_vole3590127093329061244.dll
C:\Users\DUŠAN\AppData\Local\Temp\proxy_vole7113664343122068825.dll
C:\Users\DUŠAN\AppData\Local\Temp\proxy_vole7187740425757967247.dll
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\FlashPlayerInstaller.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-30 10:12
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
problém s pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pc
Zdravím!
Zkusíme vyčistit. Spusťte tuto utilitu:
Zkusíme vyčistit. Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém s pc
# AdwCleaner v5.024 - Logfile created 09/12/2015 at 18:54:42
# Updated 07/12/2015 by Xplode
# Database : 2015-12-07.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : DUŠAN - DUŠAN-PC
# Running from : C:\Users\DUŠAN\Desktop\adwcleaner_5.024.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : iSafeKrnl
[-] Service Deleted : iSafeKrnlBoot
[-] Service Deleted : iSafeKrnlKit
[-] Service Deleted : iSafeKrnlR3
[-] Service Deleted : iSafeNetFilter
[-] Service Deleted : sp_rsdrv2
[-] Service Deleted : swdumon
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Easeware
[-] Folder Deleted : C:\Program Files (x86)\GamesBar
[-] Folder Deleted : C:\Program Files (x86)\iSafe
[-] Folder Deleted : C:\Program Files (x86)\Torrent Search
[-] Folder Deleted : C:\ProgramData\Ask
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\Partner
[-] Folder Deleted : C:\ProgramData\SafetyNut
[-] Folder Deleted : C:\ProgramData\simplitec
[-] Folder Deleted : C:\ProgramData\Uniblue
[-] Folder Deleted : C:\ProgramData\CoffeeCup Shopping Cart Creator Pro
[-] Folder Deleted : C:\ProgramData\{c841aa7b-75fd-f440-c841-1aa7b75fa9ed}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torrent Search
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\Mobogenie
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\PutLockerDownloader
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\Innovative Solutions
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\Amigo
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\slimware utilities inc
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\21018
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\28050
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\DriverCure
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\iSafe
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\Media Finder
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\ParetoLogic
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\quickclick
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\simplitec
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\Easeware
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Files ] *****
[-] File Deleted : C:\Users\DUŠAN\daemonprocess.txt
[-] File Deleted : C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olakgnkoldmagdblaalodobkmeokmgjj_0.localstorage
[-] File Deleted : C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\Extensions\jid0-zs24wecdcQo0Lp18D7QOV4WSZFo@jetpack.xpi
[-] File Deleted : C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\Askcom.xml
[-] File Deleted : C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] File Deleted : C:\Windows\SysNative\drivers\swdumon.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : Express FilesUpdate
[-] Task Deleted : Scheduled Update for Ask Toolbar
[-] Task Deleted : YourFile Update
[-] Task Deleted : MdmUpdateTaskMachineCore
[-] Task Deleted : YourFile Update
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
[-] Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\MF
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
[-] Key Deleted : HKCU\Software\fa3c99036e85131dab81f132665aa15a
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Key Deleted : HKCU\Software\Ask.com
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\ExpressFiles
[-] Key Deleted : HKCU\Software\IGearSettings
[-] Key Deleted : HKCU\Software\MediaFinder
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\PIP
[-] Key Deleted : HKCU\Software\powerpack
[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
[-] Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Driver-Soft
[-] Key Deleted : HKLM\SOFTWARE\ExpressFiles
[-] Key Deleted : HKLM\SOFTWARE\iSafe
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[!] Key Not Deleted : HKLM\SOFTWARE\Uniblue\DriverScanner
[-] Key Deleted : HKLM\SOFTWARE\YourFileDownloader
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3638E7E-30DD-4D75-872E-12A7B5870A41}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
***** [ Web browsers ] *****
[-] [C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\prefs.js] [Preference] Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\14.2.0.1");
[-] [C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[-] [C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\prefs.js] [Preference] Deleted : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : daemon-search.com
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : babylon.com
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.icq.com
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dednnpigldgdbpgcdpfppmlcnnbjciel
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jcdgjdiieiljkfkdcloehkohchhpekkn
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nbmafkdmkkckhggblphicnnhlgljnoje
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : pfmopbbadnfoelckkcmjjeaaegjpjjbk
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : daemon-search.com
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : babylon.com
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : search.icq.com
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Secure Preferences] [Extension] Deleted : cmaiofennmphjldldcpphcechfnnohja
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Secure Preferences] [Extension] Deleted : jbolfgndggfhhpbnkgnpjkfhinclbigj
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [16905 bytes] ##########
# Updated 07/12/2015 by Xplode
# Database : 2015-12-07.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : DUŠAN - DUŠAN-PC
# Running from : C:\Users\DUŠAN\Desktop\adwcleaner_5.024.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : iSafeKrnl
[-] Service Deleted : iSafeKrnlBoot
[-] Service Deleted : iSafeKrnlKit
[-] Service Deleted : iSafeKrnlR3
[-] Service Deleted : iSafeNetFilter
[-] Service Deleted : sp_rsdrv2
[-] Service Deleted : swdumon
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Easeware
[-] Folder Deleted : C:\Program Files (x86)\GamesBar
[-] Folder Deleted : C:\Program Files (x86)\iSafe
[-] Folder Deleted : C:\Program Files (x86)\Torrent Search
[-] Folder Deleted : C:\ProgramData\Ask
[-] Folder Deleted : C:\ProgramData\ParetoLogic
[-] Folder Deleted : C:\ProgramData\Partner
[-] Folder Deleted : C:\ProgramData\SafetyNut
[-] Folder Deleted : C:\ProgramData\simplitec
[-] Folder Deleted : C:\ProgramData\Uniblue
[-] Folder Deleted : C:\ProgramData\CoffeeCup Shopping Cart Creator Pro
[-] Folder Deleted : C:\ProgramData\{c841aa7b-75fd-f440-c841-1aa7b75fa9ed}
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\YourFileDownloader
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torrent Search
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\Mobogenie
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\PutLockerDownloader
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\Innovative Solutions
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\Amigo
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\slimware utilities inc
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\21018
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\28050
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\DriverCure
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\iSafe
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\Media Finder
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\ParetoLogic
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\quickclick
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\simplitec
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\Easeware
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
[-] Folder Deleted : C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[-] Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
***** [ Files ] *****
[-] File Deleted : C:\Users\DUŠAN\daemonprocess.txt
[-] File Deleted : C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_olakgnkoldmagdblaalodobkmeokmgjj_0.localstorage
[-] File Deleted : C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\Extensions\jid0-zs24wecdcQo0Lp18D7QOV4WSZFo@jetpack.xpi
[-] File Deleted : C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\Askcom.xml
[-] File Deleted : C:\Windows\SysNative\log\iSafeKrnlCall.log
[-] File Deleted : C:\Windows\SysNative\drivers\swdumon.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : Express FilesUpdate
[-] Task Deleted : Scheduled Update for Ask Toolbar
[-] Task Deleted : YourFile Update
[-] Task Deleted : MdmUpdateTaskMachineCore
[-] Task Deleted : YourFile Update
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv
[-] Task Deleted : AVG-Secure-Search-Update_JUNE2013_TB_rmv
***** [ Registry ] *****
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
[-] Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\MF
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
[-] Key Deleted : HKCU\Software\fa3c99036e85131dab81f132665aa15a
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D637FAD-E202-48D1-8F18-5B9C459BD1E3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5411D116-5A37-47D4-B154-5F7FCD9062F0}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
[-] Key Deleted : HKCU\Software\Ask.com
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\ExpressFiles
[-] Key Deleted : HKCU\Software\IGearSettings
[-] Key Deleted : HKCU\Software\MediaFinder
[-] Key Deleted : HKCU\Software\ParetoLogic
[-] Key Deleted : HKCU\Software\PIP
[-] Key Deleted : HKCU\Software\powerpack
[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
[-] Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\Driver-Soft
[-] Key Deleted : HKLM\SOFTWARE\ExpressFiles
[-] Key Deleted : HKLM\SOFTWARE\iSafe
[-] Key Deleted : HKLM\SOFTWARE\PIP
[-] Key Deleted : HKLM\SOFTWARE\Uniblue
[!] Key Not Deleted : HKLM\SOFTWARE\Uniblue\DriverScanner
[-] Key Deleted : HKLM\SOFTWARE\YourFileDownloader
[-] Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3638E7E-30DD-4D75-872E-12A7B5870A41}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
***** [ Web browsers ] *****
[-] [C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\prefs.js] [Preference] Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\14.2.0.1");
[-] [C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\prefs.js] [Preference] Deleted : user_pref("browser.search.defaultengine", "Ask.com");
[-] [C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\prefs.js] [Preference] Deleted : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : daemon-search.com
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : babylon.com
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : search.icq.com
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : dednnpigldgdbpgcdpfppmlcnnbjciel
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jbolfgndggfhhpbnkgnpjkfhinclbigj
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jcdgjdiieiljkfkdcloehkohchhpekkn
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nbmafkdmkkckhggblphicnnhlgljnoje
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ndibdjnfmopecpmkdieinmbadjfpblof
[-] [C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : pfmopbbadnfoelckkcmjjeaaegjpjjbk
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : daemon-search.com
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : babylon.com
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] [Search Provider] Deleted : search.icq.com
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Secure Preferences] [Extension] Deleted : cmaiofennmphjldldcpphcechfnnohja
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Secure Preferences] [Extension] Deleted : dhkplhfnhceodhffomolpfigojocbpcb
[-] [C:\Users\DUŠAN\AppData\Local\Comodo\Dragon\User Data\Default\Secure Preferences] [Extension] Deleted : jbolfgndggfhhpbnkgnpjkfhinclbigj
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [16905 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pc
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém s pc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
Ran by DUŠAN (administrator) on DUŠAN-PC (09-12-2015 20:25:11)
Running from C:\Users\DUŠAN\Desktop
Loaded Profiles: DUŠAN (Available Profiles: DUŠAN)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Acer Incorporated) C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Inc.) C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Users\DUŠAN\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
() C:\Program Files (x86)\Common Files\NMSAccessU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(BlazeVideo Company) C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\DUŠAN\AppData\Roaming\uTorrent\uTorrent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-04-17] (Egis Technology Inc.)
HKLM\...\Run: [AutoLockProcess] => C:\Program Files\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe [451912 2010-06-03] (Acer Inc.)
HKLM\...\Run: [Acer PowerSaver] => C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe [536576 2009-04-17] (Acer Incorporated)
HKLM\...\Run: [Acer SmartBoot] => C:\Program Files\Acer\Acer SmartBoot\ASLTray.exe [448000 2009-05-13] (Acer Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13269064 2013-02-05] (Realtek Semiconductor)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [826368 2011-02-19] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3884368 2015-07-27] (Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5473104 2015-09-03] (Crawler Group, LLC)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-11-17] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-04-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [336992 2012-12-09] (Power Software Ltd)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1009288 2012-09-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-06-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Plugin Install] => C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [86016 2015-08-19] ()
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\DUŠAN\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-11-18] (AMD)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\DUŠAN\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92296 2012-12-19] ()
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [6875136 2013-03-27] (FreeDownloadManager.ORG)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [CCleaner Monitoring] => C:\PROGRAM FILES\CCLEANER\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [BlazeServoTool] => C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [286720 2010-03-06] (BlazeVideo Company)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50137728 2015-11-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [uTorrent] => C:\Users\DUŠAN\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-03] (BitTorrent Inc.)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: H - H:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: M - M:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: N - N:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {17270ab8-632a-11e4-93cf-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {203edf4a-1c75-11e4-a103-90fba6e0cb6c} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {30bf076c-c3b1-11e3-93ea-90fba6e0cb6c} - K:\LGAutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {322fd738-2ae9-11e4-b5a9-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {b2a22ed1-21f3-11e4-b55f-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {bf8f62c8-2c45-11e4-91b6-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {e725ba53-0e29-11e3-bfe2-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {ee93d2ea-fc80-11e4-b444-cc378fc26e2e} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => No File
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-04-17] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-04-17] (Egis Technology Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2296456D-B5B2-48AD-8BBF-AD9288CAF52D}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F3ECC031-1FB7-4B1A-8850-65F102911402}: [NameServer] 194.228.211.33 160.218.161.60
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.alawarhry.cz/?pid=6
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=extensa_e440&r=17360712g405pe426u125b46n17280
URLSearchHook: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ493
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard64.dll [2015-07-27] (Crawler Group, LLC)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\ProgramData\LangSoft\WebIE.dll [2013-04-30] ()
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation)
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard.dll [2015-07-27] (Crawler Group, LLC)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-03-11] (FreeDownloadManager.ORG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll [2013-04-30] ()
Toolbar: HKLM-x32 - @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\SysWow64\Msdxm6.ocx [2000-04-21] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Windows\SysWow64\Msdxm6.ocx [2000-04-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-11] (Adobe Systems, Inc.)
FF Plugin-x32: @alawar.com/npapi -> C:\Windows\npapi.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2011-09-09] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-19] (Apple Inc.)
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\firmycz.xml [2012-10-15]
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\mapycz.xml [2012-10-15]
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\webdesignpodcast.xml [2014-01-10]
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\zbocz.xml [2012-10-15]
FF Extension: pushOK - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\pushOK@AlawarDigital.xpi [2014-05-28] [not signed]
FF Extension: Xinha Here! - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{5B280457-4290-40c2-9441-EA647775F824}.xpi [2015-06-09]
FF Extension: Torrent Finder Toolbar - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\TFToolbarX@torrent-finder.xpi [2015-07-09]
FF Extension: Video AdBlock for Firefox - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-10-04] [not signed]
FF Extension: Google Translator for Firefox - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\translator@zoli.bod.xpi [2015-11-02]
FF Extension: No Name - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: No Name - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2015-12-01] [not signed]
FF Extension: Video DownloadHelper - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-07-30] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Překladač Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-18]
CHR Extension: (Prezentace Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-23]
CHR Extension: (Torrent Search) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2014-07-13]
CHR Extension: (Dokumenty Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-23]
CHR Extension: (Disk Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Web Design Project Online Marketplace) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdohnoncgnjdlijjpnebkggepaocgopo [2015-06-16]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-11-26]
CHR Extension: (YouTube) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-23]
CHR Extension: (VLC Media Player) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcjgjamoeolafobhnpnhjgpaobjehcp [2015-09-10]
CHR Extension: (Logo Maker) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciojdpgahhgdpmlhnocojjfhkfdmemdh [2015-01-31]
CHR Extension: (Vyhledávání Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (HTML Editor) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacmeeeegjoaddfondbeaaafohldgfof [2014-09-15]
CHR Extension: (PageEdit) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebkclgoaabaibghklgknnjdemknjaeic [2015-06-10]
CHR Extension: (Spyware Terminator Internet Guard) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\elbjpfdfllhaioofjgmiaekihidancnc [2015-07-28]
CHR Extension: (Easy WebContent Free HTML Editor) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\encbaekhkcjjmhbcghnlcaiifdmfeokn [2014-09-15]
CHR Extension: (Invite All (for Facebook)) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopekjehpibhfpjjcokfmhcaeiclddih [2015-08-07]
CHR Extension: (Tabulky Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-23]
CHR Extension: (uTorrent easy client) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfiejlelblhoaflnjajjjjkkgbeifpn [2015-12-06]
CHR Extension: (Web page captures from browser) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fomlbefjpamblimccfdomfgpgokdljcg [2015-06-09]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-11-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AlterNote Editor) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljkfahiahjhhpmpihngnommookkneji [2015-10-19]
CHR Extension: (HTML Editor for Drive) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmgpiigchjeclbkocfndppmhmfjdhbah [2015-06-09]
CHR Extension: (ShiftEdit) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2015-09-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-10-28]
CHR Extension: (Gmail) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Profile: C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-09]
CHR Extension: (Dokumenty Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-09]
CHR Extension: (Disk Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-09]
CHR Extension: (YouTube) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-09]
CHR Extension: (Vyhledávání Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-09]
CHR Extension: (Tabulky Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-09]
CHR Extension: (Bookmark Manager) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-09]
CHR Extension: (Freemake Video Converter) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2015-06-09]
CHR Extension: (Skype Click to Call) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-09]
CHR Extension: (Peněženka Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-09]
CHR Extension: (Gmail) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-09]
CHR HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 ASLSvc; C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe [502784 2009-05-13] (Acer Incorporated) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 eLockService; C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe [30016 2010-06-03] (Acer Inc.)
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2009-02-18] () [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NMSAccessU; C:\Program Files (x86)\Common Files\NMSAccessU.exe [65536 2007-01-25] () [File not signed]
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [77824 2011-01-03] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-01-22] (Crawler Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5400848 2014-11-03] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AgileVpn; C:\Program Files (x86)\WAN Miniport IKEv2\AgileVpn.exe "%SysData%" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-04-03] ()
S3 c_su_1b; C:\Windows\System32\Drivers\c_su_1b.sys [32750 2003-08-14] (Anoto AB) [File not signed]
S3 c_su_1b; C:\Windows\SysWOW64\Drivers\c_su_1b.sys [32750 2003-08-28] (Anoto AB) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R0 eLock2BurnerLockDriver; C:\Windows\System32\DRIVERS\eLock2BurnerLockDriver.sys [25120 2008-03-12] (Acer, Inc.)
R2 eLock2FSCTLDriver; C:\Windows\System32\DRIVERS\eLock2FSCTLDriver.sys [100384 2008-03-11] (Acer, Inc.)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [244736 2013-02-17] (Huawei Technologies Co., Ltd.)
R3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [164736 2015-10-07] (ITE )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-04-03] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-09] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows (R) Win 7 DDK provider)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 DRIVER_B; \??\C:\Windows\system32\Drivers\DRIVER_BIN64 [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]
S3 ProcessMonitor; \??\C:\Program Files\Safetica Free\ProcessMonitorDriver.sys [X]
S3 Safetica; \??\C:\Program Files\Safetica Free\safetica.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-09 20:25 - 2015-12-09 20:25 - 00040724 _____ C:\Users\DUŠAN\Desktop\FRST.txt
2015-12-09 19:04 - 2015-12-09 19:04 - 00017061 _____ C:\Users\DUŠAN\Desktop\adwarecleaner.txt
2015-12-09 18:48 - 2015-12-09 18:48 - 01738240 _____ C:\Users\DUŠAN\Desktop\adwcleaner_5.024.exe
2015-12-09 12:48 - 2015-12-09 12:48 - 00025834 _____ C:\Users\DUŠAN\Desktop\Addition.rar
2015-12-09 12:30 - 2015-12-09 20:25 - 00000000 ____D C:\FRST
2015-12-09 12:29 - 2015-12-09 12:29 - 02369024 _____ (Farbar) C:\Users\DUŠAN\Desktop\FRST64.exe
2015-12-09 10:38 - 2015-12-09 10:39 - 00000000 ____D C:\Users\DUŠAN\Documents\malware_test
2015-12-09 10:38 - 2015-12-09 10:38 - 00000000 ____D C:\Nová složka
2015-12-08 20:51 - 2015-12-08 20:51 - 00001416 _____ C:\Users\DUŠAN\Desktop\GravelySilent_HouseofDeadlockCE.exe – zástupce.lnk
2015-12-08 20:51 - 2015-12-08 20:51 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Enki Games
2015-12-08 18:53 - 2015-12-08 18:53 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView
2015-12-08 18:53 - 2015-12-08 18:53 - 00000000 ____D C:\Program Files (x86)\NirSoft
2015-12-08 14:42 - 2015-12-09 10:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-08 14:42 - 2015-12-08 14:42 - 00001070 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-08 14:42 - 2015-12-08 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-08 14:42 - 2015-12-08 14:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-08 14:42 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-08 14:42 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-08 14:37 - 2015-12-08 14:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-12-08 14:37 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-07 23:29 - 2015-12-07 23:29 - 00000000 ____D C:\c9e75cd517b8e8ef35b7
2015-12-07 22:14 - 2015-12-07 22:14 - 00001449 _____ C:\Users\DUŠAN\Desktop\Midnight Mysteries - Edgar Allan Poe Conspiracy.exe – zástupce.lnk
2015-12-07 14:11 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-07 14:11 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-07 14:11 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-07 14:11 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-07 14:11 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-07 14:11 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-07 14:11 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-07 14:11 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-06 18:04 - 2015-12-06 18:04 - 00000189 _____ C:\Users\DUŠAN\Documents\ahomeo.txt
2015-12-05 13:42 - 2015-12-05 13:42 - 00000000 ____D C:\Users\DUŠAN\Documents\My Filehippo Downloads
2015-12-05 11:43 - 2015-12-09 14:06 - 00281664 _____ C:\Windows\ntbtlog.txt
2015-12-04 15:24 - 2015-12-04 15:29 - 00038844 _____ C:\Users\DUŠAN\Documents\cc_20151204_152335.reg
2015-12-04 13:30 - 2015-12-04 13:30 - 00006696 ____N C:\bootsqm.dat
2015-11-25 10:35 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-11-25 10:35 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-25 10:35 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-25 10:35 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-25 10:35 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-25 10:35 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-25 10:35 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-25 10:35 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-11-25 10:35 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-11-25 10:35 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-22 14:50 - 2015-11-22 14:53 - 132866782 _____ C:\Users\DUŠAN\Downloads\DAO_PRC_CP_1_1.1 (1).dazip
2015-11-22 14:49 - 2015-11-22 14:53 - 132866782 _____ C:\Users\DUŠAN\Downloads\DAO_PRC_CP_1_1.1.dazip
2015-11-20 11:35 - 2015-11-20 11:35 - 08974253 _____ C:\Users\DUŠAN\Downloads\Flexibile French.wmv
2015-11-18 12:17 - 2015-11-18 12:17 - 00000000 ____D C:\Users\DUŠAN\Downloads\eset
2015-11-18 12:16 - 2015-11-18 12:16 - 00001258 _____ C:\Users\DUŠAN\Downloads\eset.zip
2015-11-18 11:27 - 2015-11-18 11:28 - 00000000 ____D C:\Users\DUŠAN\Documents\javagrafika
2015-11-18 11:06 - 2015-11-18 11:06 - 02975173 _____ C:\Users\DUŠAN\Downloads\Programujeme_hru_v_C.pdf
2015-11-18 11:03 - 2015-11-18 11:03 - 00000000 ____D C:\Users\DUŠAN\Downloads\ZdrojoveKodyDirectX_1
2015-11-15 12:06 - 2015-11-15 12:06 - 00046508 _____ C:\Users\DUŠAN\Downloads\cestne prohlaseni ele_plyn.pdf
2015-11-12 10:02 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 09:46 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 09:46 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 09:46 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 09:46 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 09:46 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 09:46 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 09:46 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 09:46 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 09:46 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 09:46 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 09:46 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 09:46 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 09:46 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 09:46 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 09:46 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 09:46 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 09:46 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 09:46 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 09:46 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 09:46 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 09:46 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 09:46 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 09:46 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 09:46 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 09:46 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 09:46 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 09:46 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 09:46 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 09:46 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 09:46 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 09:46 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 09:46 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 09:46 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 09:46 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 09:46 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 09:46 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 09:46 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 09:46 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 09:46 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 09:46 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 09:46 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 09:46 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 09:46 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 09:46 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 09:46 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 09:46 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 09:46 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 09:46 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 09:46 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 09:46 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 09:46 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 09:46 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 09:46 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 09:46 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 09:46 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 09:46 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 09:46 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 09:46 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 09:46 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 09:46 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 09:46 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 09:46 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 09:46 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 09:46 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 09:45 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 09:45 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 09:45 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 09:45 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 09:45 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 09:45 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 09:45 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 09:45 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 09:45 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 09:45 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 09:45 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 09:45 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 09:45 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 09:45 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 09:45 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 09:45 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 09:45 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 09:45 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 09:45 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 09:45 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 09:45 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 09:45 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 09:45 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 09:45 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 09:45 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 09:45 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 09:45 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 09:45 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 09:45 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 09:44 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 09:44 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 09:44 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 09:44 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 09:44 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 09:44 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 09:44 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 09:44 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 09:44 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 09:44 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 09:44 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 09:44 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 09:44 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 15:48 - 2015-11-27 17:28 - 00000000 ____D C:\ProgramData\BioWare
2015-11-10 15:37 - 2015-11-27 17:26 - 00000000 ____D C:\ProgramData\Media Center Programs
2015-11-09 20:06 - 2015-11-09 20:06 - 00002603 _____ C:\Users\Public\Desktop\PatchCleaner.lnk
2015-11-09 20:06 - 2015-11-09 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeDev
2015-11-09 20:06 - 2015-11-09 20:06 - 00000000 ____D C:\Program Files (x86)\HomeDev
2015-11-09 19:12 - 2015-11-09 19:12 - 00012366 _____ C:\Users\DUŠAN\Documents\cc_20151109_191244.reg
2015-11-09 17:06 - 2015-11-28 12:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-09 17:06 - 2015-11-09 17:06 - 00002011 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-09 17:06 - 2015-11-09 17:06 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-09 15:47 - 2015-11-09 15:47 - 00001991 _____ C:\Users\Public\Desktop\ExtremeCopy.lnk
2015-11-09 15:47 - 2015-11-09 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExtremeCopy
2015-11-09 15:47 - 2015-11-09 15:47 - 00000000 ____D C:\Program Files (x86)\Easersoft
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-09 20:23 - 2012-08-05 13:54 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\uTorrent
2015-12-09 20:20 - 2012-08-19 17:53 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-09 20:13 - 2014-01-08 12:09 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Skype
2015-12-09 20:00 - 2015-07-28 09:49 - 00000000 ____D C:\Users\DUŠAN\AppData\LocalLow\Spyware Terminator
2015-12-09 19:51 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-09 19:51 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-09 19:43 - 2015-04-17 16:49 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 19:43 - 2015-04-17 16:49 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 19:43 - 2015-04-17 16:49 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 19:43 - 2015-04-17 16:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-09 19:42 - 2012-12-08 10:51 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Seznam.cz
2015-12-09 19:37 - 2012-08-19 17:53 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-09 19:37 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-09 18:56 - 2014-06-24 10:52 - 00000000 ____D C:\Windows\system32\log
2015-12-09 18:56 - 2012-07-19 10:55 - 00000000 ____D C:\Users\DUŠAN
2015-12-09 18:54 - 2014-11-30 14:52 - 00000000 ____D C:\AdwCleaner
2015-12-09 18:47 - 2012-07-19 11:08 - 00000000 ____D C:\ProgramData\Temp
2015-12-09 16:04 - 2012-10-02 23:10 - 00000000 ____D C:\Users\DUŠAN\AppData\Local\CrashDumps
2015-12-09 12:34 - 2009-10-05 22:17 - 00000000 ____D C:\Windows
2015-12-09 10:51 - 2012-12-02 23:47 - 00000000 ____D C:\Program Files (x86)\Recepty doma
2015-12-09 09:19 - 2014-06-12 09:41 - 00000000 ____D C:\Users\DUŠAN\AppData\Local\Adobe
2015-12-08 23:36 - 2014-03-04 01:34 - 00000000 ____D C:\Program Files (x86)\WAN Miniport IKEv2
2015-12-08 23:36 - 2010-06-10 07:41 - 00000000 ____D C:\Windows\Downloaded Installations
2015-12-08 23:35 - 2014-01-06 21:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-08 18:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-08 16:58 - 2014-11-27 10:40 - 00000000 ____D C:\ProgramData\Spyware Terminator
2015-12-08 14:42 - 2014-11-26 21:02 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Malwarebytes
2015-12-08 14:33 - 2012-08-22 17:33 - 00000000 ____D C:\Users\DUŠAN\Desktop\tvorba_www
2015-12-07 10:44 - 2015-08-04 14:20 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2015-12-06 21:29 - 2012-08-02 16:37 - 00000000 ____D C:\Users\DUŠAN\Downloads\torrenty
2015-12-05 21:33 - 2015-06-11 12:24 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-05 14:33 - 2012-07-19 20:38 - 00785038 _____ C:\Windows\system32\perfh005.dat
2015-12-05 14:33 - 2012-07-19 20:38 - 00185538 _____ C:\Windows\system32\perfc005.dat
2015-12-05 14:33 - 2009-07-14 06:13 - 01911202 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-05 14:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-05 14:22 - 2015-10-17 19:27 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\MPC-HC
2015-12-05 10:24 - 2015-05-02 11:30 - 00002147 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-04 22:39 - 2015-02-22 09:31 - 00000000 ____D C:\Users\DUŠAN\AppData\Local\JDownloader 2.0
2015-12-04 15:39 - 2013-07-19 00:14 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Free Download Manager
2015-12-04 14:49 - 2012-08-04 10:11 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-02 10:15 - 2012-08-19 17:53 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 10:15 - 2012-08-19 17:53 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-29 12:04 - 2015-10-04 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-11-29 12:04 - 2015-01-31 20:55 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-11-27 17:28 - 2014-12-18 15:54 - 00000000 ____D C:\Users\DUŠAN\Documents\BioWare
2015-11-27 17:26 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-26 17:56 - 2014-06-06 01:12 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Brave Giant
2015-11-26 09:40 - 2015-10-18 18:03 - 00000000 ____D C:\Windows\rescache
2015-11-26 08:49 - 2009-07-14 05:45 - 05482632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-24 08:54 - 2012-07-19 20:59 - 00000000 ____D C:\ProgramData\Skype
2015-11-23 17:03 - 2015-10-28 14:30 - 00000894 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2015-11-23 17:03 - 2015-10-28 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-11-23 17:03 - 2015-09-19 20:24 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2015-11-18 11:17 - 2013-10-13 19:25 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Notepad++
2015-11-11 23:49 - 2013-08-14 15:01 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 23:33 - 2014-02-19 11:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 23:33 - 2012-07-19 13:56 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 23:32 - 2010-06-10 07:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 23:16 - 2012-07-19 11:11 - 01885916 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 23:10 - 2009-07-14 03:34 - 00000864 _____ C:\Windows\win.ini
2015-11-11 23:09 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 09:42 - 2015-06-11 12:24 - 00003952 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-11-10 14:50 - 2012-08-05 15:50 - 00000000 ____D C:\Users\DUŠAN\Documents\www
2015-11-10 14:47 - 2012-07-20 20:23 - 00000000 ____D C:\Users\DUŠAN\Documents\My Games
2015-11-10 14:44 - 2012-07-27 14:57 - 00000000 ____D C:\Users\DUŠAN\Documents\doc
2015-11-10 14:24 - 2014-09-15 16:27 - 00000000 ____D C:\Users\DUŠAN\Documents\Incomedia
2015-11-10 13:59 - 2015-04-22 22:00 - 00000000 ____D C:\Program Files (x86)\GStudio7
2015-11-10 13:59 - 2015-04-22 22:00 - 00000000 _____ C:\Windows\SysWOW64\WIN.INI
2015-11-10 13:59 - 2015-04-22 22:00 - 00000000 _____ C:\Windows\SysWOW64\SYSTEM.INI
2015-11-10 13:52 - 2014-01-01 13:38 - 00000000 ____D C:\Users\DUŠAN\Documents\Circuits
2015-11-10 13:36 - 2012-08-20 15:29 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2015-11-10 13:33 - 2013-12-03 13:11 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Brackets
2015-11-10 13:16 - 2015-03-30 18:17 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\QCAD
2015-11-10 12:51 - 2013-11-11 17:48 - 00000000 ____D C:\Program Files (x86)\WebSite X5 v10 - Professional
2015-11-10 12:36 - 2013-10-25 14:51 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Alzex
2015-11-10 12:35 - 2014-07-23 13:09 - 00000000 ____D C:\ProgramData\FitLinie
2015-11-10 12:12 - 2014-04-05 09:05 - 00000000 ____D C:\Users\DUŠAN\Desktop\be9
2015-11-10 12:12 - 2014-01-02 19:09 - 00000000 ____D C:\Users\DUŠAN\Desktop\udrba
2015-11-10 12:12 - 2013-07-16 10:32 - 00000000 ____D C:\Users\DUŠAN\Desktop\video
2015-11-10 12:12 - 2012-11-16 13:39 - 00000000 ____D C:\Users\DUŠAN\Desktop\grafika
2015-11-10 12:12 - 2012-11-16 11:25 - 00000000 ____D C:\Users\DUŠAN\Desktop\logo
2015-11-10 11:46 - 2012-11-16 11:26 - 00000000 ____D C:\Users\DUŠAN\Desktop\hry
2015-11-09 23:25 - 2013-10-16 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
2015-11-09 23:04 - 2010-06-10 08:01 - 00000000 ____D C:\ProgramData\Nero
2015-11-09 23:04 - 2010-06-10 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-11-09 23:04 - 2010-06-10 08:01 - 00000000 ____D C:\Program Files (x86)\Nero
2015-11-09 21:49 - 2012-11-29 16:30 - 00000000 ____D C:\QuickLogoDesigner
2015-11-09 21:08 - 2015-11-07 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-09 17:08 - 2014-12-26 11:16 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-09 17:06 - 2010-06-10 08:07 - 00000000 ____D C:\ProgramData\Adobe
2015-11-09 16:01 - 2012-07-19 12:50 - 00002570 _____ C:\Windows\wininit.ini
2015-11-09 16:01 - 2012-07-19 12:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-09 12:30 - 2014-10-31 17:13 - 00000000 ____D C:\ProgramData\CanonIJPLM
==================== Files in the root of some directories =======
2007-01-25 02:52 - 2007-01-25 02:52 - 0065536 _____ () C:\Program Files (x86)\Common Files\NMSAccessU.exe
2012-08-31 10:53 - 2013-06-14 19:41 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2012-12-14 19:32 - 2013-07-31 19:10 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2012-12-17 13:05 - 2014-11-23 15:21 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-06-26 14:51 - 2015-09-09 15:47 - 0000034 _____ () C:\Users\DUŠAN\AppData\Roaming\AdobeWLCMCache.dat
2013-03-14 18:47 - 2013-03-14 18:47 - 0000046 _____ () C:\Users\DUŠAN\AppData\Roaming\Camdata.ini
2013-03-14 18:47 - 2013-03-14 18:47 - 0000408 _____ () C:\Users\DUŠAN\AppData\Roaming\CamLayout.ini
2013-03-14 18:47 - 2013-03-14 18:47 - 0000408 _____ () C:\Users\DUŠAN\AppData\Roaming\CamShapes.ini
2013-03-14 18:47 - 2013-03-14 18:47 - 0004510 _____ () C:\Users\DUŠAN\AppData\Roaming\CamStudio.cfg
2013-04-05 17:19 - 2013-08-01 00:39 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Filtr IIIExport Adobe CS5 – předvolby
2014-09-27 23:31 - 2014-09-27 23:31 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2012-11-05 00:16 - 2012-11-05 00:16 - 0000355 _____ () C:\Users\DUŠAN\AppData\Roaming\fontcacheev1.dat
2014-02-23 15:18 - 2014-02-24 00:54 - 7978188 _____ () C:\Users\DUŠAN\AppData\Roaming\log.sflog
2015-09-13 16:19 - 2015-09-13 18:07 - 0000115 _____ () C:\Users\DUŠAN\AppData\Roaming\LogFile.txt
2014-05-21 15:03 - 2014-05-21 15:03 - 0000005 _____ () C:\Users\DUŠAN\AppData\Roaming\mbam.context.scan
2013-04-11 21:47 - 2015-10-04 19:08 - 0000164 _____ () C:\Users\DUŠAN\AppData\Roaming\PLGComp.ini
2015-06-21 14:31 - 2015-07-11 20:06 - 0040960 _____ () C:\Users\DUŠAN\AppData\Roaming\SharedSettings.ccs
2013-06-20 18:00 - 2014-08-16 00:40 - 0000600 _____ () C:\Users\DUŠAN\AppData\Roaming\winscp.rnd
2014-05-02 23:46 - 2014-11-23 14:31 - 0001728 _____ () C:\Users\DUŠAN\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2012-09-07 12:32 - 2014-11-11 13:35 - 0000079 _____ () C:\Users\DUŠAN\AppData\Local\CrystalDiskMark30.ini
2015-03-04 16:45 - 2015-09-05 17:20 - 0008192 _____ () C:\Users\DUŠAN\AppData\Local\file__0.localstorage
2015-03-31 21:33 - 2015-03-31 21:33 - 0000000 ___SH () C:\Users\DUŠAN\AppData\Local\LumaEmu
2015-10-06 11:04 - 2015-10-06 11:04 - 0010128 _____ () C:\Users\DUŠAN\AppData\Local\recently-used.xbel
2014-05-23 16:07 - 2015-03-08 16:46 - 0007606 _____ () C:\Users\DUŠAN\AppData\Local\Resmon.ResmonCfg
2012-11-18 17:11 - 2012-11-19 02:39 - 0001280 _____ () C:\Users\DUŠAN\AppData\Local\SRDownloader.nast
2013-06-12 11:14 - 2013-06-18 11:26 - 0000088 __RSH () C:\ProgramData\177580EEF3.sys
2014-01-19 15:37 - 2014-10-31 14:43 - 0007503 _____ () C:\ProgramData\hpzinstall.log
2013-06-12 11:14 - 2013-06-18 11:26 - 0002516 ___SH () C:\ProgramData\KGyGaAvL.sys
2015-10-07 15:39 - 2015-11-22 11:43 - 0006259 _____ () C:\ProgramData\LmeUSB.log
2015-10-07 15:39 - 2015-11-22 11:43 - 0006134 _____ () C:\ProgramData\LmeZJSW.log
2015-10-07 15:39 - 2015-11-22 11:43 - 0006253 _____ () C:\ProgramData\LSDmbTH.log
2012-11-02 14:18 - 2014-12-02 20:17 - 0000930 _____ () C:\ProgramData\{902EC888-8381-0DA4-9751-000054BD003C}
Files to move or delete:
====================
C:\Users\DUŠAN\comcat5.dll
Some files in TEMP:
====================
C:\Users\DUŠAN\AppData\Local\Temp\proxy_vole1905037336237296608.dll
C:\Users\DUŠAN\AppData\Local\Temp\proxy_vole3590127093329061244.dll
C:\Users\DUŠAN\AppData\Local\Temp\proxy_vole7113664343122068825.dll
C:\Users\DUŠAN\AppData\Local\Temp\proxy_vole7187740425757967247.dll
C:\Users\DUŠAN\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-30 10:12
==================== End of FRST.txt ============================
Ran by DUŠAN (administrator) on DUŠAN-PC (09-12-2015 20:25:11)
Running from C:\Users\DUŠAN\Desktop
Loaded Profiles: DUŠAN (Available Profiles: DUŠAN)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(Acer Incorporated) C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Acer Inc.) C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
() C:\Users\DUŠAN\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
() C:\Program Files (x86)\Common Files\NMSAccessU.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(BlazeVideo Company) C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(BitTorrent Inc.) C:\Users\DUŠAN\AppData\Roaming\uTorrent\uTorrent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
() C:\ProgramData\O2 Internet\OnlineUpdate\ouc.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonServer.exe
(AMD) C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-04-17] (Egis Technology Inc.)
HKLM\...\Run: [AutoLockProcess] => C:\Program Files\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe [451912 2010-06-03] (Acer Inc.)
HKLM\...\Run: [Acer PowerSaver] => C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe [536576 2009-04-17] (Acer Incorporated)
HKLM\...\Run: [Acer SmartBoot] => C:\Program Files\Acer\Acer SmartBoot\ASLTray.exe [448000 2009-05-13] (Acer Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13269064 2013-02-05] (Realtek Semiconductor)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [826368 2011-02-19] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [3884368 2015-07-27] (Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5473104 2015-09-03] (Crawler Group, LLC)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-11-17] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-04-17] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [336992 2012-12-09] (Power Software Ltd)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1009288 2012-09-13] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-06-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Plugin Install] => C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [86016 2015-08-19] ()
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\DUŠAN\AppData\Roaming\Seznam.cz\szninstall.exe [1009288 2012-09-13] ()
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-11-18] (AMD)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\DUŠAN\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92296 2012-12-19] ()
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [6875136 2013-03-27] (FreeDownloadManager.ORG)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [CCleaner Monitoring] => C:\PROGRAM FILES\CCLEANER\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [BlazeServoTool] => C:\Program Files (x86)\BlazeVideo\BlazeDTV 6.0\MediaDetector.exe [286720 2010-03-06] (BlazeVideo Company)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50137728 2015-11-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [uTorrent] => C:\Users\DUŠAN\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-03] (BitTorrent Inc.)
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: H - H:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: M - M:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: N - N:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {17270ab8-632a-11e4-93cf-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {203edf4a-1c75-11e4-a103-90fba6e0cb6c} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {30bf076c-c3b1-11e3-93ea-90fba6e0cb6c} - K:\LGAutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {322fd738-2ae9-11e4-b5a9-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {b2a22ed1-21f3-11e4-b55f-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {bf8f62c8-2c45-11e4-91b6-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {e725ba53-0e29-11e3-bfe2-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {ee93d2ea-fc80-11e4-b444-cc378fc26e2e} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => No File
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-04-17] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-04-17] (Egis Technology Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2296456D-B5B2-48AD-8BBF-AD9288CAF52D}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F3ECC031-1FB7-4B1A-8850-65F102911402}: [NameServer] 194.228.211.33 160.218.161.60
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.alawarhry.cz/?pid=6
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=extensa_e440&r=17360712g405pe426u125b46n17280
URLSearchHook: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ493
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation)
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard64.dll [2015-07-27] (Crawler Group, LLC)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\ProgramData\LangSoft\WebIE.dll [2013-04-30] ()
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation)
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard.dll [2015-07-27] (Crawler Group, LLC)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-03-11] (FreeDownloadManager.ORG)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\ProgramData\LangSoft\WebIE.dll [2013-04-30] ()
Toolbar: HKLM-x32 - @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\Windows\SysWow64\Msdxm6.ocx [2000-04-21] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: vnd.ms.radio - {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} - C:\Windows\SysWow64\Msdxm6.ocx [2000-04-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-11] (Adobe Systems, Inc.)
FF Plugin-x32: @alawar.com/npapi -> C:\Windows\npapi.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2011-09-09] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-08-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-08-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-08-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-08-19] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-08-19] (Apple Inc.)
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\firmycz.xml [2012-10-15]
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\mapycz.xml [2012-10-15]
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\webdesignpodcast.xml [2014-01-10]
FF SearchPlugin: C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\searchplugins\zbocz.xml [2012-10-15]
FF Extension: pushOK - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\pushOK@AlawarDigital.xpi [2014-05-28] [not signed]
FF Extension: Xinha Here! - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{5B280457-4290-40c2-9441-EA647775F824}.xpi [2015-06-09]
FF Extension: Torrent Finder Toolbar - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\TFToolbarX@torrent-finder.xpi [2015-07-09]
FF Extension: Video AdBlock for Firefox - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{a00bef25-f21a-4539-adbb-b179b29e2b92} [2015-10-04] [not signed]
FF Extension: Google Translator for Firefox - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\translator@zoli.bod.xpi [2015-11-02]
FF Extension: No Name - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: No Name - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2015-12-01] [not signed]
FF Extension: Video DownloadHelper - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-07-30] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR NewTab: Default -> "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Překladač Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-18]
CHR Extension: (Prezentace Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-23]
CHR Extension: (Torrent Search) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2014-07-13]
CHR Extension: (Dokumenty Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-23]
CHR Extension: (Disk Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (Web Design Project Online Marketplace) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdohnoncgnjdlijjpnebkggepaocgopo [2015-06-16]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-11-26]
CHR Extension: (YouTube) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-23]
CHR Extension: (VLC Media Player) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfcjgjamoeolafobhnpnhjgpaobjehcp [2015-09-10]
CHR Extension: (Logo Maker) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciojdpgahhgdpmlhnocojjfhkfdmemdh [2015-01-31]
CHR Extension: (Vyhledávání Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (HTML Editor) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacmeeeegjoaddfondbeaaafohldgfof [2014-09-15]
CHR Extension: (PageEdit) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebkclgoaabaibghklgknnjdemknjaeic [2015-06-10]
CHR Extension: (Spyware Terminator Internet Guard) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\elbjpfdfllhaioofjgmiaekihidancnc [2015-07-28]
CHR Extension: (Easy WebContent Free HTML Editor) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\encbaekhkcjjmhbcghnlcaiifdmfeokn [2014-09-15]
CHR Extension: (Invite All (for Facebook)) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\eopekjehpibhfpjjcokfmhcaeiclddih [2015-08-07]
CHR Extension: (Tabulky Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-23]
CHR Extension: (uTorrent easy client) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfiejlelblhoaflnjajjjjkkgbeifpn [2015-12-06]
CHR Extension: (Web page captures from browser) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fomlbefjpamblimccfdomfgpgokdljcg [2015-06-09]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-11-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (AlterNote Editor) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\hljkfahiahjhhpmpihngnommookkneji [2015-10-19]
CHR Extension: (HTML Editor for Drive) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmgpiigchjeclbkocfndppmhmfjdhbah [2015-06-09]
CHR Extension: (ShiftEdit) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2015-09-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2015-10-28]
CHR Extension: (Gmail) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Profile: C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Prezentace Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-09]
CHR Extension: (Dokumenty Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-09]
CHR Extension: (Disk Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-09]
CHR Extension: (YouTube) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-09]
CHR Extension: (Vyhledávání Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-09]
CHR Extension: (Tabulky Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-09]
CHR Extension: (Bookmark Manager) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-09]
CHR Extension: (Freemake Video Converter) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2015-06-09]
CHR Extension: (Skype Click to Call) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-09]
CHR Extension: (Peněženka Google) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-09]
CHR Extension: (Gmail) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-09]
CHR HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 ASLSvc; C:\Program Files\Acer\Acer SmartBoot\ASLSvc.exe [502784 2009-05-13] (Acer Incorporated) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1994936 2015-06-26] (Comodo)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 eLockService; C:\Program Files\Acer\Empowering Technology\eLock\Service\eLockServ.exe [30016 2010-06-03] (Acer Inc.)
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2009-02-18] () [File not signed]
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-04-17] (Egis Technology Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NMSAccessU; C:\Program Files (x86)\Common Files\NMSAccessU.exe [65536 2007-01-25] () [File not signed]
S2 O2 Internet. RunOuc; C:\Program Files (x86)\O2 Internet\UpdateDog\ouc.exe [657504 2012-11-12] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [77824 2011-01-03] (ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-01-22] (Crawler Group)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5400848 2014-11-03] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 AgileVpn; C:\Program Files (x86)\WAN Miniport IKEv2\AgileVpn.exe "%SysData%" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-04-03] ()
S3 c_su_1b; C:\Windows\System32\Drivers\c_su_1b.sys [32750 2003-08-14] (Anoto AB) [File not signed]
S3 c_su_1b; C:\Windows\SysWOW64\Drivers\c_su_1b.sys [32750 2003-08-28] (Anoto AB) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R0 eLock2BurnerLockDriver; C:\Windows\System32\DRIVERS\eLock2BurnerLockDriver.sys [25120 2008-03-12] (Acer, Inc.)
R2 eLock2FSCTLDriver; C:\Windows\System32\DRIVERS\eLock2FSCTLDriver.sys [100384 2008-03-11] (Acer, Inc.)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] () [File not signed]
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] () [File not signed]
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [File not signed]
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [244736 2013-02-17] (Huawei Technologies Co., Ltd.)
R3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [164736 2015-10-07] (ITE )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-04-03] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-09] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows (R) Win 7 DDK provider)
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem64.sys [X]
S3 DRIVER_B; \??\C:\Windows\system32\Drivers\DRIVER_BIN64 [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]
S3 ProcessMonitor; \??\C:\Program Files\Safetica Free\ProcessMonitorDriver.sys [X]
S3 Safetica; \??\C:\Program Files\Safetica Free\safetica.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-09 20:25 - 2015-12-09 20:25 - 00040724 _____ C:\Users\DUŠAN\Desktop\FRST.txt
2015-12-09 19:04 - 2015-12-09 19:04 - 00017061 _____ C:\Users\DUŠAN\Desktop\adwarecleaner.txt
2015-12-09 18:48 - 2015-12-09 18:48 - 01738240 _____ C:\Users\DUŠAN\Desktop\adwcleaner_5.024.exe
2015-12-09 12:48 - 2015-12-09 12:48 - 00025834 _____ C:\Users\DUŠAN\Desktop\Addition.rar
2015-12-09 12:30 - 2015-12-09 20:25 - 00000000 ____D C:\FRST
2015-12-09 12:29 - 2015-12-09 12:29 - 02369024 _____ (Farbar) C:\Users\DUŠAN\Desktop\FRST64.exe
2015-12-09 10:38 - 2015-12-09 10:39 - 00000000 ____D C:\Users\DUŠAN\Documents\malware_test
2015-12-09 10:38 - 2015-12-09 10:38 - 00000000 ____D C:\Nová složka
2015-12-08 20:51 - 2015-12-08 20:51 - 00001416 _____ C:\Users\DUŠAN\Desktop\GravelySilent_HouseofDeadlockCE.exe – zástupce.lnk
2015-12-08 20:51 - 2015-12-08 20:51 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Enki Games
2015-12-08 18:53 - 2015-12-08 18:53 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft WebBrowserPassView
2015-12-08 18:53 - 2015-12-08 18:53 - 00000000 ____D C:\Program Files (x86)\NirSoft
2015-12-08 14:42 - 2015-12-09 10:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-08 14:42 - 2015-12-08 14:42 - 00001070 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-12-08 14:42 - 2015-12-08 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-08 14:42 - 2015-12-08 14:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-12-08 14:42 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-08 14:42 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-08 14:37 - 2015-12-08 14:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2015-12-08 14:37 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-07 23:29 - 2015-12-07 23:29 - 00000000 ____D C:\c9e75cd517b8e8ef35b7
2015-12-07 22:14 - 2015-12-07 22:14 - 00001449 _____ C:\Users\DUŠAN\Desktop\Midnight Mysteries - Edgar Allan Poe Conspiracy.exe – zástupce.lnk
2015-12-07 14:11 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-07 14:11 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-07 14:11 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-07 14:11 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-07 14:11 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-07 14:11 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-07 14:11 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-07 14:11 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-07 14:11 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-06 18:04 - 2015-12-06 18:04 - 00000189 _____ C:\Users\DUŠAN\Documents\ahomeo.txt
2015-12-05 13:42 - 2015-12-05 13:42 - 00000000 ____D C:\Users\DUŠAN\Documents\My Filehippo Downloads
2015-12-05 11:43 - 2015-12-09 14:06 - 00281664 _____ C:\Windows\ntbtlog.txt
2015-12-04 15:24 - 2015-12-04 15:29 - 00038844 _____ C:\Users\DUŠAN\Documents\cc_20151204_152335.reg
2015-12-04 13:30 - 2015-12-04 13:30 - 00006696 ____N C:\bootsqm.dat
2015-11-25 10:35 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-11-25 10:35 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-25 10:35 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-25 10:35 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-25 10:35 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-25 10:35 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-25 10:35 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-25 10:35 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-11-25 10:35 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-11-25 10:35 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-11-22 14:50 - 2015-11-22 14:53 - 132866782 _____ C:\Users\DUŠAN\Downloads\DAO_PRC_CP_1_1.1 (1).dazip
2015-11-22 14:49 - 2015-11-22 14:53 - 132866782 _____ C:\Users\DUŠAN\Downloads\DAO_PRC_CP_1_1.1.dazip
2015-11-20 11:35 - 2015-11-20 11:35 - 08974253 _____ C:\Users\DUŠAN\Downloads\Flexibile French.wmv
2015-11-18 12:17 - 2015-11-18 12:17 - 00000000 ____D C:\Users\DUŠAN\Downloads\eset
2015-11-18 12:16 - 2015-11-18 12:16 - 00001258 _____ C:\Users\DUŠAN\Downloads\eset.zip
2015-11-18 11:27 - 2015-11-18 11:28 - 00000000 ____D C:\Users\DUŠAN\Documents\javagrafika
2015-11-18 11:06 - 2015-11-18 11:06 - 02975173 _____ C:\Users\DUŠAN\Downloads\Programujeme_hru_v_C.pdf
2015-11-18 11:03 - 2015-11-18 11:03 - 00000000 ____D C:\Users\DUŠAN\Downloads\ZdrojoveKodyDirectX_1
2015-11-15 12:06 - 2015-11-15 12:06 - 00046508 _____ C:\Users\DUŠAN\Downloads\cestne prohlaseni ele_plyn.pdf
2015-11-12 10:02 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 09:46 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 09:46 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 09:46 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 09:46 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 09:46 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 09:46 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 09:46 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 09:46 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 09:46 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 09:46 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 09:46 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 09:46 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 09:46 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 09:46 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 09:46 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 09:46 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 09:46 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 09:46 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 09:46 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 09:46 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 09:46 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 09:46 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 09:46 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 09:46 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 09:46 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 09:46 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 09:46 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 09:46 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 09:46 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 09:46 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 09:46 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 09:46 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 09:46 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 09:46 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 09:46 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 09:46 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 09:46 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 09:46 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 09:46 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 09:46 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 09:46 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 09:46 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 09:46 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 09:46 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 09:46 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 09:46 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 09:46 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 09:46 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 09:46 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 09:46 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 09:46 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 09:46 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 09:46 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 09:46 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 09:46 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 09:46 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 09:46 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 09:46 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 09:46 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 09:46 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 09:46 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 09:46 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 09:46 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 09:46 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 09:45 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 09:45 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 09:45 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 09:45 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 09:45 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 09:45 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 09:45 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 09:45 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 09:45 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 09:45 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 09:45 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 09:45 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 09:45 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 09:45 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 09:45 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 09:45 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 09:45 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 09:45 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 09:45 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 09:45 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 09:45 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 09:45 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 09:45 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 09:45 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 09:45 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 09:45 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 09:45 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 09:45 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 09:45 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 09:45 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 09:45 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 09:45 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 09:45 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 09:44 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 09:44 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 09:44 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 09:44 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 09:44 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 09:44 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 09:44 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 09:44 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 09:44 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 09:44 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 09:44 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 09:44 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 09:44 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 15:48 - 2015-11-27 17:28 - 00000000 ____D C:\ProgramData\BioWare
2015-11-10 15:37 - 2015-11-27 17:26 - 00000000 ____D C:\ProgramData\Media Center Programs
2015-11-09 20:06 - 2015-11-09 20:06 - 00002603 _____ C:\Users\Public\Desktop\PatchCleaner.lnk
2015-11-09 20:06 - 2015-11-09 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeDev
2015-11-09 20:06 - 2015-11-09 20:06 - 00000000 ____D C:\Program Files (x86)\HomeDev
2015-11-09 19:12 - 2015-11-09 19:12 - 00012366 _____ C:\Users\DUŠAN\Documents\cc_20151109_191244.reg
2015-11-09 17:06 - 2015-11-28 12:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-09 17:06 - 2015-11-09 17:06 - 00002011 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-09 17:06 - 2015-11-09 17:06 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-09 15:47 - 2015-11-09 15:47 - 00001991 _____ C:\Users\Public\Desktop\ExtremeCopy.lnk
2015-11-09 15:47 - 2015-11-09 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExtremeCopy
2015-11-09 15:47 - 2015-11-09 15:47 - 00000000 ____D C:\Program Files (x86)\Easersoft
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-12-09 20:23 - 2012-08-05 13:54 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\uTorrent
2015-12-09 20:20 - 2012-08-19 17:53 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-09 20:13 - 2014-01-08 12:09 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Skype
2015-12-09 20:00 - 2015-07-28 09:49 - 00000000 ____D C:\Users\DUŠAN\AppData\LocalLow\Spyware Terminator
2015-12-09 19:51 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-09 19:51 - 2009-07-14 05:45 - 00018736 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-09 19:43 - 2015-04-17 16:49 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 19:43 - 2015-04-17 16:49 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 19:43 - 2015-04-17 16:49 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 19:43 - 2015-04-17 16:49 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-09 19:42 - 2012-12-08 10:51 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Seznam.cz
2015-12-09 19:37 - 2012-08-19 17:53 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-09 19:37 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-09 18:56 - 2014-06-24 10:52 - 00000000 ____D C:\Windows\system32\log
2015-12-09 18:56 - 2012-07-19 10:55 - 00000000 ____D C:\Users\DUŠAN
2015-12-09 18:54 - 2014-11-30 14:52 - 00000000 ____D C:\AdwCleaner
2015-12-09 18:47 - 2012-07-19 11:08 - 00000000 ____D C:\ProgramData\Temp
2015-12-09 16:04 - 2012-10-02 23:10 - 00000000 ____D C:\Users\DUŠAN\AppData\Local\CrashDumps
2015-12-09 12:34 - 2009-10-05 22:17 - 00000000 ____D C:\Windows
2015-12-09 10:51 - 2012-12-02 23:47 - 00000000 ____D C:\Program Files (x86)\Recepty doma
2015-12-09 09:19 - 2014-06-12 09:41 - 00000000 ____D C:\Users\DUŠAN\AppData\Local\Adobe
2015-12-08 23:36 - 2014-03-04 01:34 - 00000000 ____D C:\Program Files (x86)\WAN Miniport IKEv2
2015-12-08 23:36 - 2010-06-10 07:41 - 00000000 ____D C:\Windows\Downloaded Installations
2015-12-08 23:35 - 2014-01-06 21:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-08 18:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-12-08 16:58 - 2014-11-27 10:40 - 00000000 ____D C:\ProgramData\Spyware Terminator
2015-12-08 14:42 - 2014-11-26 21:02 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Malwarebytes
2015-12-08 14:33 - 2012-08-22 17:33 - 00000000 ____D C:\Users\DUŠAN\Desktop\tvorba_www
2015-12-07 10:44 - 2015-08-04 14:20 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings
2015-12-06 21:29 - 2012-08-02 16:37 - 00000000 ____D C:\Users\DUŠAN\Downloads\torrenty
2015-12-05 21:33 - 2015-06-11 12:24 - 00000958 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-12-05 14:33 - 2012-07-19 20:38 - 00785038 _____ C:\Windows\system32\perfh005.dat
2015-12-05 14:33 - 2012-07-19 20:38 - 00185538 _____ C:\Windows\system32\perfc005.dat
2015-12-05 14:33 - 2009-07-14 06:13 - 01911202 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-05 14:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-05 14:22 - 2015-10-17 19:27 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\MPC-HC
2015-12-05 10:24 - 2015-05-02 11:30 - 00002147 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-04 22:39 - 2015-02-22 09:31 - 00000000 ____D C:\Users\DUŠAN\AppData\Local\JDownloader 2.0
2015-12-04 15:39 - 2013-07-19 00:14 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Free Download Manager
2015-12-04 14:49 - 2012-08-04 10:11 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-02 10:15 - 2012-08-19 17:53 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 10:15 - 2012-08-19 17:53 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-29 12:04 - 2015-10-04 10:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-11-29 12:04 - 2015-01-31 20:55 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-11-27 17:28 - 2014-12-18 15:54 - 00000000 ____D C:\Users\DUŠAN\Documents\BioWare
2015-11-27 17:26 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-26 17:56 - 2014-06-06 01:12 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Brave Giant
2015-11-26 09:40 - 2015-10-18 18:03 - 00000000 ____D C:\Windows\rescache
2015-11-26 08:49 - 2009-07-14 05:45 - 05482632 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-24 08:54 - 2012-07-19 20:59 - 00000000 ____D C:\ProgramData\Skype
2015-11-23 17:03 - 2015-10-28 14:30 - 00000894 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2015-11-23 17:03 - 2015-10-28 14:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2015-11-23 17:03 - 2015-09-19 20:24 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2015-11-18 11:17 - 2013-10-13 19:25 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Notepad++
2015-11-11 23:49 - 2013-08-14 15:01 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 23:33 - 2014-02-19 11:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-11 23:33 - 2012-07-19 13:56 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 23:32 - 2010-06-10 07:46 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 23:16 - 2012-07-19 11:11 - 01885916 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 23:10 - 2009-07-14 03:34 - 00000864 _____ C:\Windows\win.ini
2015-11-11 23:09 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 09:42 - 2015-06-11 12:24 - 00003952 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-11-10 14:50 - 2012-08-05 15:50 - 00000000 ____D C:\Users\DUŠAN\Documents\www
2015-11-10 14:47 - 2012-07-20 20:23 - 00000000 ____D C:\Users\DUŠAN\Documents\My Games
2015-11-10 14:44 - 2012-07-27 14:57 - 00000000 ____D C:\Users\DUŠAN\Documents\doc
2015-11-10 14:24 - 2014-09-15 16:27 - 00000000 ____D C:\Users\DUŠAN\Documents\Incomedia
2015-11-10 13:59 - 2015-04-22 22:00 - 00000000 ____D C:\Program Files (x86)\GStudio7
2015-11-10 13:59 - 2015-04-22 22:00 - 00000000 _____ C:\Windows\SysWOW64\WIN.INI
2015-11-10 13:59 - 2015-04-22 22:00 - 00000000 _____ C:\Windows\SysWOW64\SYSTEM.INI
2015-11-10 13:52 - 2014-01-01 13:38 - 00000000 ____D C:\Users\DUŠAN\Documents\Circuits
2015-11-10 13:36 - 2012-08-20 15:29 - 00000000 ____D C:\Program Files (x86)\AnvSoft
2015-11-10 13:33 - 2013-12-03 13:11 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Brackets
2015-11-10 13:16 - 2015-03-30 18:17 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\QCAD
2015-11-10 12:51 - 2013-11-11 17:48 - 00000000 ____D C:\Program Files (x86)\WebSite X5 v10 - Professional
2015-11-10 12:36 - 2013-10-25 14:51 - 00000000 ____D C:\Users\DUŠAN\AppData\Roaming\Alzex
2015-11-10 12:35 - 2014-07-23 13:09 - 00000000 ____D C:\ProgramData\FitLinie
2015-11-10 12:12 - 2014-04-05 09:05 - 00000000 ____D C:\Users\DUŠAN\Desktop\be9
2015-11-10 12:12 - 2014-01-02 19:09 - 00000000 ____D C:\Users\DUŠAN\Desktop\udrba
2015-11-10 12:12 - 2013-07-16 10:32 - 00000000 ____D C:\Users\DUŠAN\Desktop\video
2015-11-10 12:12 - 2012-11-16 13:39 - 00000000 ____D C:\Users\DUŠAN\Desktop\grafika
2015-11-10 12:12 - 2012-11-16 11:25 - 00000000 ____D C:\Users\DUŠAN\Desktop\logo
2015-11-10 11:46 - 2012-11-16 11:26 - 00000000 ____D C:\Users\DUŠAN\Desktop\hry
2015-11-09 23:25 - 2013-10-16 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CoffeeCup Software
2015-11-09 23:04 - 2010-06-10 08:01 - 00000000 ____D C:\ProgramData\Nero
2015-11-09 23:04 - 2010-06-10 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-11-09 23:04 - 2010-06-10 08:01 - 00000000 ____D C:\Program Files (x86)\Nero
2015-11-09 21:49 - 2012-11-29 16:30 - 00000000 ____D C:\QuickLogoDesigner
2015-11-09 21:08 - 2015-11-07 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-09 17:08 - 2014-12-26 11:16 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-09 17:06 - 2010-06-10 08:07 - 00000000 ____D C:\ProgramData\Adobe
2015-11-09 16:01 - 2012-07-19 12:50 - 00002570 _____ C:\Windows\wininit.ini
2015-11-09 16:01 - 2012-07-19 12:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-09 12:30 - 2014-10-31 17:13 - 00000000 ____D C:\ProgramData\CanonIJPLM
==================== Files in the root of some directories =======
2007-01-25 02:52 - 2007-01-25 02:52 - 0065536 _____ () C:\Program Files (x86)\Common Files\NMSAccessU.exe
2012-08-31 10:53 - 2013-06-14 19:41 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2012-12-14 19:32 - 2013-07-31 19:10 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2012-12-17 13:05 - 2014-11-23 15:21 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2015-06-26 14:51 - 2015-09-09 15:47 - 0000034 _____ () C:\Users\DUŠAN\AppData\Roaming\AdobeWLCMCache.dat
2013-03-14 18:47 - 2013-03-14 18:47 - 0000046 _____ () C:\Users\DUŠAN\AppData\Roaming\Camdata.ini
2013-03-14 18:47 - 2013-03-14 18:47 - 0000408 _____ () C:\Users\DUŠAN\AppData\Roaming\CamLayout.ini
2013-03-14 18:47 - 2013-03-14 18:47 - 0000408 _____ () C:\Users\DUŠAN\AppData\Roaming\CamShapes.ini
2013-03-14 18:47 - 2013-03-14 18:47 - 0004510 _____ () C:\Users\DUŠAN\AppData\Roaming\CamStudio.cfg
2013-04-05 17:19 - 2013-08-01 00:39 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Filtr IIIExport Adobe CS5 – předvolby
2014-09-27 23:31 - 2014-09-27 23:31 - 0000132 _____ () C:\Users\DUŠAN\AppData\Roaming\Filtr IIIExport Adobe CS6 – předvolby
2012-11-05 00:16 - 2012-11-05 00:16 - 0000355 _____ () C:\Users\DUŠAN\AppData\Roaming\fontcacheev1.dat
2014-02-23 15:18 - 2014-02-24 00:54 - 7978188 _____ () C:\Users\DUŠAN\AppData\Roaming\log.sflog
2015-09-13 16:19 - 2015-09-13 18:07 - 0000115 _____ () C:\Users\DUŠAN\AppData\Roaming\LogFile.txt
2014-05-21 15:03 - 2014-05-21 15:03 - 0000005 _____ () C:\Users\DUŠAN\AppData\Roaming\mbam.context.scan
2013-04-11 21:47 - 2015-10-04 19:08 - 0000164 _____ () C:\Users\DUŠAN\AppData\Roaming\PLGComp.ini
2015-06-21 14:31 - 2015-07-11 20:06 - 0040960 _____ () C:\Users\DUŠAN\AppData\Roaming\SharedSettings.ccs
2013-06-20 18:00 - 2014-08-16 00:40 - 0000600 _____ () C:\Users\DUŠAN\AppData\Roaming\winscp.rnd
2014-05-02 23:46 - 2014-11-23 14:31 - 0001728 _____ () C:\Users\DUŠAN\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2012-09-07 12:32 - 2014-11-11 13:35 - 0000079 _____ () C:\Users\DUŠAN\AppData\Local\CrystalDiskMark30.ini
2015-03-04 16:45 - 2015-09-05 17:20 - 0008192 _____ () C:\Users\DUŠAN\AppData\Local\file__0.localstorage
2015-03-31 21:33 - 2015-03-31 21:33 - 0000000 ___SH () C:\Users\DUŠAN\AppData\Local\LumaEmu
2015-10-06 11:04 - 2015-10-06 11:04 - 0010128 _____ () C:\Users\DUŠAN\AppData\Local\recently-used.xbel
2014-05-23 16:07 - 2015-03-08 16:46 - 0007606 _____ () C:\Users\DUŠAN\AppData\Local\Resmon.ResmonCfg
2012-11-18 17:11 - 2012-11-19 02:39 - 0001280 _____ () C:\Users\DUŠAN\AppData\Local\SRDownloader.nast
2013-06-12 11:14 - 2013-06-18 11:26 - 0000088 __RSH () C:\ProgramData\177580EEF3.sys
2014-01-19 15:37 - 2014-10-31 14:43 - 0007503 _____ () C:\ProgramData\hpzinstall.log
2013-06-12 11:14 - 2013-06-18 11:26 - 0002516 ___SH () C:\ProgramData\KGyGaAvL.sys
2015-10-07 15:39 - 2015-11-22 11:43 - 0006259 _____ () C:\ProgramData\LmeUSB.log
2015-10-07 15:39 - 2015-11-22 11:43 - 0006134 _____ () C:\ProgramData\LmeZJSW.log
2015-10-07 15:39 - 2015-11-22 11:43 - 0006253 _____ () C:\ProgramData\LSDmbTH.log
2012-11-02 14:18 - 2014-12-02 20:17 - 0000930 _____ () C:\ProgramData\{902EC888-8381-0DA4-9751-000054BD003C}
Files to move or delete:
====================
C:\Users\DUŠAN\comcat5.dll
Some files in TEMP:
====================
C:\Users\DUŠAN\AppData\Local\Temp\proxy_vole1905037336237296608.dll
C:\Users\DUŠAN\AppData\Local\Temp\proxy_vole3590127093329061244.dll
C:\Users\DUŠAN\AppData\Local\Temp\proxy_vole7113664343122068825.dll
C:\Users\DUŠAN\AppData\Local\Temp\proxy_vole7187740425757967247.dll
C:\Users\DUŠAN\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-30 10:12
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (24.78 KiB) Staženo 80 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pc
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: H - H:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: M - M:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: N - N:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {17270ab8-632a-11e4-93cf-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {203edf4a-1c75-11e4-a103-90fba6e0cb6c} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {30bf076c-c3b1-11e3-93ea-90fba6e0cb6c} - K:\LGAutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {322fd738-2ae9-11e4-b5a9-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {b2a22ed1-21f3-11e4-b55f-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {bf8f62c8-2c45-11e4-91b6-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {e725ba53-0e29-11e3-bfe2-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {ee93d2ea-fc80-11e4-b444-cc378fc26e2e} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => No File
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Toolbar: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [No File]
FF Plugin-x32: @alawar.com/npapi -> C:\Windows\npapi.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]
FF Extension: Xinha Here! - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{5B280457-4290-40c2-9441-EA647775F824}.xpi [2015-06-09]
FF Extension: Torrent Finder Toolbar - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\TFToolbarX@torrent-finder.xpi [2015-07-09]
CHR Extension: (Bookmark Manager) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-09]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\177580EEF3.sys
C:\ProgramData\KGyGaAvL.sys
C:\Users\DUŠAN\comcat5.dll
C:\Users\DUŠAN\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\DUŠAN:gs5sys
AlternateDataStreams: C:\ProgramData\Data aplikací:gs5sys
AlternateDataStreams: C:\ProgramData\Temp:02DD996C
AlternateDataStreams: C:\ProgramData\Temp:0A8E2C33
AlternateDataStreams: C:\ProgramData\Temp:15B79D44
AlternateDataStreams: C:\ProgramData\Temp:1AAB2E68
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51
AlternateDataStreams: C:\ProgramData\Temp:2AF322BF
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:57B2B96C
AlternateDataStreams: C:\ProgramData\Temp:587F3582
AlternateDataStreams: C:\ProgramData\Temp:6319FF34
AlternateDataStreams: C:\ProgramData\Temp:689AB7E9
AlternateDataStreams: C:\ProgramData\Temp:6DAA43DB
AlternateDataStreams: C:\ProgramData\Temp:73BDADA8
AlternateDataStreams: C:\ProgramData\Temp:774A0E14
AlternateDataStreams: C:\ProgramData\Temp:84C34762
AlternateDataStreams: C:\ProgramData\Temp:88C5973F
AlternateDataStreams: C:\ProgramData\Temp:943971F5
AlternateDataStreams: C:\ProgramData\Temp:B5977DBE
AlternateDataStreams: C:\ProgramData\Temp:B755D674
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:ED0B32CA
AlternateDataStreams: C:\ProgramData\Temp:F26F5952
AlternateDataStreams: C:\ProgramData\Temp:F5096B56
AlternateDataStreams: C:\ProgramData\Temp:F84B8DB5
AlternateDataStreams: C:\Users\DUŠAN\Data aplikací:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Local Settings:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Soubory cookie:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Šablony:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\AppData\Local\Data aplikací:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\AppData\Local\History:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
ResetHosts:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém s pc
Fix result of Farbar Recovery Scan Tool (x64) Version:05-12-2015
Ran by DUŠAN (2015-12-10 10:41:00) Run:1
Running from C:\Users\DUŠAN\Desktop
Loaded Profiles: DUŠAN (Available Profiles: DUŠAN)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: H - H:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: M - M:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: N - N:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {17270ab8-632a-11e4-93cf-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {203edf4a-1c75-11e4-a103-90fba6e0cb6c} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {30bf076c-c3b1-11e3-93ea-90fba6e0cb6c} - K:\LGAutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {322fd738-2ae9-11e4-b5a9-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {b2a22ed1-21f3-11e4-b55f-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {bf8f62c8-2c45-11e4-91b6-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {e725ba53-0e29-11e3-bfe2-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {ee93d2ea-fc80-11e4-b444-cc378fc26e2e} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => No File
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Toolbar: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [No File]
FF Plugin-x32: @alawar.com/npapi -> C:\Windows\npapi.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]
FF Extension: Xinha Here! - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{5B280457-4290-40c2-9441-EA647775F824}.xpi [2015-06-09]
FF Extension: Torrent Finder Toolbar - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\TFToolbarX@torrent-finder.xpi [2015-07-09]
CHR Extension: (Bookmark Manager) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-09]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\177580EEF3.sys
C:\ProgramData\KGyGaAvL.sys
C:\Users\DUŠAN\comcat5.dll
C:\Users\DUŠAN\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\DUŠAN:gs5sys
AlternateDataStreams: C:\ProgramData\Data aplikací:gs5sys
AlternateDataStreams: C:\ProgramData\Temp:02DD996C
AlternateDataStreams: C:\ProgramData\Temp:0A8E2C33
AlternateDataStreams: C:\ProgramData\Temp:15B79D44
AlternateDataStreams: C:\ProgramData\Temp:1AAB2E68
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51
AlternateDataStreams: C:\ProgramData\Temp:2AF322BF
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:57B2B96C
AlternateDataStreams: C:\ProgramData\Temp:587F3582
AlternateDataStreams: C:\ProgramData\Temp:6319FF34
AlternateDataStreams: C:\ProgramData\Temp:689AB7E9
AlternateDataStreams: C:\ProgramData\Temp:6DAA43DB
AlternateDataStreams: C:\ProgramData\Temp:73BDADA8
AlternateDataStreams: C:\ProgramData\Temp:774A0E14
AlternateDataStreams: C:\ProgramData\Temp:84C34762
AlternateDataStreams: C:\ProgramData\Temp:88C5973F
AlternateDataStreams: C:\ProgramData\Temp:943971F5
AlternateDataStreams: C:\ProgramData\Temp:B5977DBE
AlternateDataStreams: C:\ProgramData\Temp:B755D674
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:ED0B32CA
AlternateDataStreams: C:\ProgramData\Temp:F26F5952
AlternateDataStreams: C:\ProgramData\Temp:F5096B56
AlternateDataStreams: C:\ProgramData\Temp:F84B8DB5
AlternateDataStreams: C:\Users\DUŠAN\Data aplikací:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Local Settings:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Soubory cookie:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Šablony:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\AppData\Local\Data aplikací:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\AppData\Local\History:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
ResetHosts:
End
*****************
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Nektra OEAPI => value removed successfully
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS => value removed successfully
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H" => key removed successfully
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\M" => key removed successfully
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\N" => key removed successfully
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{17270ab8-632a-11e4-93cf-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{17270ab8-632a-11e4-93cf-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{203edf4a-1c75-11e4-a103-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{203edf4a-1c75-11e4-a103-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30bf076c-c3b1-11e3-93ea-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{30bf076c-c3b1-11e3-93ea-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{322fd738-2ae9-11e4-b5a9-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{322fd738-2ae9-11e4-b5a9-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b2a22ed1-21f3-11e4-b55f-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{b2a22ed1-21f3-11e4-b55f-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bf8f62c8-2c45-11e4-91b6-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{bf8f62c8-2c45-11e4-91b6-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e725ba53-0e29-11e3-bfe2-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{e725ba53-0e29-11e3-bfe2-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ee93d2ea-fc80-11e4-b444-cc378fc26e2e}" => key removed successfully
HKCR\CLSID\{ee93d2ea-fc80-11e4-b444-cc378fc26e2e} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1" => key removed successfully
"HKCR\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco2" => key removed successfully
"HKCR\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco3" => key removed successfully
"HKCR\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}" => key removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => key removed successfully
HKCR\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => key not found.
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => key removed successfully
HKCR\Wow6432Node\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => key not found.
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{6A060448-60F9-11D5-A6CD-0002B31F7455}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{6A060448-60F9-11D5-A6CD-0002B31F7455}" => key removed successfully
"HKCR\PROTOCOLS\Handler\dssrequest" => key removed successfully
HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => key not found.
"HKCR\PROTOCOLS\Handler\sacore" => key removed successfully
HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64" => key removed successfully
"HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@alawar.com/npapi" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@oberon-media.com/ONCAdapter" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect" => key removed successfully
C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{5B280457-4290-40c2-9441-EA647775F824}.xpi => moved successfully
C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{5B280457-4290-40c2-9441-EA647775F824}.xpi => path removed successfully
C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\TFToolbarX@torrent-finder.xpi => moved successfully
C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\TFToolbarX@torrent-finder.xpi => path removed successfully
C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik => moved successfully
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\177580EEF3.sys => moved successfully
C:\ProgramData\KGyGaAvL.sys => moved successfully
C:\Users\DUŠAN\comcat5.dll => moved successfully
"C:\Users\DUŠAN\AppData\Local\Temp" folder move:
Could not move "C:\Users\DUŠAN\AppData\Local\Temp" => Scheduled to move on reboot.
C:\ProgramData => ":gs5sys" ADS removed successfully.
"C:\Users\All Users" => ":gs5sys" ADS not found.
C:\Users\DUŠAN => ":gs5sys" ADS removed successfully.
"C:\ProgramData\Data aplikací" => ":gs5sys" ADS not found.
C:\ProgramData\Temp => ":02DD996C" ADS removed successfully.
C:\ProgramData\Temp => ":0A8E2C33" ADS removed successfully.
C:\ProgramData\Temp => ":15B79D44" ADS removed successfully.
C:\ProgramData\Temp => ":1AAB2E68" ADS removed successfully.
C:\ProgramData\Temp => ":1CE11B51" ADS removed successfully.
C:\ProgramData\Temp => ":2AF322BF" ADS removed successfully.
C:\ProgramData\Temp => ":2CB9631F" ADS removed successfully.
C:\ProgramData\Temp => ":57B2B96C" ADS removed successfully.
C:\ProgramData\Temp => ":587F3582" ADS removed successfully.
C:\ProgramData\Temp => ":6319FF34" ADS removed successfully.
C:\ProgramData\Temp => ":689AB7E9" ADS removed successfully.
C:\ProgramData\Temp => ":6DAA43DB" ADS removed successfully.
C:\ProgramData\Temp => ":73BDADA8" ADS removed successfully.
C:\ProgramData\Temp => ":774A0E14" ADS removed successfully.
C:\ProgramData\Temp => ":84C34762" ADS removed successfully.
C:\ProgramData\Temp => ":88C5973F" ADS removed successfully.
C:\ProgramData\Temp => ":943971F5" ADS removed successfully.
C:\ProgramData\Temp => ":B5977DBE" ADS removed successfully.
C:\ProgramData\Temp => ":B755D674" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
C:\ProgramData\Temp => ":ED0B32CA" ADS removed successfully.
C:\ProgramData\Temp => ":F26F5952" ADS removed successfully.
C:\ProgramData\Temp => ":F5096B56" ADS removed successfully.
C:\ProgramData\Temp => ":F84B8DB5" ADS removed successfully.
"C:\Users\DUŠAN\Data aplikací" => ":gs5sys" ADS not found.
"C:\Users\DUŠAN\Local Settings" => ":gs5sys" ADS not found.
"C:\Users\DUŠAN\Soubory cookie" => ":gs5sys" ADS not found.
"C:\Users\DUŠAN\Šablony" => ":gs5sys" ADS not found.
C:\Users\DUŠAN\Desktop\desktop.ini => ":gs5sys" ADS removed successfully.
C:\Users\DUŠAN\AppData\Local => ":gs5sys" ADS removed successfully.
C:\Users\DUŠAN\AppData\Roaming => ":gs5sys" ADS removed successfully.
"C:\Users\DUŠAN\AppData\Local\Data aplikací" => ":gs5sys" ADS not found.
"C:\Users\DUŠAN\AppData\Local\History" => ":gs5sys" ADS not found.
C:\Users\DUŠAN\Documents\desktop.ini => ":gs5sys" ADS removed successfully.
C:\Users\Public\Documents\desktop.ini => ":gs5sys" ADS removed successfully.
ResetHosts: => Error: No automatic fix found for this entry.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-12-10 10:46:59)
C:\Users\DUŠAN\AppData\Local\Temp => moved successfully
==== End of Fixlog 10:47:03 ====
Ran by DUŠAN (2015-12-10 10:41:00) Run:1
Running from C:\Users\DUŠAN\Desktop
Loaded Profiles: DUŠAN (Available Profiles: DUŠAN)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [Nektra OEAPI] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: F - F:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: H - H:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: M - M:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: N - N:\autorun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {17270ab8-632a-11e4-93cf-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {203edf4a-1c75-11e4-a103-90fba6e0cb6c} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL K:\Common_Handset_USB_Driver.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {30bf076c-c3b1-11e3-93ea-90fba6e0cb6c} - K:\LGAutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {322fd738-2ae9-11e4-b5a9-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {b2a22ed1-21f3-11e4-b55f-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {bf8f62c8-2c45-11e4-91b6-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {e725ba53-0e29-11e3-bfe2-90fba6e0cb6c} - K:\AutoRun.exe
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\...\MountPoints2: {ee93d2ea-fc80-11e4-b444-cc378fc26e2e} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => No File
GroupPolicyScripts: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
C:\Program Files (x86)\Skype\Toolbars
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Toolbar: HKU\S-1-5-21-1471251198-2849799938-2557515058-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [No File]
FF Plugin-x32: @alawar.com/npapi -> C:\Windows\npapi.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll [No File]
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [No File]
FF Extension: Xinha Here! - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{5B280457-4290-40c2-9441-EA647775F824}.xpi [2015-06-09]
FF Extension: Torrent Finder Toolbar - C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\TFToolbarX@torrent-finder.xpi [2015-07-09]
CHR Extension: (Bookmark Manager) - C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-09]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\177580EEF3.sys
C:\ProgramData\KGyGaAvL.sys
C:\Users\DUŠAN\comcat5.dll
C:\Users\DUŠAN\AppData\Local\Temp
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\DUŠAN:gs5sys
AlternateDataStreams: C:\ProgramData\Data aplikací:gs5sys
AlternateDataStreams: C:\ProgramData\Temp:02DD996C
AlternateDataStreams: C:\ProgramData\Temp:0A8E2C33
AlternateDataStreams: C:\ProgramData\Temp:15B79D44
AlternateDataStreams: C:\ProgramData\Temp:1AAB2E68
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51
AlternateDataStreams: C:\ProgramData\Temp:2AF322BF
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:57B2B96C
AlternateDataStreams: C:\ProgramData\Temp:587F3582
AlternateDataStreams: C:\ProgramData\Temp:6319FF34
AlternateDataStreams: C:\ProgramData\Temp:689AB7E9
AlternateDataStreams: C:\ProgramData\Temp:6DAA43DB
AlternateDataStreams: C:\ProgramData\Temp:73BDADA8
AlternateDataStreams: C:\ProgramData\Temp:774A0E14
AlternateDataStreams: C:\ProgramData\Temp:84C34762
AlternateDataStreams: C:\ProgramData\Temp:88C5973F
AlternateDataStreams: C:\ProgramData\Temp:943971F5
AlternateDataStreams: C:\ProgramData\Temp:B5977DBE
AlternateDataStreams: C:\ProgramData\Temp:B755D674
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:ED0B32CA
AlternateDataStreams: C:\ProgramData\Temp:F26F5952
AlternateDataStreams: C:\ProgramData\Temp:F5096B56
AlternateDataStreams: C:\ProgramData\Temp:F84B8DB5
AlternateDataStreams: C:\Users\DUŠAN\Data aplikací:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Local Settings:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Soubory cookie:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Šablony:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Desktop\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\AppData\Local\Data aplikací:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\AppData\Local\History:gs5sys
AlternateDataStreams: C:\Users\DUŠAN\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
ResetHosts:
End
*****************
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Nektra OEAPI => value removed successfully
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS => value removed successfully
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\F" => key removed successfully
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H" => key removed successfully
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\M" => key removed successfully
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\N" => key removed successfully
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{17270ab8-632a-11e4-93cf-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{17270ab8-632a-11e4-93cf-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{203edf4a-1c75-11e4-a103-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{203edf4a-1c75-11e4-a103-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{30bf076c-c3b1-11e3-93ea-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{30bf076c-c3b1-11e3-93ea-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{322fd738-2ae9-11e4-b5a9-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{322fd738-2ae9-11e4-b5a9-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b2a22ed1-21f3-11e4-b55f-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{b2a22ed1-21f3-11e4-b55f-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bf8f62c8-2c45-11e4-91b6-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{bf8f62c8-2c45-11e4-91b6-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e725ba53-0e29-11e3-bfe2-90fba6e0cb6c}" => key removed successfully
HKCR\CLSID\{e725ba53-0e29-11e3-bfe2-90fba6e0cb6c} => key not found.
"HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ee93d2ea-fc80-11e4-b444-cc378fc26e2e}" => key removed successfully
HKCR\CLSID\{ee93d2ea-fc80-11e4-b444-cc378fc26e2e} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco1" => key removed successfully
"HKCR\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco2" => key removed successfully
"HKCR\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}" => key removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AccExtIco3" => key removed successfully
"HKCR\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}" => key removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} => value removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => key removed successfully
HKCR\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => key not found.
C:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => key removed successfully
HKCR\Wow6432Node\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} => key not found.
HKU\S-1-5-21-1471251198-2849799938-2557515058-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{6A060448-60F9-11D5-A6CD-0002B31F7455}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{6A060448-60F9-11D5-A6CD-0002B31F7455}" => key removed successfully
"HKCR\PROTOCOLS\Handler\dssrequest" => key removed successfully
HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => key not found.
"HKCR\PROTOCOLS\Handler\sacore" => key removed successfully
HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect_x86_64" => key removed successfully
"HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@alawar.com/npapi" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@oberon-media.com/ONCAdapter" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\adobe.com/AdobeExManDetect" => key removed successfully
C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{5B280457-4290-40c2-9441-EA647775F824}.xpi => moved successfully
C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\{5B280457-4290-40c2-9441-EA647775F824}.xpi => path removed successfully
C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\TFToolbarX@torrent-finder.xpi => moved successfully
C:\Users\DUŠAN\AppData\Roaming\Mozilla\Firefox\Profiles\6yqsu49o.default-1350254157987\extensions\TFToolbarX@torrent-finder.xpi => path removed successfully
C:\Users\DUŠAN\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik => moved successfully
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => service removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\177580EEF3.sys => moved successfully
C:\ProgramData\KGyGaAvL.sys => moved successfully
C:\Users\DUŠAN\comcat5.dll => moved successfully
"C:\Users\DUŠAN\AppData\Local\Temp" folder move:
Could not move "C:\Users\DUŠAN\AppData\Local\Temp" => Scheduled to move on reboot.
C:\ProgramData => ":gs5sys" ADS removed successfully.
"C:\Users\All Users" => ":gs5sys" ADS not found.
C:\Users\DUŠAN => ":gs5sys" ADS removed successfully.
"C:\ProgramData\Data aplikací" => ":gs5sys" ADS not found.
C:\ProgramData\Temp => ":02DD996C" ADS removed successfully.
C:\ProgramData\Temp => ":0A8E2C33" ADS removed successfully.
C:\ProgramData\Temp => ":15B79D44" ADS removed successfully.
C:\ProgramData\Temp => ":1AAB2E68" ADS removed successfully.
C:\ProgramData\Temp => ":1CE11B51" ADS removed successfully.
C:\ProgramData\Temp => ":2AF322BF" ADS removed successfully.
C:\ProgramData\Temp => ":2CB9631F" ADS removed successfully.
C:\ProgramData\Temp => ":57B2B96C" ADS removed successfully.
C:\ProgramData\Temp => ":587F3582" ADS removed successfully.
C:\ProgramData\Temp => ":6319FF34" ADS removed successfully.
C:\ProgramData\Temp => ":689AB7E9" ADS removed successfully.
C:\ProgramData\Temp => ":6DAA43DB" ADS removed successfully.
C:\ProgramData\Temp => ":73BDADA8" ADS removed successfully.
C:\ProgramData\Temp => ":774A0E14" ADS removed successfully.
C:\ProgramData\Temp => ":84C34762" ADS removed successfully.
C:\ProgramData\Temp => ":88C5973F" ADS removed successfully.
C:\ProgramData\Temp => ":943971F5" ADS removed successfully.
C:\ProgramData\Temp => ":B5977DBE" ADS removed successfully.
C:\ProgramData\Temp => ":B755D674" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
C:\ProgramData\Temp => ":ED0B32CA" ADS removed successfully.
C:\ProgramData\Temp => ":F26F5952" ADS removed successfully.
C:\ProgramData\Temp => ":F5096B56" ADS removed successfully.
C:\ProgramData\Temp => ":F84B8DB5" ADS removed successfully.
"C:\Users\DUŠAN\Data aplikací" => ":gs5sys" ADS not found.
"C:\Users\DUŠAN\Local Settings" => ":gs5sys" ADS not found.
"C:\Users\DUŠAN\Soubory cookie" => ":gs5sys" ADS not found.
"C:\Users\DUŠAN\Šablony" => ":gs5sys" ADS not found.
C:\Users\DUŠAN\Desktop\desktop.ini => ":gs5sys" ADS removed successfully.
C:\Users\DUŠAN\AppData\Local => ":gs5sys" ADS removed successfully.
C:\Users\DUŠAN\AppData\Roaming => ":gs5sys" ADS removed successfully.
"C:\Users\DUŠAN\AppData\Local\Data aplikací" => ":gs5sys" ADS not found.
"C:\Users\DUŠAN\AppData\Local\History" => ":gs5sys" ADS not found.
C:\Users\DUŠAN\Documents\desktop.ini => ":gs5sys" ADS removed successfully.
C:\Users\Public\Documents\desktop.ini => ":gs5sys" ADS removed successfully.
ResetHosts: => Error: No automatic fix found for this entry.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-12-10 10:46:59)
C:\Users\DUŠAN\AppData\Local\Temp => moved successfully
==== End of Fixlog 10:47:03 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pc
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém s pc
pc se zrychlilo a vypadá to že je stabilnější...akurat včera když jsem ho vypínal tak jsem mělo nainstalovat 29 aktualizaci nechal jsem to puštěne a do rána ce natahly jen 4 a když jsem dal vyhledat aktualizace aktualizace tak je jich tam hodně ale k dispozici mi to dava jen upgrade na windows 10 a to nechci...
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pc
Poud si to jiné aktualizace nestáhlo, je možné, že nemá co dalšího aktualizovat. Pokud v systému daná součást není, není ani co aktualizovat. Musel bych vědět, co je to konkrétně za aktualizace.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém s pc
už se mi ukazali...jsou to tyto aktualizace...viz screen
- Přílohy
-
- aktualizace.jpg (81.75 KiB) Zobrazeno 2473 x
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pc
Zkuste je nainstalovat ručně.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: problém s pc
Instaluji a vypadá to že se to zaseklo na aktualizaci pro explorer už asi 20minut se nic neděje je to prvni aktualizace.
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: problém s pc
OK. Zkuste tedy jinou.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?