Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
Ran by Roman (administrator) on RM (19-01-2016 21:47:47)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TData.com) C:\Program Files (x86)\TData\TData.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Windows\SysWOW64\UMonit64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
Failed to access process -> CNSEMAIN.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
( ) C:\Program Files (x86)\t_201601191922\201601191922\auds.exe
() C:\Program Files (x86)\t_201601191922\201601191922\tslog.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(腾讯公司) C:\Users\Roman\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\tadb.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890128 2013-04-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [UMonit64] => C:\Windows\SysWOW64\UMonit64.exe [40960 2013-03-14] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [383528 2014-05-30] (Acronis)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-28] (Power Software Ltd)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [setup] => C:\Users\Roman\AppData\Local\Temp\setup.exe /start <===== ATTENTION
HKLM-x32\...\Run: [MTview] => C:\Program Files (x86)\MTV20151125\MTView.exe [1875464 2015-11-25] (STA)
HKLM-x32\...\Run: [ QQPCTray] => C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCTRAY.EXE [355296 2016-01-19] (Tencent)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-06-13] (Atheros Communications)
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-07-27] (Samsung)
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [lsas] => C:\Program Files (x86)\t_201601191922\201601191922\lsas.exe [557184 2016-01-19] ()
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\MountPoints2: {15d1cc7e-a99c-11e5-80a7-240a64da556a} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\MountPoints2: {a98991ba-7efc-11e5-80a5-240a64da556a} - "G:\NokiaPCIA_Autorun.exe"
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QMGCShellExt64.dll [2016-01-19] (Tencent)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{88843BA3-A427-47A3-9AEE-0FC15F61312D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A8635E31-8ACE-4BED-BFD6-7CA3F4B15D30}: [DhcpNameServer] 213.151.222.34 85.237.225.250
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.hao123.com/?tn=99136537_hao_pg
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2322173282-1921665351-3622067993-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2322173282-1921665351-3622067993-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-26] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-20] (Kaspersky Lab ZAO)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSWebMon64.dat [2016-01-19] (Tencent)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-06-13] (Qualcomm®Atheros®)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-26] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-17] (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-26] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-20] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-26] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-17] (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @qq.com/QQPCMgr -> C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\npQMExtensionsMozilla.dll [2016-01-19] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-12-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-12-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-12-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-12-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-12-20] [not signed]
Chrome:
=======
CHR HomePage: Profile 21 -> hxxps://www.google.com/
CHR StartupUrls: Profile 21 -> "hxxp://www.google.sk/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 13
CHR Extension: (No Name) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15]
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21
CHR Extension: (Dokumenty Google) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-16]
CHR Extension: (Disk Google) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Gmail) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-16]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-20]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\BrowerProtect\ASC_GhromePlugin.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-20]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe [1051088 2012-12-13] (IObit)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [623936 2013-07-08] (IOBit)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-06-13] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-20] (Kaspersky Lab ZAO)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-06-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-23] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe [301728 2015-09-15] (Tencent)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TAOFrame.exe [293856 2016-01-19] (Tencent)
R2 TDataSvr; C:\Program Files (x86)\TData\TData.exe [205040 2016-01-19] (TData.com)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4377000 2015-12-11] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [48552 2015-12-11] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\WINDOWS\SysWOW64\uxtuneup.dll [42408 2015-12-11] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-06-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-06-21] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-13] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-06-13] (Qualcomm Atheros)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-20] (Disc Soft Ltd)
S3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30352 2015-09-20] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [91368 2013-03-22] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-22] (REALiX(tm))
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-26] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-01-26] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-20] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-20] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2016-01-05] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-01-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2016-01-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows (R) Win 7 DDK provider)
R1 QMUdisk; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QMUdisk64.sys [62264 2016-01-19] (Tencent)
R2 QQSysMonX64; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQSysMonX64.sys [129336 2016-01-19] (电脑管家)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-09-20] (Duplex Secure Ltd.)
R3 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [99640 2016-01-19] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2016-01-19] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2016-01-19] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TS888x64.sys [28984 2016-01-19] (Tencent)
R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\tscpm64.sys [42296 2016-01-19] (电脑管家)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSDefenseBT64.sys [28472 2016-01-19] (Tencent)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSSysKit64.sys [87352 2016-01-19] (电脑管家)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-09-15] (TuneUp Software)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-06-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-06-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-06-21] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-19 21:47 - 2016-01-19 21:47 - 00032985 _____ C:\Users\Roman\Desktop\FRST.txt
2016-01-19 21:47 - 2016-01-19 21:47 - 00000000 ____D C:\FRST
2016-01-19 21:45 - 2016-01-19 21:45 - 02370560 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2016-01-19 21:44 - 2016-01-19 21:44 - 00731136 _____ C:\Users\Roman\Downloads\avenger.exe
2016-01-19 21:44 - 2016-01-19 21:44 - 00731136 _____ C:\Users\Roman\Downloads\avenger (1).exe
2016-01-19 21:13 - 2016-01-19 21:13 - 00088822 _____ C:\Users\Roman\Downloads\[CzT]MS_office_2013_pro_Windows_x64_textove_fonty_CZ_EN_.torrent
2016-01-19 20:18 - 2016-01-19 20:40 - 00028984 _____ (Tencent) C:\WINDOWS\SysWOW64\Drivers\TS888x64.sys
2016-01-19 20:07 - 2016-01-19 20:07 - 00001214 _____ C:\dfvs.txt
2016-01-19 19:38 - 2016-01-19 19:38 - 00000000 ____D C:\ProgramData\TXQMPC
2016-01-19 19:24 - 2016-01-14 10:47 - 00128280 _____ (电脑管家) C:\WINDOWS\SysWOW64\Drivers\TsFltMgr.sys
2016-01-19 19:23 - 2016-01-19 20:24 - 00000000 ____D C:\ProgramData\Tencent
2016-01-19 19:23 - 2016-01-19 19:27 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Tencent
2016-01-19 19:23 - 2016-01-19 19:23 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel64.sys
2016-01-19 19:23 - 2016-01-19 19:23 - 00099640 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
2016-01-19 19:23 - 2016-01-19 19:23 - 00087864 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-01-19 19:22 - 2016-01-19 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ĂŔÍĽäŻŔŔ
2016-01-19 19:22 - 2016-01-19 19:22 - 00000000 ____D C:\Program Files (x86)\t_201601191922
2016-01-19 19:22 - 2016-01-19 19:22 - 00000000 ____D C:\Program Files (x86)\MTV20151125
2016-01-19 19:21 - 2016-01-19 20:05 - 00000000 ____D C:\Program Files (x86)\TData
2016-01-19 19:21 - 2016-01-19 19:21 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-01-19 00:24 - 2016-01-19 00:24 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\25EE2BEB.sys
2016-01-18 17:24 - 2016-01-18 17:24 - 00014802 _____ C:\Users\Roman\Downloads\[CzT]The_Diary_of_a_Teenage_Girl_2015_CZ_.torrent
2016-01-16 12:24 - 2016-01-19 21:16 - 00000000 ____D C:\Users\Roman\AppData\LocalLow\uTorrent
2016-01-16 12:11 - 2016-01-16 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6100 series
2016-01-16 12:11 - 2012-06-14 17:18 - 00366592 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2016-01-16 12:11 - 2012-06-14 17:18 - 00359936 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2016-01-16 12:11 - 2012-06-14 17:18 - 00039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2016-01-16 12:10 - 2016-01-16 12:10 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-01-16 12:10 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMAG.DLL
2016-01-16 12:08 - 2016-01-16 12:08 - 30862480 _____ C:\Users\Roman\Downloads\mp68-win-mg6100-1_05-ea24.exe
2016-01-16 12:07 - 2016-01-16 12:07 - 24239256 _____ C:\Users\Roman\Downloads\xp68-win-mg6100-5_56-ea24.exe
2016-01-16 08:18 - 2016-01-16 08:18 - 00013717 _____ C:\Users\Roman\Downloads\[CzT]Stazista_The_Intern_2015_CZ_.torrent
2016-01-16 08:17 - 2016-01-16 08:17 - 00018317 _____ C:\Users\Roman\Downloads\[CzT]Nebezpecne_pokuseni_Knock_Knock_2015_CZ_.torrent
2016-01-15 00:19 - 2016-01-15 00:19 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\0F816F93.sys
2016-01-14 21:43 - 2016-01-14 21:43 - 00017916 _____ C:\Users\Roman\Downloads\[CzT]Microsoft_Toolkit_2_6_Beta_1_2015_.torrent
2016-01-14 21:43 - 2016-01-14 21:43 - 00017916 _____ C:\Users\Roman\Downloads\[CzT]Microsoft_Toolkit_2_6_Beta_1_2015_ (1).torrent
2016-01-14 21:11 - 2016-01-14 21:11 - 00016173 _____ C:\Users\Roman\Downloads\[CzT]Microsoft_Toolkit_2_5_3.torrent
2016-01-14 20:48 - 2016-01-14 20:53 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Opera Software
2016-01-14 20:48 - 2016-01-14 20:53 - 00000000 ____D C:\Users\Roman\AppData\Local\Opera Software
2016-01-14 20:47 - 2016-01-14 20:56 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-14 20:41 - 2016-01-19 20:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Toolkit Final
2016-01-14 20:11 - 2016-01-14 20:11 - 00014952 _____ C:\Users\Roman\Downloads\[SkT]Microsoft_Office_2013_Professional_Plus_(CZ-SK)(x86-x64) (2).torrent
2016-01-14 20:09 - 2016-01-14 20:11 - 56171772 _____ C:\Users\Roman\Downloads\MTKV26B5.zip
2016-01-14 19:53 - 2016-01-14 19:53 - 00023272 _____ C:\Users\Roman\Downloads\[SkT]Tri_kluci_a_nemluvne_-_Baby_Daddy_-_2.serie_(CZ)[TvRip]_=_CSFD_66%.torrent
2016-01-14 19:53 - 2016-01-14 19:53 - 00014694 _____ C:\Users\Roman\Downloads\[SkT]Tri_kluci_a_nemluvne_-_Baby_Daddy_-_1.serie_(CZ)[TVRip]_=_CSFD_66%.torrent
2016-01-14 18:33 - 2016-01-14 18:33 - 00058571 _____ C:\Users\Roman\Downloads\[CzT]Lovci_netvoru_Special_Unit_2_1_a_2_serie_CZ_TvRip_.torrent
2016-01-14 16:55 - 2016-01-14 16:55 - 00016255 _____ C:\Users\Roman\Downloads\[CzT]Jak_roste_nadeje_Where_Hope_Grows_2014_CZ_.torrent
2016-01-14 16:32 - 2016-01-14 16:32 - 05858816 _____ C:\Users\Roman\Downloads\Chvilka_poezie.pps
2016-01-14 15:29 - 2016-01-14 15:29 - 00016904 _____ C:\Users\Roman\Downloads\[CzT]Drakula_Neznama_legenda_Dracula_Untold_2014_CZ_.torrent
2016-01-13 20:09 - 2016-01-13 20:09 - 00008095 _____ C:\Users\Roman\Downloads\[CzT]Malwarebytes_Anti_Malware_Premium_2_1_8_1057_CZ_SK_.torrent
2016-01-13 16:20 - 2016-01-13 16:20 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\33B432E8.sys
2016-01-12 16:51 - 2016-01-12 16:51 - 00016882 _____ C:\Users\Roman\Downloads\[CzT]Sygic_GPS_Navigace_a_Mapy_v15_6_6_Sygic_Maps_Downloader_2015_09_CZ_SK_Android_.torrent
2016-01-12 00:14 - 2016-01-12 00:14 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\6018017D.sys
2016-01-11 18:06 - 2016-01-11 18:07 - 10537067 _____ C:\Users\Roman\Downloads\QuickyBaby-Modpack-9.13-v1.zip
2016-01-11 17:22 - 2016-01-19 20:19 - 00000783 _____ C:\Users\Public\Desktop\World of Tanks.lnk
2016-01-11 17:21 - 2016-01-11 17:21 - 05124704 _____ (Wargaming.net ) C:\Users\Roman\Downloads\WoT_internet_install_eu (1).exe
2016-01-10 00:13 - 2016-01-10 00:13 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\4B3E63E5.sys
2016-01-08 18:02 - 2016-01-08 18:02 - 00016667 _____ C:\Users\Roman\Downloads\[CzT]Zlodeji_a_vyderaci_High_Heels_and_Low_Lifes_2001_CZ_.torrent
2016-01-08 17:58 - 2016-01-08 17:58 - 00052242 _____ C:\Users\Roman\Downloads\[CzT]Sberatele_kosti_Bones_10_serie_SK_TvRip_.torrent
2016-01-08 00:11 - 2016-01-08 00:11 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\3C844630.sys
2016-01-07 22:53 - 2016-01-07 22:53 - 00014552 _____ C:\Users\Roman\Downloads\[CzT]Postradatelni_agenti_The_Throwaways_2015_CZ_WebRip_.torrent
2016-01-07 14:39 - 2016-01-16 12:09 - 02342912 _____ C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
2016-01-07 10:20 - 2016-01-07 10:20 - 00013539 _____ C:\Users\Roman\Downloads\[CzT]Kuryr_Restart_Le_Transporteur_Heritage_2015_CZ_.torrent
2016-01-06 16:15 - 2016-01-06 16:15 - 00014583 _____ C:\Users\Roman\Downloads\[CzT]Mr_Holmes_2015_CZ_.torrent
2016-01-05 16:12 - 2016-01-05 16:12 - 00013665 _____ C:\Users\Roman\Downloads\[CzT]Pestunka_pre_dospelych_Babysitter_s_Black_Book_2015_SK_TvRip_.torrent
2016-01-05 15:29 - 2016-01-05 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-05 12:07 - 2016-01-05 13:43 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-05 12:07 - 2016-01-05 12:07 - 00003032 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2016-01-05 11:52 - 2015-12-11 15:33 - 00048552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\uxtuneup.dll
2016-01-05 11:52 - 2015-12-11 15:33 - 00042408 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\uxtuneup.dll
2016-01-05 11:52 - 2015-12-11 15:33 - 00037288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\authuitu.dll
2016-01-05 11:52 - 2015-12-11 15:33 - 00032680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\authuitu.dll
2016-01-03 10:53 - 2016-01-19 20:19 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-01-03 10:53 - 2016-01-19 20:19 - 00000973 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-01-03 09:25 - 2016-01-03 09:25 - 00036269 _____ C:\Users\Roman\Downloads\[CzT]A_D_The_Bible_Continues_1_serie_SK_TvRip_720p_.torrent
2016-01-03 09:23 - 2016-01-03 09:23 - 00011768 _____ C:\Users\Roman\Downloads\[CzT]Sherlock_Prizracna_nevesta_Sherlock_The_Abominable_Bride_2016_CZ_TvRip_.torrent
2016-01-02 09:26 - 2016-01-02 09:26 - 00014743 _____ C:\Users\Roman\Downloads\[CzT]Milenci_v_case_The_Lovers_2015_CZ_.torrent
2016-01-02 09:23 - 2016-01-02 09:23 - 00015137 _____ C:\Users\Roman\Downloads\[CzT]He_Who_Dares_2014_CZ_.torrent
2016-01-01 15:30 - 2016-01-01 15:30 - 00200192 _____ C:\Users\Roman\Downloads\ICEEncrypt.exe
2016-01-01 12:22 - 2016-01-01 12:22 - 00016470 _____ C:\Users\Roman\Downloads\[CzT]Pomsta_v_Parizi_Le_Jour_Attendra_2013_CZ_ (1).torrent
2016-01-01 00:51 - 2016-01-01 00:51 - 00016470 _____ C:\Users\Roman\Downloads\[CzT]Pomsta_v_Parizi_Le_Jour_Attendra_2013_CZ_.torrent
2015-12-31 19:14 - 2016-01-19 20:19 - 00000949 _____ C:\Users\Public\Desktop\Registry Finder.lnk
2015-12-31 19:14 - 2015-12-31 19:14 - 00000000 ____D C:\Users\Roman\AppData\Roaming\RegistryFinder
2015-12-31 19:14 - 2015-12-31 19:14 - 00000000 ____D C:\Users\Roman\AppData\Local\CrashRpt
2015-12-31 19:14 - 2015-12-31 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Finder
2015-12-31 19:14 - 2015-12-31 19:14 - 00000000 ____D C:\Program Files\Registry Finder
2015-12-31 19:13 - 2016-01-01 12:20 - 00000000 ____D C:\Program Files (x86)\Hide ALL IP
2015-12-31 19:08 - 2015-12-31 19:08 - 00002884 _____ C:\Users\Roman\Downloads\[CzT]Hide_All_Ip_v05_28_150528_Final_x86x64_2015_.torrent
2015-12-31 18:05 - 2015-12-31 18:06 - 00000000 ____D C:\Users\Roman\AppData\Roaming\TrueCrypt
2015-12-31 18:04 - 2016-01-19 20:19 - 00000933 _____ C:\Users\Public\Desktop\TrueCrypt.lnk
2015-12-31 18:04 - 2015-12-31 18:04 - 00064528 _____ C:\Users\Roman\Downloads\Language.cs.xml.zip
2015-12-31 18:04 - 2015-12-31 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
2015-12-31 18:01 - 2015-12-31 18:02 - 03466248 _____ (TrueCrypt Foundation) C:\Users\Roman\Downloads\TrueCrypt Setup 7.1a (2).exe
2015-12-31 17:52 - 2015-12-31 17:53 - 03466248 _____ (TrueCrypt Foundation) C:\Users\Roman\Downloads\TrueCrypt Setup 7.1a (1).exe
2015-12-31 17:44 - 2015-12-31 17:44 - 03466248 _____ (TrueCrypt Foundation) C:\Users\Roman\Downloads\TrueCrypt Setup 7.1a.exe
2015-12-31 17:43 - 2015-12-31 18:05 - 00000000 ____D C:\Program Files\TrueCrypt
2015-12-31 17:43 - 2015-12-31 18:04 - 00231376 _____ (TrueCrypt Foundation) C:\WINDOWS\system32\Drivers\truecrypt.sys
2015-12-31 17:43 - 2015-12-31 17:44 - 00002844 _____ C:\Users\Roman\Downloads\TrueCrypt-key.asc
2015-12-31 17:43 - 2015-12-31 17:43 - 00000072 _____ C:\Users\Roman\Downloads\TrueCrypt-7.2.exe.sig
2015-12-31 17:41 - 2015-12-31 17:41 - 02573392 _____ (TrueCrypt Foundation) C:\Users\Roman\Downloads\TrueCrypt-7.2.exe
2015-12-31 13:19 - 2016-01-19 19:11 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{08E1D91D-90D9-4979-BFFC-474CFE997ABE}
2015-12-31 13:18 - 2015-12-31 13:18 - 00746512 _____ (Marco Cervoni ) C:\Users\Roman\Downloads\TrueCryptPasswordPluginLicenseSetup.exe
2015-12-31 13:16 - 2015-12-31 13:17 - 01961642 _____ (idoo International LLC. ) C:\Users\Roman\Downloads\idooUSBEncryption_setup.exe
2015-12-31 08:15 - 2015-12-31 08:15 - 00027082 _____ C:\Users\Roman\Downloads\[CzT]Inteligence_Intelligence_1_serie_CZ_TvRip_.torrent
2015-12-28 12:12 - 2015-12-28 12:12 - 00013181 _____ C:\Users\Roman\Downloads\[CzT]A_Royal_Christmas_Kra_ovske_Vianoce_2014_SK_TvRip_.torrent
2015-12-28 11:09 - 2015-12-28 11:09 - 00014223 _____ C:\Users\Roman\Downloads\[CzT]Povetri_Air_2015_CZ_ (2).torrent
2015-12-28 11:06 - 2015-12-28 11:06 - 00016541 _____ C:\Users\Roman\Downloads\[CzT]Spravnej_dres_2015_CZ_TvRip_.torrent
2015-12-27 18:39 - 2015-12-27 18:40 - 30381641 _____ C:\Users\Roman\Downloads\SuperStar 2015 - I. finále - TOP 8 - Příběh nekončí.mp4
2015-12-27 15:23 - 2015-12-27 15:23 - 00011237 _____ C:\Users\Roman\Downloads\[CzT]Dela_z_Navarone_The_Guns_of_Navarone_1961_CZ_.torrent
2015-12-27 08:59 - 2015-12-27 08:59 - 00016045 _____ C:\Users\Roman\Downloads\[CzT]Hobit_Bitva_peti_armad_The_Hobbit_The_Battle_of_the_Five_Armies_2014_CZ_.torrent
2015-12-27 08:39 - 2015-12-27 08:39 - 00019675 _____ C:\Users\Roman\Downloads\[CzT]McFarland_USA_2015_CZ_ (1).torrent
2015-12-27 08:38 - 2015-12-27 08:38 - 00012161 _____ C:\Users\Roman\Downloads\[CzT]Nocni_bezec_Run_all_night_2015_CZ_ (1).torrent
2015-12-26 16:15 - 2015-12-26 16:15 - 16069263 _____ C:\Users\Roman\Downloads\x.mp4
2015-12-26 16:15 - 2015-12-26 16:15 - 16069263 _____ C:\Users\Roman\Downloads\x (1).mp4
2015-12-26 14:16 - 2015-12-26 14:16 - 00011689 _____ C:\Users\Roman\Downloads\[CzT]Svetova_invaze_Battle_Los_Angeles_2011_.torrent
2015-12-26 12:11 - 2015-12-26 12:11 - 00014740 _____ C:\Users\Roman\Downloads\[CzT]To_byl_zitra_flam_2_Hot_Tub_Time_Machine_2_2015_CZ_.torrent
2015-12-25 14:15 - 2015-12-25 14:15 - 00011685 _____ C:\Users\Roman\Downloads\[CzT]Cervena_sirena_Sir_ne_rouge_La_2002_CZ_.torrent
2015-12-24 21:33 - 2015-12-24 21:33 - 01013760 _____ C:\Users\Roman\Downloads\pozdrav.ppt
2015-12-24 16:49 - 2015-12-24 16:49 - 00018024 _____ C:\Users\Roman\Downloads\[CzT]Prizrak_Domovoy_2008_CZ_RU_.torrent
2015-12-24 16:48 - 2015-12-24 16:48 - 00016757 _____ C:\Users\Roman\Downloads\[CzT]Policajtka_Angel_Eyes_2001_CZ_.torrent
2015-12-24 09:33 - 2015-12-24 09:33 - 00011141 _____ C:\Users\Roman\Downloads\[CzT]Mission_Impossible_Narod_grazlu_Mission_Impossible_Rogue_Nation_2015_CZ_ (1).torrent
2015-12-23 11:28 - 2015-12-23 11:28 - 00018495 _____ C:\Users\Roman\Downloads\[SkT]AVG PC TuneUp 2016 16.2.1.18873 (CZ-SK).torrent
2015-12-23 11:19 - 2015-12-23 11:19 - 00002807 _____ C:\Users\Roman\Downloads\[SkT]PowerISO_6.4__Final_(x86-x64)_(2015)(CZ-SK).torrent
2015-12-23 11:16 - 2015-12-23 11:16 - 00014997 _____ C:\Users\Roman\Downloads\[SkT]Microsoft_Office_2013_Professional_Plus_(CZ-SK)(x86-x64) (1).torrent
2015-12-23 11:13 - 2015-12-23 11:13 - 00001995 _____ C:\Users\Roman\Downloads\[CzT]WinRAR_5_21_Final_x86_x64_CZ_ (1).torrent
2015-12-23 11:08 - 2015-12-23 11:08 - 00002721 _____ C:\Users\Roman\Downloads\[CzT]Your_Uninstaller_PRO_v7_5_2014_03_CZ_SK_ (2).torrent
2015-12-23 10:28 - 2015-12-23 10:28 - 00016599 _____ C:\Users\Roman\Downloads\[CzT]Clevelandsky_unos_Cleveland_Abduction_2015_CZ_.torrent
2015-12-22 17:55 - 2015-12-22 17:55 - 00015813 _____ C:\Users\Roman\Downloads\[CzT]Windows_7_ultimate_sp1_x64_MSDN_Technet (2).torrent
2015-12-22 12:30 - 2015-12-22 12:30 - 00014747 _____ C:\Users\Roman\Downloads\[CzT]RYTMUS_sidliskovy_sen_2015_SK_.torrent
2015-12-21 22:02 - 2015-12-16 15:39 - 00103032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-21 22:01 - 2015-12-16 15:53 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-12-21 22:01 - 2015-12-16 15:53 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 42977072 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 37609080 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 31061624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 24895792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 21122456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 20663816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 17561432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 17156968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 16981976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 12334200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-12-21 21:59 - 2015-12-16 18:34 - 03168376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 02755704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 01915696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00734512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00502080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00423264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00416376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00370808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-12-21 21:04 - 2015-12-09 02:51 - 00111520 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-21 17:55 - 2015-12-21 17:55 - 00024431 _____ C:\Users\Roman\Downloads\20151214092521884.pdf
2015-12-21 17:15 - 2015-12-21 17:15 - 05127564 _____ C:\Users\Roman\Downloads\O0BJY22USA.rar
2015-12-21 06:56 - 2015-12-21 06:56 - 00014522 _____ C:\Users\Roman\Downloads\[CzT]Prave_peck_Just_Peck_2009_CZ_.torrent
2015-12-21 06:53 - 2015-12-21 06:53 - 00016786 _____ C:\Users\Roman\Downloads\[CzT]Prestrelka_v_Palermu_Palermo_Shooting_2008_CZ_.torrent
2015-12-20 19:25 - 2015-12-20 19:25 - 03097664 _____ (Lenovo Group Limited ) C:\Users\Roman\Downloads\o0bjy22usa.exe
2015-12-20 08:44 - 2015-12-20 08:44 - 00011747 _____ C:\Users\Roman\Downloads\[CzT]Zacit_nanovo_Goodbye_to_All_That_2014_CZ_.torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-19 21:47 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-19 21:17 - 2013-12-18 14:44 - 00000000 ____D C:\Users\Roman\AppData\Roaming\uTorrent
2016-01-19 21:15 - 2014-09-14 16:07 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-19 21:11 - 2014-01-26 11:48 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-01-19 20:57 - 2013-12-18 12:31 - 00000950 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-19 20:55 - 2013-11-20 14:47 - 00000000 ____D C:\ProgramData\Temp
2016-01-19 20:45 - 2013-12-18 12:37 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2322173282-1921665351-3622067993-1002
2016-01-19 20:43 - 2015-06-14 16:01 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-19 20:41 - 2013-12-18 12:21 - 00000074 _____ C:\Users\Roman\AppData\Roaming\sp_data.sys
2016-01-19 20:40 - 2013-12-18 12:31 - 00000946 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-19 20:38 - 2015-06-21 13:17 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-19 20:38 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-19 20:19 - 2015-10-31 21:15 - 00001227 _____ C:\Users\Public\Desktop\Acronis Disk Director 12.lnk
2016-01-19 20:19 - 2015-10-16 12:57 - 00001139 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2016-01-19 20:19 - 2015-10-10 13:06 - 00002202 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-01-19 20:19 - 2015-10-10 13:06 - 00002190 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2016-01-19 20:19 - 2015-06-21 13:41 - 00001448 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-19 20:19 - 2015-06-21 13:28 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-19 20:19 - 2015-06-21 13:16 - 00001328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2016-01-19 20:19 - 2015-06-21 13:16 - 00001316 _____ C:\Users\Public\Desktop\AudioWizard.lnk
2016-01-19 20:19 - 2015-06-14 16:01 - 00001120 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-19 20:19 - 2015-03-15 16:22 - 00000858 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-01-19 20:19 - 2015-01-22 16:44 - 00002117 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Card.lnk
2016-01-19 20:19 - 2015-01-11 12:48 - 00001177 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2016-01-19 20:19 - 2015-01-11 12:48 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-01-19 20:19 - 2015-01-06 13:35 - 00001269 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 2014.lnk
2016-01-19 20:19 - 2015-01-05 14:16 - 00000868 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-19 20:19 - 2014-12-26 17:16 - 00001958 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2016-01-19 20:19 - 2014-12-26 17:16 - 00001956 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2016-01-19 20:19 - 2014-05-19 19:14 - 00001067 _____ C:\Users\Public\Desktop\WarThunder.lnk
2016-01-19 20:19 - 2014-04-23 19:40 - 00001885 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk
2016-01-19 20:19 - 2014-02-10 18:30 - 00002041 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2016-01-19 20:19 - 2014-01-28 12:33 - 00001224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PitchPerfect Musical Instrument Tuner.lnk
2016-01-19 20:19 - 2014-01-28 12:33 - 00001212 _____ C:\Users\Public\Desktop\PitchPerfect Musical Instrument Tuner.lnk
2016-01-19 20:19 - 2014-01-28 12:33 - 00001212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TempoPerfect Metronome Software.lnk
2016-01-19 20:19 - 2014-01-28 12:33 - 00001200 _____ C:\Users\Public\Desktop\TempoPerfect Metronome Software.lnk
2016-01-19 20:19 - 2014-01-26 11:49 - 00001331 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2016-01-19 20:19 - 2013-12-19 13:12 - 00000648 _____ C:\Users\Public\Desktop\Total Commander 64 bit.lnk
2016-01-19 20:19 - 2013-12-18 15:15 - 00000953 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-19 20:19 - 2013-12-18 13:27 - 00001013 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-01-19 20:19 - 2013-05-01 12:17 - 00001376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-01-19 20:19 - 2013-05-01 12:17 - 00001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-01-19 20:19 - 2013-05-01 12:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-01-19 20:18 - 2015-10-16 12:57 - 00001137 _____ C:\Users\Roman\Desktop\Viber.lnk
2016-01-19 20:18 - 2015-07-26 17:49 - 00000809 _____ C:\Users\Roman\Desktop\World of Warships.lnk
2016-01-19 20:18 - 2015-03-15 16:30 - 00000948 _____ C:\Users\Roman\Desktop\FlatOut2.lnk
2016-01-19 20:18 - 2014-09-15 15:04 - 00002326 _____ C:\Users\Roman\Desktop\Ochrana financí.lnk
2016-01-19 20:18 - 2014-05-26 19:28 - 00002041 _____ C:\Users\Roman\Desktop\Canon Solution Menu EX.lnk
2016-01-19 20:18 - 2014-04-23 19:40 - 00001855 _____ C:\Users\Roman\Desktop\PlanetSide 2 PSG.lnk
2016-01-19 20:18 - 2014-02-06 19:35 - 00000955 _____ C:\Users\Roman\Desktop\Find and Mount.lnk
2016-01-19 20:18 - 2014-02-06 19:16 - 00000999 _____ C:\Users\Roman\Desktop\HD Tune Pro.lnk
2016-01-19 20:18 - 2013-12-19 13:08 - 00001078 _____ C:\Users\Roman\Desktop\Your Unin-staller!.lnk
2016-01-19 20:17 - 2013-08-22 15:44 - 00489984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-19 20:08 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-19 19:24 - 2014-11-21 02:39 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-19 19:24 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-19 12:00 - 2015-06-07 12:00 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-01-19 12:00 - 2015-06-07 12:00 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-01-18 22:58 - 2013-12-18 20:03 - 00000000 ____D C:\Users\Roman\AppData\Roaming\vlc
2016-01-16 12:12 - 2014-02-10 18:27 - 00000000 ____D C:\WINDOWS\system32\STRING
2016-01-16 12:12 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-16 10:26 - 2014-02-10 18:33 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-15 15:27 - 2013-12-20 00:08 - 00724992 ___SH C:\Users\Roman\Downloads\Thumbs.db
2016-01-14 21:19 - 2014-09-14 16:09 - 00000000 ____D C:\Users\Roman\AppData\Roaming\TeamViewer
2016-01-14 21:19 - 2013-12-18 13:27 - 00000000 ____D C:\Users\Roman\AppData\Roaming\TS3Client
2016-01-14 21:14 - 2013-08-22 16:36 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-01-14 21:11 - 2013-12-18 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-14 16:36 - 2013-12-18 12:20 - 00000000 ____D C:\Users\Roman\AppData\Local\Packages
2016-01-11 17:22 - 2013-12-18 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-01-11 17:22 - 2013-12-18 12:36 - 00000000 ____D C:\Games
2016-01-11 15:17 - 2014-12-12 23:06 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Skype
2016-01-05 15:29 - 2014-12-12 23:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-05 15:29 - 2014-12-12 23:06 - 00000000 ____D C:\Users\Roman\AppData\Local\Skype
2016-01-05 15:29 - 2014-12-12 23:06 - 00000000 ____D C:\ProgramData\Skype
2016-01-05 12:07 - 2013-05-07 17:56 - 00077680 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys
2016-01-01 13:47 - 2013-12-18 14:46 - 00000000 ____D C:\Users\Roman\AppData\Local\CrashDumps
2015-12-22 12:22 - 2015-06-27 20:18 - 00000992 _____ C:\Users\Roman\Desktop\µTorrent.lnk
2015-12-21 22:02 - 2015-06-21 13:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-21 21:03 - 2014-12-20 12:42 - 00000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories =======
2013-12-24 01:49 - 2013-12-24 01:49 - 0000092 _____ () C:\Users\Roman\AppData\Roaming\Control System_Settings.ini
2013-12-18 12:21 - 2016-01-19 20:41 - 0000074 _____ () C:\Users\Roman\AppData\Roaming\sp_data.sys
2015-06-21 13:16 - 2015-06-21 13:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-05-01 12:15 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 12:15 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 12:15 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Roman\AppData\Local\Temp\dummy.exe
C:\Users\Roman\AppData\Local\Temp\mslog.dll
C:\Users\Roman\AppData\Local\Temp\Opera_NI_stable.exe
C:\Users\Roman\AppData\Local\Temp\Tinyxml2.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-12-22 22:00
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Prosím o kontrolu
- Přílohy
-
- Addition.rar
- (12.15 KiB) Staženo 82 x
Re: Prosím o kontrolu
ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
Start
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe
(腾讯公司) C:\Users\Roman\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\tadb.exe
HKLM-x32\...\Run: [setup] => C:\Users\Roman\AppData\Local\Temp\setup.exe /start <===== ATTENTION
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [lsas] => C:\Program Files (x86)\t_201601191922\201601191922\lsas.exe [557184 2016-01-19] ()
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QMGCShellExt64.dll [2016-01-19] (Tencent)
BHO: 电脑管家网页防火墙 -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSWebMon64.dat [2016-01-19] (Tencent)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe [301728 2015-09-15] (Tencent)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TAOFrame.exe [293856 2016-01-19] (Tencent)
R3 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [99640 2016-01-19] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2016-01-19] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2016-01-19] (电脑管家)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TS888x64.sys [28984 2016-01-19] (Tencent)
R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\tscpm64.sys [42296 2016-01-19] (电脑管家)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSDefenseBT64.sys [28472 2016-01-19] (Tencent)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSSysKit64.sys [87352 2016-01-19] (电脑管家)
2016-01-19 19:38 - 2016-01-19 19:38 - 00000000 ____D C:\ProgramData\TXQMPC
2016-01-19 19:24 - 2016-01-14 10:47 - 00128280 _____ (电脑管家) C:\WINDOWS\SysWOW64\Drivers\TsFltMgr.sys
2016-01-19 19:23 - 2016-01-19 20:24 - 00000000 ____D C:\ProgramData\Tencent
2016-01-19 19:23 - 2016-01-19 19:27 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Tencent
2016-01-19 19:23 - 2016-01-19 19:23 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel64.sys
2016-01-19 19:23 - 2016-01-19 19:23 - 00099640 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
2016-01-19 19:23 - 2016-01-19 19:23 - 00087864 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-01-19 19:22 - 2016-01-19 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ĂŔÍĽäŻŔŔ
2013-05-01 12:15 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 12:15 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 12:15 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
EmptyTemp:
Reboot:
End
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txtFRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu
ďakujem za pomoc, vyhadzujú sa mi na ploche stále čínske znaky
tu je log
Fix result of Farbar Recovery Scan Tool (x64) Version:18-01-2016
Ran by Roman (2016-01-20 15:29:32) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe
(????) C:\Users\Roman\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\tadb.exe
HKLM-x32\...\Run: [setup] => C:\Users\Roman\AppData\Local\Temp\setup.exe /start <===== ATTENTION
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [lsas] => C:\Program Files (x86)\t_201601191922\201601191922\lsas.exe [557184 2016-01-19] ()
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QMGCShellExt64.dll [2016-01-19] (Tencent)
BHO: ????????? -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSWebMon64.dat [2016-01-19] (Tencent)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe [301728 2015-09-15] (Tencent)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TAOFrame.exe [293856 2016-01-19] (Tencent)
R3 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [99640 2016-01-19] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2016-01-19] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2016-01-19] (????)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TS888x64.sys [28984 2016-01-19] (Tencent)
R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\tscpm64.sys [42296 2016-01-19] (????)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSDefenseBT64.sys [28472 2016-01-19] (Tencent)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSSysKit64.sys [87352 2016-01-19] (????)
2016-01-19 19:38 - 2016-01-19 19:38 - 00000000 ____D C:\ProgramData\TXQMPC
2016-01-19 19:24 - 2016-01-14 10:47 - 00128280 _____ (????) C:\WINDOWS\SysWOW64\Drivers\TsFltMgr.sys
2016-01-19 19:23 - 2016-01-19 20:24 - 00000000 ____D C:\ProgramData\Tencent
2016-01-19 19:23 - 2016-01-19 19:27 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Tencent
2016-01-19 19:23 - 2016-01-19 19:23 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel64.sys
2016-01-19 19:23 - 2016-01-19 19:23 - 00099640 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
2016-01-19 19:23 - 2016-01-19 19:23 - 00087864 _____ (????) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-01-19 19:22 - 2016-01-19 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ĂŔÍĽäŻŔŔ
2013-05-01 12:15 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 12:15 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 12:15 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
EmptyTemp:
Reboot:
End
*****************
[1044] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe => process closed successfully.
[1124] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe => process closed successfully.
C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe => Could not close process
C:\Users\Roman\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\tadb.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\setup => value removed successfully
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\Software\Microsoft\Windows\CurrentVersion\Run\\lsas => value removed successfully
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare Ultimate => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon" => key removed successfully
"HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => key removed successfully
"HKCR\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => key removed successfully
QQPCRTP => Unable to stop service.
QQPCRTP => service could not remove
TAOFrame => service removed successfully
TAOAccelerator => Unable to stop service.
TAOAccelerator => service removed successfully
TAOKernelDriver => Unable to stop service.
TAOKernelDriver => service removed successfully
TFsFlt => Unable to stop service.
TFsFlt => service could not remove
TS888x64 => Unable to stop service.
TS888x64 => service removed successfully
TSCPM => Unable to stop service.
TSCPM => service removed successfully
TSDefenseBt => service removed successfully
TSSysKit => Unable to stop service.
TSSysKit => service could not remove
C:\ProgramData\TXQMPC => moved successfully
C:\WINDOWS\SysWOW64\Drivers\TsFltMgr.sys => moved successfully
"C:\ProgramData\Tencent" folder move:
Could not move "C:\ProgramData\Tencent" => Scheduled to move on reboot.
C:\Users\Roman\AppData\Roaming\Tencent => moved successfully
C:\WINDOWS\system32\Drivers\TAOKernel64.sys => moved successfully
C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys => moved successfully
Could not move "C:\WINDOWS\system32\Drivers\TFsFltX64.sys" => Scheduled to move on reboot.
=========== "C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" ==========
not found
========= End -> "C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" ========
"C:\Program Files\Common Files\Tencent" folder move:
Could not move "C:\Program Files\Common Files\Tencent" => Scheduled to move on reboot.
tu je log
Fix result of Farbar Recovery Scan Tool (x64) Version:18-01-2016
Ran by Roman (2016-01-20 15:29:32) Run:1
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(Tencent) C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe
(????) C:\Users\Roman\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\tadb.exe
HKLM-x32\...\Run: [setup] => C:\Users\Roman\AppData\Local\Temp\setup.exe /start <===== ATTENTION
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [lsas] => C:\Program Files (x86)\t_201601191922\201601191922\lsas.exe [557184 2016-01-19] ()
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [Advanced SystemCare Ultimate] => "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCTray.exe" /AutoStart
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QMGCShellExt64.dll [2016-01-19] (Tencent)
BHO: ????????? -> {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -> C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSWebMon64.dat [2016-01-19] (Tencent)
R2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe [301728 2015-09-15] (Tencent)
S3 TAOFrame; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TAOFrame.exe [293856 2016-01-19] (Tencent)
R3 TAOAccelerator; C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys [99640 2016-01-19] (Tencent)
R1 TAOKernelDriver; C:\Windows\System32\Drivers\TAOKernel64.sys [174392 2016-01-19] (Tencent Technology(Shenzhen) Company Limited)
R3 TFsFlt; C:\Windows\System32\Drivers\TFsFltX64.sys [87864 2016-01-19] (????)
R3 TS888x64; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TS888x64.sys [28984 2016-01-19] (Tencent)
R1 TSCPM; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\tscpm64.sys [42296 2016-01-19] (????)
S1 TSDefenseBt; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSDefenseBT64.sys [28472 2016-01-19] (Tencent)
R1 TSSysKit; C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSSysKit64.sys [87352 2016-01-19] (????)
2016-01-19 19:38 - 2016-01-19 19:38 - 00000000 ____D C:\ProgramData\TXQMPC
2016-01-19 19:24 - 2016-01-14 10:47 - 00128280 _____ (????) C:\WINDOWS\SysWOW64\Drivers\TsFltMgr.sys
2016-01-19 19:23 - 2016-01-19 20:24 - 00000000 ____D C:\ProgramData\Tencent
2016-01-19 19:23 - 2016-01-19 19:27 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Tencent
2016-01-19 19:23 - 2016-01-19 19:23 - 00174392 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernel64.sys
2016-01-19 19:23 - 2016-01-19 19:23 - 00099640 _____ (Tencent) C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys
2016-01-19 19:23 - 2016-01-19 19:23 - 00087864 _____ (????) C:\WINDOWS\system32\Drivers\TFsFltX64.sys
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files\Common Files\Tencent
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-01-19 19:22 - 2016-01-19 19:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ĂŔÍĽäŻŔŔ
2013-05-01 12:15 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 12:15 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 12:15 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
EmptyTemp:
Reboot:
End
*****************
[1044] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe => process closed successfully.
[1124] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe => process closed successfully.
C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\QQPCRTP.exe => Could not close process
C:\Users\Roman\AppData\Roaming\Tencent\AndroidServer\1.0.0.485\tadb.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\setup => value removed successfully
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\Software\Microsoft\Windows\CurrentVersion\Run\\lsas => value removed successfully
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\Software\Microsoft\Windows\CurrentVersion\Run\\Advanced SystemCare Ultimate => value removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon" => key removed successfully
"HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => key removed successfully
"HKCR\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}" => key removed successfully
QQPCRTP => Unable to stop service.
QQPCRTP => service could not remove
TAOFrame => service removed successfully
TAOAccelerator => Unable to stop service.
TAOAccelerator => service removed successfully
TAOKernelDriver => Unable to stop service.
TAOKernelDriver => service removed successfully
TFsFlt => Unable to stop service.
TFsFlt => service could not remove
TS888x64 => Unable to stop service.
TS888x64 => service removed successfully
TSCPM => Unable to stop service.
TSCPM => service removed successfully
TSDefenseBt => service removed successfully
TSSysKit => Unable to stop service.
TSSysKit => service could not remove
C:\ProgramData\TXQMPC => moved successfully
C:\WINDOWS\SysWOW64\Drivers\TsFltMgr.sys => moved successfully
"C:\ProgramData\Tencent" folder move:
Could not move "C:\ProgramData\Tencent" => Scheduled to move on reboot.
C:\Users\Roman\AppData\Roaming\Tencent => moved successfully
C:\WINDOWS\system32\Drivers\TAOKernel64.sys => moved successfully
C:\WINDOWS\system32\Drivers\TAOAccelerator64.sys => moved successfully
Could not move "C:\WINDOWS\system32\Drivers\TFsFltX64.sys" => Scheduled to move on reboot.
=========== "C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" ==========
not found
========= End -> "C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????" ========
"C:\Program Files\Common Files\Tencent" folder move:
Could not move "C:\Program Files\Common Files\Tencent" => Scheduled to move on reboot.
Re: Prosím o kontrolu
1.restartoval si PC?
2.vycisti pc s mbam
2.vycisti pc s mbam
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu
reštartoval a vyčistil som ešte včera nič nenašiel, spustil som to zase
v prílohe posielam spustené procesy, je tam niečo v čínskych znakoch a tých 43% v pravo dole som tam do teraz nemal, a občas tam vyskočí aj taká tabuľka v čínštine
ďakujem za ochotu a čas
v prílohe posielam spustené procesy, je tam niečo v čínskych znakoch a tých 43% v pravo dole som tam do teraz nemal, a občas tam vyskočí aj taká tabuľka v čínštine
ďakujem za ochotu a čas
- Přílohy
-
- spustené procesy1.jpg (77.71 KiB) Zobrazeno 2334 x
Re: Prosím o kontrolu
teraz som to vyčistil s ADWCleaner a zmizlo to, už to nieje ani v procesoch, snáď už je to v poriadku
Re: Prosím o kontrolu
Vycisti pc s CCleanerom hlavne registre
Vloz oba logy FRST - zajtra to pozriem
Vloz oba logy FRST - zajtra to pozriem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu
ďakujem pekne
tu je log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
Ran by Roman (administrator) on RM (20-01-2016 19:40:48)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
() C:\Windows\SysWOW64\UMonit64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
Failed to access process -> CNSEMAIN.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(VideoLAN) C:\Program Files (x86)\VLC\vlc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890128 2013-04-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [UMonit64] => C:\Windows\SysWOW64\UMonit64.exe [40960 2013-03-14] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [383528 2014-05-30] (Acronis)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-28] (Power Software Ltd)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1139112 2015-12-08] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-06-13] (Atheros Communications)
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-07-27] (Samsung)
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\MountPoints2: {15d1cc7e-a99c-11e5-80a7-240a64da556a} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\MountPoints2: {a98991ba-7efc-11e5-80a5-240a64da556a} - "G:\NokiaPCIA_Autorun.exe"
IFEO\asusvibelauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\asuswspanel.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.151.222.34 85.237.225.250
Tcpip\..\Interfaces\{88843BA3-A427-47A3-9AEE-0FC15F61312D}: [DhcpNameServer] 213.151.222.34 85.237.225.250
Tcpip\..\Interfaces\{A8635E31-8ACE-4BED-BFD6-7CA3F4B15D30}: [DhcpNameServer] 213.151.222.34 85.237.225.250
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2322173282-1921665351-3622067993-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2322173282-1921665351-3622067993-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-26] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-20] (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-06-13] (Qualcomm®Atheros®)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-26] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-17] (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-26] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-20] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-26] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-17] (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-12-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-12-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-12-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-12-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-12-20] [not signed]
Chrome:
=======
CHR HomePage: Profile 21 -> hxxps://www.google.com/
CHR StartupUrls: Profile 21 -> "hxxp://www.google.sk/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 13
CHR Extension: (No Name) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15]
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21
CHR Extension: (Dokumenty Google) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-16]
CHR Extension: (Disk Google) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Gmail) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-16]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-20]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-20]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe [1051088 2012-12-13] (IObit)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [623936 2013-07-08] (IOBit)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-06-13] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1049000 2015-12-08] (AVG Technologies CZ, s.r.o.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-20] (Kaspersky Lab ZAO)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-06-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-23] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4377000 2015-12-11] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-06-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-06-21] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-13] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-06-13] (Qualcomm Atheros)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-20] (Disc Soft Ltd)
S3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30352 2015-09-20] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [91368 2013-03-22] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-22] (REALiX(tm))
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-26] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-01-26] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-20] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-20] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2016-01-05] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-01-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2016-01-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows (R) Win 7 DDK provider)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-09-20] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-12-11] (TuneUp Software)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-06-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-06-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-06-21] (Microsoft Corporation)
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSDefenseBT64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-20 19:40 - 2016-01-20 19:41 - 00029053 _____ C:\Users\Roman\Desktop\FRST.txt
2016-01-20 19:40 - 2016-01-20 19:40 - 00000341 _____ C:\Users\Roman\Desktop\Fixlog.txt
2016-01-20 19:39 - 2016-01-20 19:40 - 00000000 ____D C:\Users\Roman\AppData\Local\Sony Online Entertainment
2016-01-20 19:37 - 2016-01-20 19:37 - 00002778 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-01-20 19:37 - 2016-01-20 19:37 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-20 19:37 - 2016-01-20 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-20 19:36 - 2016-01-20 19:36 - 06805440 _____ (Piriform Ltd) C:\Users\Roman\Downloads\ccsetup513.exe
2016-01-20 19:29 - 2016-01-20 19:29 - 00016591 _____ C:\Users\Roman\Downloads\[CzT]Cena_moci_The_Runner_2015_CZ_.torrent
2016-01-20 18:42 - 2016-01-20 18:42 - 00002286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-01-20 18:42 - 2016-01-20 18:42 - 00002274 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2016-01-20 18:42 - 2016-01-20 18:42 - 00000000 ____D C:\Users\Roman\AppData\Roaming\AVG
2016-01-20 18:42 - 2015-12-11 15:39 - 00046504 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2016-01-20 18:42 - 2015-12-11 15:33 - 00037288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\authuitu.dll
2016-01-20 18:42 - 2015-12-11 15:33 - 00032680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\authuitu.dll
2016-01-20 18:41 - 2016-01-20 18:42 - 00000000 ____D C:\Users\Roman\AppData\Local\AvgSetupLog
2016-01-20 18:41 - 2016-01-20 18:42 - 00000000 ____D C:\ProgramData\Avg
2016-01-20 18:36 - 2016-01-20 18:36 - 00000543 _____ C:\cleanup.bat
2016-01-20 18:33 - 2016-01-20 18:34 - 00000000 ____D C:\AVG_Remover
2016-01-20 18:33 - 2016-01-20 18:33 - 07814344 _____ ( ) C:\Users\Roman\Downloads\AVG_Remover.exe
2016-01-20 18:21 - 2016-01-20 18:22 - 00247426 _____ C:\TDSSKiller.3.1.0.9_20.01.2016_18.21.39_log.txt
2016-01-20 18:20 - 2016-01-20 18:21 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Roman\Downloads\tdsskiller.exe
2016-01-20 18:10 - 2016-01-20 18:10 - 00000000 ____D C:\ProgramData\TXQMPC
2016-01-20 18:07 - 2016-01-20 18:09 - 00000000 ____D C:\AdwCleaner
2016-01-20 18:07 - 2016-01-20 18:07 - 01505280 _____ C:\Users\Roman\Downloads\adwcleaner_5.030.exe
2016-01-20 15:33 - 2016-01-20 18:10 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Tencent
2016-01-19 21:47 - 2016-01-20 19:40 - 00000000 ____D C:\FRST
2016-01-19 21:45 - 2016-01-19 21:45 - 02370560 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2016-01-19 21:44 - 2016-01-19 21:44 - 00731136 _____ C:\Users\Roman\Downloads\avenger (1).exe
2016-01-19 21:13 - 2016-01-19 21:13 - 00088822 _____ C:\Users\Roman\Downloads\[CzT]MS_office_2013_pro_Windows_x64_textove_fonty_CZ_EN_.torrent
2016-01-19 20:07 - 2016-01-19 20:07 - 00001214 _____ C:\dfvs.txt
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-01-19 19:22 - 2016-01-19 19:22 - 00000000 ____D C:\Program Files (x86)\t_201601191922
2016-01-19 19:21 - 2016-01-19 20:05 - 00000000 ____D C:\Program Files (x86)\TData
2016-01-19 19:21 - 2016-01-19 19:21 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-01-19 00:24 - 2016-01-19 00:24 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\25EE2BEB.sys
2016-01-18 17:24 - 2016-01-18 17:24 - 00014802 _____ C:\Users\Roman\Downloads\[CzT]The_Diary_of_a_Teenage_Girl_2015_CZ_.torrent
2016-01-16 12:24 - 2016-01-20 19:37 - 00000000 ____D C:\Users\Roman\AppData\LocalLow\uTorrent
2016-01-16 12:11 - 2016-01-16 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6100 series
2016-01-16 12:11 - 2012-06-14 17:18 - 00366592 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2016-01-16 12:11 - 2012-06-14 17:18 - 00359936 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2016-01-16 12:11 - 2012-06-14 17:18 - 00039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2016-01-16 12:10 - 2016-01-16 12:10 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-01-16 12:10 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMAG.DLL
2016-01-16 12:08 - 2016-01-16 12:08 - 30862480 _____ C:\Users\Roman\Downloads\mp68-win-mg6100-1_05-ea24.exe
2016-01-16 12:07 - 2016-01-16 12:07 - 24239256 _____ C:\Users\Roman\Downloads\xp68-win-mg6100-5_56-ea24.exe
2016-01-16 08:18 - 2016-01-16 08:18 - 00013717 _____ C:\Users\Roman\Downloads\[CzT]Stazista_The_Intern_2015_CZ_.torrent
2016-01-16 08:17 - 2016-01-16 08:17 - 00018317 _____ C:\Users\Roman\Downloads\[CzT]Nebezpecne_pokuseni_Knock_Knock_2015_CZ_.torrent
2016-01-15 00:19 - 2016-01-15 00:19 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\0F816F93.sys
2016-01-14 21:43 - 2016-01-14 21:43 - 00017916 _____ C:\Users\Roman\Downloads\[CzT]Microsoft_Toolkit_2_6_Beta_1_2015_.torrent
2016-01-14 21:43 - 2016-01-14 21:43 - 00017916 _____ C:\Users\Roman\Downloads\[CzT]Microsoft_Toolkit_2_6_Beta_1_2015_ (1).torrent
2016-01-14 21:11 - 2016-01-14 21:11 - 00016173 _____ C:\Users\Roman\Downloads\[CzT]Microsoft_Toolkit_2_5_3.torrent
2016-01-14 20:48 - 2016-01-14 20:53 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Opera Software
2016-01-14 20:48 - 2016-01-14 20:53 - 00000000 ____D C:\Users\Roman\AppData\Local\Opera Software
2016-01-14 20:47 - 2016-01-14 20:56 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-14 20:41 - 2016-01-19 20:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Toolkit Final
2016-01-14 20:11 - 2016-01-14 20:11 - 00014952 _____ C:\Users\Roman\Downloads\[SkT]Microsoft_Office_2013_Professional_Plus_(CZ-SK)(x86-x64) (2).torrent
2016-01-14 20:09 - 2016-01-14 20:11 - 56171772 _____ C:\Users\Roman\Downloads\MTKV26B5.zip
2016-01-14 19:53 - 2016-01-14 19:53 - 00023272 _____ C:\Users\Roman\Downloads\[SkT]Tri_kluci_a_nemluvne_-_Baby_Daddy_-_2.serie_(CZ)[TvRip]_=_CSFD_66%.torrent
2016-01-14 19:53 - 2016-01-14 19:53 - 00014694 _____ C:\Users\Roman\Downloads\[SkT]Tri_kluci_a_nemluvne_-_Baby_Daddy_-_1.serie_(CZ)[TVRip]_=_CSFD_66%.torrent
2016-01-14 18:33 - 2016-01-14 18:33 - 00058571 _____ C:\Users\Roman\Downloads\[CzT]Lovci_netvoru_Special_Unit_2_1_a_2_serie_CZ_TvRip_.torrent
2016-01-14 16:55 - 2016-01-14 16:55 - 00016255 _____ C:\Users\Roman\Downloads\[CzT]Jak_roste_nadeje_Where_Hope_Grows_2014_CZ_.torrent
2016-01-14 16:32 - 2016-01-14 16:32 - 05858816 _____ C:\Users\Roman\Downloads\Chvilka_poezie.pps
2016-01-14 15:29 - 2016-01-14 15:29 - 00016904 _____ C:\Users\Roman\Downloads\[CzT]Drakula_Neznama_legenda_Dracula_Untold_2014_CZ_.torrent
2016-01-13 20:09 - 2016-01-13 20:09 - 00008095 _____ C:\Users\Roman\Downloads\[CzT]Malwarebytes_Anti_Malware_Premium_2_1_8_1057_CZ_SK_.torrent
2016-01-13 16:20 - 2016-01-13 16:20 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\33B432E8.sys
2016-01-12 16:51 - 2016-01-12 16:51 - 00016882 _____ C:\Users\Roman\Downloads\[CzT]Sygic_GPS_Navigace_a_Mapy_v15_6_6_Sygic_Maps_Downloader_2015_09_CZ_SK_Android_.torrent
2016-01-12 00:14 - 2016-01-12 00:14 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\6018017D.sys
2016-01-11 18:06 - 2016-01-11 18:07 - 10537067 _____ C:\Users\Roman\Downloads\QuickyBaby-Modpack-9.13-v1.zip
2016-01-11 17:22 - 2016-01-19 20:19 - 00000783 _____ C:\Users\Public\Desktop\World of Tanks.lnk
2016-01-11 17:21 - 2016-01-11 17:21 - 05124704 _____ (Wargaming.net ) C:\Users\Roman\Downloads\WoT_internet_install_eu (1).exe
2016-01-10 00:13 - 2016-01-10 00:13 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\4B3E63E5.sys
2016-01-08 18:02 - 2016-01-08 18:02 - 00016667 _____ C:\Users\Roman\Downloads\[CzT]Zlodeji_a_vyderaci_High_Heels_and_Low_Lifes_2001_CZ_.torrent
2016-01-08 17:58 - 2016-01-08 17:58 - 00052242 _____ C:\Users\Roman\Downloads\[CzT]Sberatele_kosti_Bones_10_serie_SK_TvRip_.torrent
2016-01-08 00:11 - 2016-01-08 00:11 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\3C844630.sys
2016-01-07 22:53 - 2016-01-07 22:53 - 00014552 _____ C:\Users\Roman\Downloads\[CzT]Postradatelni_agenti_The_Throwaways_2015_CZ_WebRip_.torrent
2016-01-07 14:39 - 2016-01-16 12:09 - 02342912 _____ C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
2016-01-07 10:20 - 2016-01-07 10:20 - 00013539 _____ C:\Users\Roman\Downloads\[CzT]Kuryr_Restart_Le_Transporteur_Heritage_2015_CZ_.torrent
2016-01-06 16:15 - 2016-01-06 16:15 - 00014583 _____ C:\Users\Roman\Downloads\[CzT]Mr_Holmes_2015_CZ_.torrent
2016-01-05 16:12 - 2016-01-05 16:12 - 00013665 _____ C:\Users\Roman\Downloads\[CzT]Pestunka_pre_dospelych_Babysitter_s_Black_Book_2015_SK_TvRip_.torrent
2016-01-05 15:29 - 2016-01-05 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-05 12:07 - 2016-01-05 13:43 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-05 12:07 - 2016-01-05 12:07 - 00003032 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2016-01-03 10:53 - 2016-01-19 20:19 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-01-03 10:53 - 2016-01-19 20:19 - 00000973 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-01-03 09:25 - 2016-01-03 09:25 - 00036269 _____ C:\Users\Roman\Downloads\[CzT]A_D_The_Bible_Continues_1_serie_SK_TvRip_720p_.torrent
2016-01-03 09:23 - 2016-01-03 09:23 - 00011768 _____ C:\Users\Roman\Downloads\[CzT]Sherlock_Prizracna_nevesta_Sherlock_The_Abominable_Bride_2016_CZ_TvRip_.torrent
2016-01-02 09:26 - 2016-01-02 09:26 - 00014743 _____ C:\Users\Roman\Downloads\[CzT]Milenci_v_case_The_Lovers_2015_CZ_.torrent
2016-01-02 09:23 - 2016-01-02 09:23 - 00015137 _____ C:\Users\Roman\Downloads\[CzT]He_Who_Dares_2014_CZ_.torrent
2016-01-01 15:30 - 2016-01-01 15:30 - 00200192 _____ C:\Users\Roman\Downloads\ICEEncrypt.exe
2016-01-01 12:22 - 2016-01-01 12:22 - 00016470 _____ C:\Users\Roman\Downloads\[CzT]Pomsta_v_Parizi_Le_Jour_Attendra_2013_CZ_ (1).torrent
2016-01-01 00:51 - 2016-01-01 00:51 - 00016470 _____ C:\Users\Roman\Downloads\[CzT]Pomsta_v_Parizi_Le_Jour_Attendra_2013_CZ_.torrent
2015-12-31 19:14 - 2016-01-19 20:19 - 00000949 _____ C:\Users\Public\Desktop\Registry Finder.lnk
2015-12-31 19:14 - 2015-12-31 19:14 - 00000000 ____D C:\Users\Roman\AppData\Roaming\RegistryFinder
2015-12-31 19:14 - 2015-12-31 19:14 - 00000000 ____D C:\Users\Roman\AppData\Local\CrashRpt
2015-12-31 19:14 - 2015-12-31 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Finder
2015-12-31 19:14 - 2015-12-31 19:14 - 00000000 ____D C:\Program Files\Registry Finder
2015-12-31 19:13 - 2016-01-01 12:20 - 00000000 ____D C:\Program Files (x86)\Hide ALL IP
2015-12-31 19:08 - 2015-12-31 19:08 - 00002884 _____ C:\Users\Roman\Downloads\[CzT]Hide_All_Ip_v05_28_150528_Final_x86x64_2015_.torrent
2015-12-31 18:05 - 2015-12-31 18:06 - 00000000 ____D C:\Users\Roman\AppData\Roaming\TrueCrypt
2015-12-31 18:04 - 2016-01-19 20:19 - 00000933 _____ C:\Users\Public\Desktop\TrueCrypt.lnk
2015-12-31 18:04 - 2015-12-31 18:04 - 00064528 _____ C:\Users\Roman\Downloads\Language.cs.xml.zip
2015-12-31 18:04 - 2015-12-31 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
2015-12-31 18:01 - 2015-12-31 18:02 - 03466248 _____ (TrueCrypt Foundation) C:\Users\Roman\Downloads\TrueCrypt Setup 7.1a (2).exe
2015-12-31 17:43 - 2015-12-31 18:05 - 00000000 ____D C:\Program Files\TrueCrypt
2015-12-31 17:43 - 2015-12-31 18:04 - 00231376 _____ (TrueCrypt Foundation) C:\WINDOWS\system32\Drivers\truecrypt.sys
2015-12-31 17:43 - 2015-12-31 17:44 - 00002844 _____ C:\Users\Roman\Downloads\TrueCrypt-key.asc
2015-12-31 17:43 - 2015-12-31 17:43 - 00000072 _____ C:\Users\Roman\Downloads\TrueCrypt-7.2.exe.sig
2015-12-31 17:41 - 2015-12-31 17:41 - 02573392 _____ (TrueCrypt Foundation) C:\Users\Roman\Downloads\TrueCrypt-7.2.exe
2015-12-31 13:19 - 2016-01-20 15:35 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{08E1D91D-90D9-4979-BFFC-474CFE997ABE}
2015-12-31 13:18 - 2015-12-31 13:18 - 00746512 _____ (Marco Cervoni ) C:\Users\Roman\Downloads\TrueCryptPasswordPluginLicenseSetup.exe
2015-12-31 13:16 - 2015-12-31 13:17 - 01961642 _____ (idoo International LLC. ) C:\Users\Roman\Downloads\idooUSBEncryption_setup.exe
2015-12-31 08:15 - 2015-12-31 08:15 - 00027082 _____ C:\Users\Roman\Downloads\[CzT]Inteligence_Intelligence_1_serie_CZ_TvRip_.torrent
2015-12-28 12:12 - 2015-12-28 12:12 - 00013181 _____ C:\Users\Roman\Downloads\[CzT]A_Royal_Christmas_Kra_ovske_Vianoce_2014_SK_TvRip_.torrent
2015-12-28 11:09 - 2015-12-28 11:09 - 00014223 _____ C:\Users\Roman\Downloads\[CzT]Povetri_Air_2015_CZ_ (2).torrent
2015-12-28 11:06 - 2015-12-28 11:06 - 00016541 _____ C:\Users\Roman\Downloads\[CzT]Spravnej_dres_2015_CZ_TvRip_.torrent
2015-12-27 18:39 - 2015-12-27 18:40 - 30381641 _____ C:\Users\Roman\Downloads\SuperStar 2015 - I. finále - TOP 8 - Příběh nekončí.mp4
2015-12-27 15:23 - 2015-12-27 15:23 - 00011237 _____ C:\Users\Roman\Downloads\[CzT]Dela_z_Navarone_The_Guns_of_Navarone_1961_CZ_.torrent
2015-12-27 08:59 - 2015-12-27 08:59 - 00016045 _____ C:\Users\Roman\Downloads\[CzT]Hobit_Bitva_peti_armad_The_Hobbit_The_Battle_of_the_Five_Armies_2014_CZ_.torrent
2015-12-27 08:39 - 2015-12-27 08:39 - 00019675 _____ C:\Users\Roman\Downloads\[CzT]McFarland_USA_2015_CZ_ (1).torrent
2015-12-27 08:38 - 2015-12-27 08:38 - 00012161 _____ C:\Users\Roman\Downloads\[CzT]Nocni_bezec_Run_all_night_2015_CZ_ (1).torrent
2015-12-26 16:15 - 2015-12-26 16:15 - 16069263 _____ C:\Users\Roman\Downloads\x (1).mp4
2015-12-26 14:16 - 2015-12-26 14:16 - 00011689 _____ C:\Users\Roman\Downloads\[CzT]Svetova_invaze_Battle_Los_Angeles_2011_.torrent
2015-12-26 12:11 - 2015-12-26 12:11 - 00014740 _____ C:\Users\Roman\Downloads\[CzT]To_byl_zitra_flam_2_Hot_Tub_Time_Machine_2_2015_CZ_.torrent
2015-12-25 14:15 - 2015-12-25 14:15 - 00011685 _____ C:\Users\Roman\Downloads\[CzT]Cervena_sirena_Sir_ne_rouge_La_2002_CZ_.torrent
2015-12-24 21:33 - 2015-12-24 21:33 - 01013760 _____ C:\Users\Roman\Downloads\pozdrav.ppt
2015-12-24 16:49 - 2015-12-24 16:49 - 00018024 _____ C:\Users\Roman\Downloads\[CzT]Prizrak_Domovoy_2008_CZ_RU_.torrent
2015-12-24 16:48 - 2015-12-24 16:48 - 00016757 _____ C:\Users\Roman\Downloads\[CzT]Policajtka_Angel_Eyes_2001_CZ_.torrent
2015-12-24 09:33 - 2015-12-24 09:33 - 00011141 _____ C:\Users\Roman\Downloads\[CzT]Mission_Impossible_Narod_grazlu_Mission_Impossible_Rogue_Nation_2015_CZ_ (1).torrent
2015-12-23 11:28 - 2015-12-23 11:28 - 00018495 _____ C:\Users\Roman\Downloads\[SkT]AVG PC TuneUp 2016 16.2.1.18873 (CZ-SK).torrent
2015-12-23 11:19 - 2015-12-23 11:19 - 00002807 _____ C:\Users\Roman\Downloads\[SkT]PowerISO_6.4__Final_(x86-x64)_(2015)(CZ-SK).torrent
2015-12-23 11:16 - 2015-12-23 11:16 - 00014997 _____ C:\Users\Roman\Downloads\[SkT]Microsoft_Office_2013_Professional_Plus_(CZ-SK)(x86-x64) (1).torrent
2015-12-23 11:13 - 2015-12-23 11:13 - 00001995 _____ C:\Users\Roman\Downloads\[CzT]WinRAR_5_21_Final_x86_x64_CZ_ (1).torrent
2015-12-23 11:08 - 2015-12-23 11:08 - 00002721 _____ C:\Users\Roman\Downloads\[CzT]Your_Uninstaller_PRO_v7_5_2014_03_CZ_SK_ (2).torrent
2015-12-23 10:28 - 2015-12-23 10:28 - 00016599 _____ C:\Users\Roman\Downloads\[CzT]Clevelandsky_unos_Cleveland_Abduction_2015_CZ_.torrent
2015-12-22 17:55 - 2015-12-22 17:55 - 00015813 _____ C:\Users\Roman\Downloads\[CzT]Windows_7_ultimate_sp1_x64_MSDN_Technet (2).torrent
2015-12-22 12:30 - 2015-12-22 12:30 - 00014747 _____ C:\Users\Roman\Downloads\[CzT]RYTMUS_sidliskovy_sen_2015_SK_.torrent
2015-12-21 22:02 - 2015-12-16 15:39 - 00103032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-21 22:01 - 2015-12-16 15:53 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-12-21 22:01 - 2015-12-16 15:53 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 42977072 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 37609080 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 31061624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 24895792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 21122456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 20663816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 17561432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 17156968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 16981976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 12334200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-12-21 21:59 - 2015-12-16 18:34 - 03168376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 02755704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 01915696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00734512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00502080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00423264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00416376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00370808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-12-21 21:04 - 2015-12-09 02:51 - 00111520 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-21 17:55 - 2015-12-21 17:55 - 00024431 _____ C:\Users\Roman\Downloads\20151214092521884.pdf
2015-12-21 17:15 - 2015-12-21 17:15 - 05127564 _____ C:\Users\Roman\Downloads\O0BJY22USA.rar
2015-12-21 06:56 - 2015-12-21 06:56 - 00014522 _____ C:\Users\Roman\Downloads\[CzT]Prave_peck_Just_Peck_2009_CZ_.torrent
2015-12-21 06:53 - 2015-12-21 06:53 - 00016786 _____ C:\Users\Roman\Downloads\[CzT]Prestrelka_v_Palermu_Palermo_Shooting_2008_CZ_.torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-20 19:39 - 2013-12-18 14:46 - 00000000 ____D C:\Users\Roman\AppData\Local\CrashDumps
2016-01-20 19:39 - 2013-12-18 14:44 - 00000000 ____D C:\Users\Roman\AppData\Roaming\uTorrent
2016-01-20 19:39 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-20 19:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-20 19:37 - 2014-01-16 13:10 - 00000000 ____D C:\Program Files\CCleaner
2016-01-20 19:19 - 2013-12-18 12:37 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2322173282-1921665351-3622067993-1002
2016-01-20 19:08 - 2015-06-14 16:01 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-20 18:57 - 2013-12-18 12:31 - 00000950 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-20 18:55 - 2013-11-20 14:47 - 00002970 _____ C:\WINDOWS\System32\Tasks\ASUS InstantOn Config
2016-01-20 18:51 - 2013-11-20 14:49 - 00003268 _____ C:\WINDOWS\System32\Tasks\AsusVibeSchedule
2016-01-20 18:42 - 2015-10-10 13:05 - 00000000 ____D C:\Program Files (x86)\AVG
2016-01-20 18:41 - 2013-12-18 12:21 - 00000074 _____ C:\Users\Roman\AppData\Roaming\sp_data.sys
2016-01-20 18:40 - 2014-01-26 11:48 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-01-20 18:40 - 2013-12-18 12:31 - 00000946 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-20 18:37 - 2015-06-21 13:17 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-20 18:37 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-20 18:24 - 2013-11-20 14:47 - 00000000 ____D C:\ProgramData\Temp
2016-01-20 15:35 - 2015-06-07 12:00 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-01-20 15:35 - 2015-06-07 12:00 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-01-19 21:15 - 2014-09-14 16:07 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-19 20:19 - 2015-10-31 21:15 - 00001227 _____ C:\Users\Public\Desktop\Acronis Disk Director 12.lnk
2016-01-19 20:19 - 2015-10-16 12:57 - 00001139 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2016-01-19 20:19 - 2015-06-21 13:41 - 00001448 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-19 20:19 - 2015-06-21 13:28 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-19 20:19 - 2015-06-21 13:16 - 00001328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2016-01-19 20:19 - 2015-06-21 13:16 - 00001316 _____ C:\Users\Public\Desktop\AudioWizard.lnk
2016-01-19 20:19 - 2015-06-14 16:01 - 00001120 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-19 20:19 - 2015-03-15 16:22 - 00000858 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-01-19 20:19 - 2015-01-22 16:44 - 00002117 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Card.lnk
2016-01-19 20:19 - 2015-01-11 12:48 - 00001177 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2016-01-19 20:19 - 2015-01-11 12:48 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-01-19 20:19 - 2015-01-06 13:35 - 00001269 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 2014.lnk
2016-01-19 20:19 - 2014-12-26 17:16 - 00001958 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2016-01-19 20:19 - 2014-12-26 17:16 - 00001956 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2016-01-19 20:19 - 2014-05-19 19:14 - 00001067 _____ C:\Users\Public\Desktop\WarThunder.lnk
2016-01-19 20:19 - 2014-04-23 19:40 - 00001885 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk
2016-01-19 20:19 - 2014-02-10 18:30 - 00002041 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2016-01-19 20:19 - 2014-01-28 12:33 - 00001224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PitchPerfect Musical Instrument Tuner.lnk
2016-01-19 20:19 - 2014-01-28 12:33 - 00001212 _____ C:\Users\Public\Desktop\PitchPerfect Musical Instrument Tuner.lnk
2016-01-19 20:19 - 2014-01-28 12:33 - 00001212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TempoPerfect Metronome Software.lnk
2016-01-19 20:19 - 2014-01-28 12:33 - 00001200 _____ C:\Users\Public\Desktop\TempoPerfect Metronome Software.lnk
2016-01-19 20:19 - 2014-01-26 11:49 - 00001331 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2016-01-19 20:19 - 2013-12-19 13:12 - 00000648 _____ C:\Users\Public\Desktop\Total Commander 64 bit.lnk
2016-01-19 20:19 - 2013-12-18 15:15 - 00000953 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-19 20:19 - 2013-12-18 13:27 - 00001013 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-01-19 20:19 - 2013-05-01 12:17 - 00001376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-01-19 20:19 - 2013-05-01 12:17 - 00001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-01-19 20:19 - 2013-05-01 12:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-01-19 20:18 - 2015-10-16 12:57 - 00001137 _____ C:\Users\Roman\Desktop\Viber.lnk
2016-01-19 20:18 - 2015-07-26 17:49 - 00000809 _____ C:\Users\Roman\Desktop\World of Warships.lnk
2016-01-19 20:18 - 2015-03-15 16:30 - 00000948 _____ C:\Users\Roman\Desktop\FlatOut2.lnk
2016-01-19 20:18 - 2014-09-15 15:04 - 00002326 _____ C:\Users\Roman\Desktop\Ochrana financí.lnk
2016-01-19 20:18 - 2014-05-26 19:28 - 00002041 _____ C:\Users\Roman\Desktop\Canon Solution Menu EX.lnk
2016-01-19 20:18 - 2014-04-23 19:40 - 00001855 _____ C:\Users\Roman\Desktop\PlanetSide 2 PSG.lnk
2016-01-19 20:18 - 2014-02-06 19:35 - 00000955 _____ C:\Users\Roman\Desktop\Find and Mount.lnk
2016-01-19 20:18 - 2014-02-06 19:16 - 00000999 _____ C:\Users\Roman\Desktop\HD Tune Pro.lnk
2016-01-19 20:18 - 2013-12-19 13:08 - 00001078 _____ C:\Users\Roman\Desktop\Your Unin-staller!.lnk
2016-01-19 20:17 - 2013-08-22 15:44 - 00489984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-19 20:08 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-19 19:24 - 2014-11-21 02:39 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-18 22:58 - 2013-12-18 20:03 - 00000000 ____D C:\Users\Roman\AppData\Roaming\vlc
2016-01-16 12:12 - 2014-02-10 18:27 - 00000000 ____D C:\WINDOWS\system32\STRING
2016-01-16 12:12 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-16 10:26 - 2014-02-10 18:33 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-15 15:27 - 2013-12-20 00:08 - 00724992 ___SH C:\Users\Roman\Downloads\Thumbs.db
2016-01-14 21:19 - 2014-09-14 16:09 - 00000000 ____D C:\Users\Roman\AppData\Roaming\TeamViewer
2016-01-14 21:19 - 2013-12-18 13:27 - 00000000 ____D C:\Users\Roman\AppData\Roaming\TS3Client
2016-01-14 21:14 - 2013-08-22 16:36 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-01-14 21:11 - 2013-12-18 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-14 16:36 - 2013-12-18 12:20 - 00000000 ____D C:\Users\Roman\AppData\Local\Packages
2016-01-11 17:22 - 2013-12-18 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-01-11 17:22 - 2013-12-18 12:36 - 00000000 ____D C:\Games
2016-01-11 15:17 - 2014-12-12 23:06 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Skype
2016-01-05 15:29 - 2014-12-12 23:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-05 15:29 - 2014-12-12 23:06 - 00000000 ____D C:\Users\Roman\AppData\Local\Skype
2016-01-05 15:29 - 2014-12-12 23:06 - 00000000 ____D C:\ProgramData\Skype
2016-01-05 12:07 - 2013-05-07 17:56 - 00077680 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys
2015-12-22 12:22 - 2015-06-27 20:18 - 00000992 _____ C:\Users\Roman\Desktop\µTorrent.lnk
2015-12-21 22:02 - 2015-06-21 13:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-21 21:03 - 2014-12-20 12:42 - 00000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories =======
2013-12-24 01:49 - 2013-12-24 01:49 - 0000092 _____ () C:\Users\Roman\AppData\Roaming\Control System_Settings.ini
2013-12-18 12:21 - 2016-01-20 18:41 - 0000074 _____ () C:\Users\Roman\AppData\Roaming\sp_data.sys
2015-06-21 13:16 - 2015-06-21 13:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-05-01 12:15 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 12:15 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 12:15 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Roman\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-12-22 22:00
==================== End of FRST.txt ============================
tu je log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016
Ran by Roman (administrator) on RM (20-01-2016 19:40:48)
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Platform: Windows 8.1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
() C:\Windows\SysWOW64\UMonit64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
() C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
Failed to access process -> CNSEMAIN.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(VideoLAN) C:\Program Files (x86)\VLC\vlc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13650648 2013-08-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890128 2013-04-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [UMonit64] => C:\Windows\SysWOW64\UMonit64.exe [40960 2013-03-14] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [383528 2014-05-30] (Acronis)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-05-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [ROGNB] => C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe [463872 2013-05-15] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1185112 2010-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-02-28] (Power Software Ltd)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1139112 2015-12-08] (AVG Technologies CZ, s.r.o.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-06-13] (Atheros Communications)
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-07-27] (Samsung)
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\MountPoints2: {15d1cc7e-a99c-11e5-80a7-240a64da556a} - "G:\Lenovo_Suite.exe"
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\...\MountPoints2: {a98991ba-7efc-11e5-80a5-240a64da556a} - "G:\NokiaPCIA_Autorun.exe"
IFEO\asusvibelauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\asuswspanel.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.151.222.34 85.237.225.250
Tcpip\..\Interfaces\{88843BA3-A427-47A3-9AEE-0FC15F61312D}: [DhcpNameServer] 213.151.222.34 85.237.225.250
Tcpip\..\Interfaces\{A8635E31-8ACE-4BED-BFD6-7CA3F4B15D30}: [DhcpNameServer] 213.151.222.34 85.237.225.250
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-2322173282-1921665351-3622067993-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2322173282-1921665351-3622067993-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2322173282-1921665351-3622067993-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-26] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-20] (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-06-13] (Qualcomm®Atheros®)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-26] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-17] (Kaspersky Lab ZAO)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-01-26] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-12-20] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-01-26] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-02-17] (Kaspersky Lab ZAO)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-14] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-06-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-06-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [url_advisor@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-12-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-12-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-12-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-12-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-12-20] [not signed]
Chrome:
=======
CHR HomePage: Profile 21 -> hxxps://www.google.com/
CHR StartupUrls: Profile 21 -> "hxxp://www.google.sk/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 13
CHR Extension: (No Name) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 13\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15]
CHR Profile: C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21
CHR Extension: (Dokumenty Google) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-16]
CHR Extension: (Disk Google) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Gmail) - C:\Users\Roman\AppData\Local\Google\Chrome\User Data\Profile 21\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-16]
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - hxxps://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-20]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-20]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe [1051088 2012-12-13] (IObit)
R2 ASCAntivirusSrv; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascavsvc.exe [623936 2013-07-08] (IOBit)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-07-23] (ASUS)
S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-06-13] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1049000 2015-12-08] (AVG Technologies CZ, s.r.o.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-20] (Kaspersky Lab ZAO)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-09] (NVIDIA Corporation)
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-06-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-06-23] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-09] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-09] (NVIDIA Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4377000 2015-12-11] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-06-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-06-21] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-13] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-06-13] (Qualcomm Atheros)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-20] (Disc Soft Ltd)
S3 dtproscsibus; C:\Windows\System32\drivers\dtproscsibus.sys [30352 2015-09-20] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [91368 2013-03-22] (GenesysLogic)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-22] (REALiX(tm))
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-26] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-01-26] (Kaspersky Lab)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-03-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-20] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-02-17] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-20] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [77680 2016-01-05] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-01-26] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2016-01-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-07-23] (Windows (R) Win 7 DDK provider)
S3 SliceDisk5; C:\Program Files\A-FF Find and Mount\slicedisk-x64.sys [31824 2011-02-25] (Atola) [File not signed]
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-09-20] (Duplex Secure Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-12-11] (TuneUp Software)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-06-21] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-06-21] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-06-21] (Microsoft Corporation)
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSDefenseBT64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-20 19:40 - 2016-01-20 19:41 - 00029053 _____ C:\Users\Roman\Desktop\FRST.txt
2016-01-20 19:40 - 2016-01-20 19:40 - 00000341 _____ C:\Users\Roman\Desktop\Fixlog.txt
2016-01-20 19:39 - 2016-01-20 19:40 - 00000000 ____D C:\Users\Roman\AppData\Local\Sony Online Entertainment
2016-01-20 19:37 - 2016-01-20 19:37 - 00002778 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-01-20 19:37 - 2016-01-20 19:37 - 00000836 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-20 19:37 - 2016-01-20 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-01-20 19:36 - 2016-01-20 19:36 - 06805440 _____ (Piriform Ltd) C:\Users\Roman\Downloads\ccsetup513.exe
2016-01-20 19:29 - 2016-01-20 19:29 - 00016591 _____ C:\Users\Roman\Downloads\[CzT]Cena_moci_The_Runner_2015_CZ_.torrent
2016-01-20 18:42 - 2016-01-20 18:42 - 00002286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-01-20 18:42 - 2016-01-20 18:42 - 00002274 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk
2016-01-20 18:42 - 2016-01-20 18:42 - 00000000 ____D C:\Users\Roman\AppData\Roaming\AVG
2016-01-20 18:42 - 2015-12-11 15:39 - 00046504 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2016-01-20 18:42 - 2015-12-11 15:33 - 00037288 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\authuitu.dll
2016-01-20 18:42 - 2015-12-11 15:33 - 00032680 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\SysWOW64\authuitu.dll
2016-01-20 18:41 - 2016-01-20 18:42 - 00000000 ____D C:\Users\Roman\AppData\Local\AvgSetupLog
2016-01-20 18:41 - 2016-01-20 18:42 - 00000000 ____D C:\ProgramData\Avg
2016-01-20 18:36 - 2016-01-20 18:36 - 00000543 _____ C:\cleanup.bat
2016-01-20 18:33 - 2016-01-20 18:34 - 00000000 ____D C:\AVG_Remover
2016-01-20 18:33 - 2016-01-20 18:33 - 07814344 _____ ( ) C:\Users\Roman\Downloads\AVG_Remover.exe
2016-01-20 18:21 - 2016-01-20 18:22 - 00247426 _____ C:\TDSSKiller.3.1.0.9_20.01.2016_18.21.39_log.txt
2016-01-20 18:20 - 2016-01-20 18:21 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Roman\Downloads\tdsskiller.exe
2016-01-20 18:10 - 2016-01-20 18:10 - 00000000 ____D C:\ProgramData\TXQMPC
2016-01-20 18:07 - 2016-01-20 18:09 - 00000000 ____D C:\AdwCleaner
2016-01-20 18:07 - 2016-01-20 18:07 - 01505280 _____ C:\Users\Roman\Downloads\adwcleaner_5.030.exe
2016-01-20 15:33 - 2016-01-20 18:10 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Tencent
2016-01-19 21:47 - 2016-01-20 19:40 - 00000000 ____D C:\FRST
2016-01-19 21:45 - 2016-01-19 21:45 - 02370560 _____ (Farbar) C:\Users\Roman\Desktop\FRST64.exe
2016-01-19 21:44 - 2016-01-19 21:44 - 00731136 _____ C:\Users\Roman\Downloads\avenger (1).exe
2016-01-19 21:13 - 2016-01-19 21:13 - 00088822 _____ C:\Users\Roman\Downloads\[CzT]MS_office_2013_pro_Windows_x64_textove_fonty_CZ_EN_.torrent
2016-01-19 20:07 - 2016-01-19 20:07 - 00001214 _____ C:\dfvs.txt
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-01-19 19:22 - 2016-01-19 19:22 - 00000000 ____D C:\Program Files (x86)\t_201601191922
2016-01-19 19:21 - 2016-01-19 20:05 - 00000000 ____D C:\Program Files (x86)\TData
2016-01-19 19:21 - 2016-01-19 19:21 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-01-19 00:24 - 2016-01-19 00:24 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\25EE2BEB.sys
2016-01-18 17:24 - 2016-01-18 17:24 - 00014802 _____ C:\Users\Roman\Downloads\[CzT]The_Diary_of_a_Teenage_Girl_2015_CZ_.torrent
2016-01-16 12:24 - 2016-01-20 19:37 - 00000000 ____D C:\Users\Roman\AppData\LocalLow\uTorrent
2016-01-16 12:11 - 2016-01-16 12:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6100 series
2016-01-16 12:11 - 2012-06-14 17:18 - 00366592 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNMNPPM.DLL
2016-01-16 12:11 - 2012-06-14 17:18 - 00359936 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6PPM.DLL
2016-01-16 12:11 - 2012-06-14 17:18 - 00039424 _____ (CANON INC.) C:\WINDOWS\system32\CNMN6UI.DLL
2016-01-16 12:10 - 2016-01-16 12:10 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-01-16 12:10 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMAG.DLL
2016-01-16 12:08 - 2016-01-16 12:08 - 30862480 _____ C:\Users\Roman\Downloads\mp68-win-mg6100-1_05-ea24.exe
2016-01-16 12:07 - 2016-01-16 12:07 - 24239256 _____ C:\Users\Roman\Downloads\xp68-win-mg6100-5_56-ea24.exe
2016-01-16 08:18 - 2016-01-16 08:18 - 00013717 _____ C:\Users\Roman\Downloads\[CzT]Stazista_The_Intern_2015_CZ_.torrent
2016-01-16 08:17 - 2016-01-16 08:17 - 00018317 _____ C:\Users\Roman\Downloads\[CzT]Nebezpecne_pokuseni_Knock_Knock_2015_CZ_.torrent
2016-01-15 00:19 - 2016-01-15 00:19 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\0F816F93.sys
2016-01-14 21:43 - 2016-01-14 21:43 - 00017916 _____ C:\Users\Roman\Downloads\[CzT]Microsoft_Toolkit_2_6_Beta_1_2015_.torrent
2016-01-14 21:43 - 2016-01-14 21:43 - 00017916 _____ C:\Users\Roman\Downloads\[CzT]Microsoft_Toolkit_2_6_Beta_1_2015_ (1).torrent
2016-01-14 21:11 - 2016-01-14 21:11 - 00016173 _____ C:\Users\Roman\Downloads\[CzT]Microsoft_Toolkit_2_5_3.torrent
2016-01-14 20:48 - 2016-01-14 20:53 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Opera Software
2016-01-14 20:48 - 2016-01-14 20:53 - 00000000 ____D C:\Users\Roman\AppData\Local\Opera Software
2016-01-14 20:47 - 2016-01-14 20:56 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-14 20:41 - 2016-01-19 20:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Toolkit Final
2016-01-14 20:11 - 2016-01-14 20:11 - 00014952 _____ C:\Users\Roman\Downloads\[SkT]Microsoft_Office_2013_Professional_Plus_(CZ-SK)(x86-x64) (2).torrent
2016-01-14 20:09 - 2016-01-14 20:11 - 56171772 _____ C:\Users\Roman\Downloads\MTKV26B5.zip
2016-01-14 19:53 - 2016-01-14 19:53 - 00023272 _____ C:\Users\Roman\Downloads\[SkT]Tri_kluci_a_nemluvne_-_Baby_Daddy_-_2.serie_(CZ)[TvRip]_=_CSFD_66%.torrent
2016-01-14 19:53 - 2016-01-14 19:53 - 00014694 _____ C:\Users\Roman\Downloads\[SkT]Tri_kluci_a_nemluvne_-_Baby_Daddy_-_1.serie_(CZ)[TVRip]_=_CSFD_66%.torrent
2016-01-14 18:33 - 2016-01-14 18:33 - 00058571 _____ C:\Users\Roman\Downloads\[CzT]Lovci_netvoru_Special_Unit_2_1_a_2_serie_CZ_TvRip_.torrent
2016-01-14 16:55 - 2016-01-14 16:55 - 00016255 _____ C:\Users\Roman\Downloads\[CzT]Jak_roste_nadeje_Where_Hope_Grows_2014_CZ_.torrent
2016-01-14 16:32 - 2016-01-14 16:32 - 05858816 _____ C:\Users\Roman\Downloads\Chvilka_poezie.pps
2016-01-14 15:29 - 2016-01-14 15:29 - 00016904 _____ C:\Users\Roman\Downloads\[CzT]Drakula_Neznama_legenda_Dracula_Untold_2014_CZ_.torrent
2016-01-13 20:09 - 2016-01-13 20:09 - 00008095 _____ C:\Users\Roman\Downloads\[CzT]Malwarebytes_Anti_Malware_Premium_2_1_8_1057_CZ_SK_.torrent
2016-01-13 16:20 - 2016-01-13 16:20 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\33B432E8.sys
2016-01-12 16:51 - 2016-01-12 16:51 - 00016882 _____ C:\Users\Roman\Downloads\[CzT]Sygic_GPS_Navigace_a_Mapy_v15_6_6_Sygic_Maps_Downloader_2015_09_CZ_SK_Android_.torrent
2016-01-12 00:14 - 2016-01-12 00:14 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\6018017D.sys
2016-01-11 18:06 - 2016-01-11 18:07 - 10537067 _____ C:\Users\Roman\Downloads\QuickyBaby-Modpack-9.13-v1.zip
2016-01-11 17:22 - 2016-01-19 20:19 - 00000783 _____ C:\Users\Public\Desktop\World of Tanks.lnk
2016-01-11 17:21 - 2016-01-11 17:21 - 05124704 _____ (Wargaming.net ) C:\Users\Roman\Downloads\WoT_internet_install_eu (1).exe
2016-01-10 00:13 - 2016-01-10 00:13 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\4B3E63E5.sys
2016-01-08 18:02 - 2016-01-08 18:02 - 00016667 _____ C:\Users\Roman\Downloads\[CzT]Zlodeji_a_vyderaci_High_Heels_and_Low_Lifes_2001_CZ_.torrent
2016-01-08 17:58 - 2016-01-08 17:58 - 00052242 _____ C:\Users\Roman\Downloads\[CzT]Sberatele_kosti_Bones_10_serie_SK_TvRip_.torrent
2016-01-08 00:11 - 2016-01-08 00:11 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\3C844630.sys
2016-01-07 22:53 - 2016-01-07 22:53 - 00014552 _____ C:\Users\Roman\Downloads\[CzT]Postradatelni_agenti_The_Throwaways_2015_CZ_WebRip_.torrent
2016-01-07 14:39 - 2016-01-16 12:09 - 02342912 _____ C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
2016-01-07 10:20 - 2016-01-07 10:20 - 00013539 _____ C:\Users\Roman\Downloads\[CzT]Kuryr_Restart_Le_Transporteur_Heritage_2015_CZ_.torrent
2016-01-06 16:15 - 2016-01-06 16:15 - 00014583 _____ C:\Users\Roman\Downloads\[CzT]Mr_Holmes_2015_CZ_.torrent
2016-01-05 16:12 - 2016-01-05 16:12 - 00013665 _____ C:\Users\Roman\Downloads\[CzT]Pestunka_pre_dospelych_Babysitter_s_Black_Book_2015_SK_TvRip_.torrent
2016-01-05 15:29 - 2016-01-05 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-05 12:07 - 2016-01-05 13:43 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-05 12:07 - 2016-01-05 12:07 - 00003032 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2016-01-03 10:53 - 2016-01-19 20:19 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-01-03 10:53 - 2016-01-19 20:19 - 00000973 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-01-03 09:25 - 2016-01-03 09:25 - 00036269 _____ C:\Users\Roman\Downloads\[CzT]A_D_The_Bible_Continues_1_serie_SK_TvRip_720p_.torrent
2016-01-03 09:23 - 2016-01-03 09:23 - 00011768 _____ C:\Users\Roman\Downloads\[CzT]Sherlock_Prizracna_nevesta_Sherlock_The_Abominable_Bride_2016_CZ_TvRip_.torrent
2016-01-02 09:26 - 2016-01-02 09:26 - 00014743 _____ C:\Users\Roman\Downloads\[CzT]Milenci_v_case_The_Lovers_2015_CZ_.torrent
2016-01-02 09:23 - 2016-01-02 09:23 - 00015137 _____ C:\Users\Roman\Downloads\[CzT]He_Who_Dares_2014_CZ_.torrent
2016-01-01 15:30 - 2016-01-01 15:30 - 00200192 _____ C:\Users\Roman\Downloads\ICEEncrypt.exe
2016-01-01 12:22 - 2016-01-01 12:22 - 00016470 _____ C:\Users\Roman\Downloads\[CzT]Pomsta_v_Parizi_Le_Jour_Attendra_2013_CZ_ (1).torrent
2016-01-01 00:51 - 2016-01-01 00:51 - 00016470 _____ C:\Users\Roman\Downloads\[CzT]Pomsta_v_Parizi_Le_Jour_Attendra_2013_CZ_.torrent
2015-12-31 19:14 - 2016-01-19 20:19 - 00000949 _____ C:\Users\Public\Desktop\Registry Finder.lnk
2015-12-31 19:14 - 2015-12-31 19:14 - 00000000 ____D C:\Users\Roman\AppData\Roaming\RegistryFinder
2015-12-31 19:14 - 2015-12-31 19:14 - 00000000 ____D C:\Users\Roman\AppData\Local\CrashRpt
2015-12-31 19:14 - 2015-12-31 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Finder
2015-12-31 19:14 - 2015-12-31 19:14 - 00000000 ____D C:\Program Files\Registry Finder
2015-12-31 19:13 - 2016-01-01 12:20 - 00000000 ____D C:\Program Files (x86)\Hide ALL IP
2015-12-31 19:08 - 2015-12-31 19:08 - 00002884 _____ C:\Users\Roman\Downloads\[CzT]Hide_All_Ip_v05_28_150528_Final_x86x64_2015_.torrent
2015-12-31 18:05 - 2015-12-31 18:06 - 00000000 ____D C:\Users\Roman\AppData\Roaming\TrueCrypt
2015-12-31 18:04 - 2016-01-19 20:19 - 00000933 _____ C:\Users\Public\Desktop\TrueCrypt.lnk
2015-12-31 18:04 - 2015-12-31 18:04 - 00064528 _____ C:\Users\Roman\Downloads\Language.cs.xml.zip
2015-12-31 18:04 - 2015-12-31 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
2015-12-31 18:01 - 2015-12-31 18:02 - 03466248 _____ (TrueCrypt Foundation) C:\Users\Roman\Downloads\TrueCrypt Setup 7.1a (2).exe
2015-12-31 17:43 - 2015-12-31 18:05 - 00000000 ____D C:\Program Files\TrueCrypt
2015-12-31 17:43 - 2015-12-31 18:04 - 00231376 _____ (TrueCrypt Foundation) C:\WINDOWS\system32\Drivers\truecrypt.sys
2015-12-31 17:43 - 2015-12-31 17:44 - 00002844 _____ C:\Users\Roman\Downloads\TrueCrypt-key.asc
2015-12-31 17:43 - 2015-12-31 17:43 - 00000072 _____ C:\Users\Roman\Downloads\TrueCrypt-7.2.exe.sig
2015-12-31 17:41 - 2015-12-31 17:41 - 02573392 _____ (TrueCrypt Foundation) C:\Users\Roman\Downloads\TrueCrypt-7.2.exe
2015-12-31 13:19 - 2016-01-20 15:35 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{08E1D91D-90D9-4979-BFFC-474CFE997ABE}
2015-12-31 13:18 - 2015-12-31 13:18 - 00746512 _____ (Marco Cervoni ) C:\Users\Roman\Downloads\TrueCryptPasswordPluginLicenseSetup.exe
2015-12-31 13:16 - 2015-12-31 13:17 - 01961642 _____ (idoo International LLC. ) C:\Users\Roman\Downloads\idooUSBEncryption_setup.exe
2015-12-31 08:15 - 2015-12-31 08:15 - 00027082 _____ C:\Users\Roman\Downloads\[CzT]Inteligence_Intelligence_1_serie_CZ_TvRip_.torrent
2015-12-28 12:12 - 2015-12-28 12:12 - 00013181 _____ C:\Users\Roman\Downloads\[CzT]A_Royal_Christmas_Kra_ovske_Vianoce_2014_SK_TvRip_.torrent
2015-12-28 11:09 - 2015-12-28 11:09 - 00014223 _____ C:\Users\Roman\Downloads\[CzT]Povetri_Air_2015_CZ_ (2).torrent
2015-12-28 11:06 - 2015-12-28 11:06 - 00016541 _____ C:\Users\Roman\Downloads\[CzT]Spravnej_dres_2015_CZ_TvRip_.torrent
2015-12-27 18:39 - 2015-12-27 18:40 - 30381641 _____ C:\Users\Roman\Downloads\SuperStar 2015 - I. finále - TOP 8 - Příběh nekončí.mp4
2015-12-27 15:23 - 2015-12-27 15:23 - 00011237 _____ C:\Users\Roman\Downloads\[CzT]Dela_z_Navarone_The_Guns_of_Navarone_1961_CZ_.torrent
2015-12-27 08:59 - 2015-12-27 08:59 - 00016045 _____ C:\Users\Roman\Downloads\[CzT]Hobit_Bitva_peti_armad_The_Hobbit_The_Battle_of_the_Five_Armies_2014_CZ_.torrent
2015-12-27 08:39 - 2015-12-27 08:39 - 00019675 _____ C:\Users\Roman\Downloads\[CzT]McFarland_USA_2015_CZ_ (1).torrent
2015-12-27 08:38 - 2015-12-27 08:38 - 00012161 _____ C:\Users\Roman\Downloads\[CzT]Nocni_bezec_Run_all_night_2015_CZ_ (1).torrent
2015-12-26 16:15 - 2015-12-26 16:15 - 16069263 _____ C:\Users\Roman\Downloads\x (1).mp4
2015-12-26 14:16 - 2015-12-26 14:16 - 00011689 _____ C:\Users\Roman\Downloads\[CzT]Svetova_invaze_Battle_Los_Angeles_2011_.torrent
2015-12-26 12:11 - 2015-12-26 12:11 - 00014740 _____ C:\Users\Roman\Downloads\[CzT]To_byl_zitra_flam_2_Hot_Tub_Time_Machine_2_2015_CZ_.torrent
2015-12-25 14:15 - 2015-12-25 14:15 - 00011685 _____ C:\Users\Roman\Downloads\[CzT]Cervena_sirena_Sir_ne_rouge_La_2002_CZ_.torrent
2015-12-24 21:33 - 2015-12-24 21:33 - 01013760 _____ C:\Users\Roman\Downloads\pozdrav.ppt
2015-12-24 16:49 - 2015-12-24 16:49 - 00018024 _____ C:\Users\Roman\Downloads\[CzT]Prizrak_Domovoy_2008_CZ_RU_.torrent
2015-12-24 16:48 - 2015-12-24 16:48 - 00016757 _____ C:\Users\Roman\Downloads\[CzT]Policajtka_Angel_Eyes_2001_CZ_.torrent
2015-12-24 09:33 - 2015-12-24 09:33 - 00011141 _____ C:\Users\Roman\Downloads\[CzT]Mission_Impossible_Narod_grazlu_Mission_Impossible_Rogue_Nation_2015_CZ_ (1).torrent
2015-12-23 11:28 - 2015-12-23 11:28 - 00018495 _____ C:\Users\Roman\Downloads\[SkT]AVG PC TuneUp 2016 16.2.1.18873 (CZ-SK).torrent
2015-12-23 11:19 - 2015-12-23 11:19 - 00002807 _____ C:\Users\Roman\Downloads\[SkT]PowerISO_6.4__Final_(x86-x64)_(2015)(CZ-SK).torrent
2015-12-23 11:16 - 2015-12-23 11:16 - 00014997 _____ C:\Users\Roman\Downloads\[SkT]Microsoft_Office_2013_Professional_Plus_(CZ-SK)(x86-x64) (1).torrent
2015-12-23 11:13 - 2015-12-23 11:13 - 00001995 _____ C:\Users\Roman\Downloads\[CzT]WinRAR_5_21_Final_x86_x64_CZ_ (1).torrent
2015-12-23 11:08 - 2015-12-23 11:08 - 00002721 _____ C:\Users\Roman\Downloads\[CzT]Your_Uninstaller_PRO_v7_5_2014_03_CZ_SK_ (2).torrent
2015-12-23 10:28 - 2015-12-23 10:28 - 00016599 _____ C:\Users\Roman\Downloads\[CzT]Clevelandsky_unos_Cleveland_Abduction_2015_CZ_.torrent
2015-12-22 17:55 - 2015-12-22 17:55 - 00015813 _____ C:\Users\Roman\Downloads\[CzT]Windows_7_ultimate_sp1_x64_MSDN_Technet (2).torrent
2015-12-22 12:30 - 2015-12-22 12:30 - 00014747 _____ C:\Users\Roman\Downloads\[CzT]RYTMUS_sidliskovy_sen_2015_SK_.torrent
2015-12-21 22:02 - 2015-12-16 15:39 - 00103032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-21 22:01 - 2015-12-16 15:53 - 00523384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-12-21 22:01 - 2015-12-16 15:53 - 00075056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 42977072 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 37609080 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 31061624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 24895792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 21122456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 20663816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 17561432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 17156968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 16981976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 12334200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-12-21 21:59 - 2015-12-16 18:34 - 03168376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 02755704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 01915696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436143.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 01564976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436143.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00938104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00872056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00734512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00681592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00502080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00423264 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00416376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-12-21 21:59 - 2015-12-16 18:34 - 00370808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-12-21 21:04 - 2015-12-09 02:51 - 00111520 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-21 17:55 - 2015-12-21 17:55 - 00024431 _____ C:\Users\Roman\Downloads\20151214092521884.pdf
2015-12-21 17:15 - 2015-12-21 17:15 - 05127564 _____ C:\Users\Roman\Downloads\O0BJY22USA.rar
2015-12-21 06:56 - 2015-12-21 06:56 - 00014522 _____ C:\Users\Roman\Downloads\[CzT]Prave_peck_Just_Peck_2009_CZ_.torrent
2015-12-21 06:53 - 2015-12-21 06:53 - 00016786 _____ C:\Users\Roman\Downloads\[CzT]Prestrelka_v_Palermu_Palermo_Shooting_2008_CZ_.torrent
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-01-20 19:39 - 2013-12-18 14:46 - 00000000 ____D C:\Users\Roman\AppData\Local\CrashDumps
2016-01-20 19:39 - 2013-12-18 14:44 - 00000000 ____D C:\Users\Roman\AppData\Roaming\uTorrent
2016-01-20 19:39 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-20 19:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-20 19:37 - 2014-01-16 13:10 - 00000000 ____D C:\Program Files\CCleaner
2016-01-20 19:19 - 2013-12-18 12:37 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2322173282-1921665351-3622067993-1002
2016-01-20 19:08 - 2015-06-14 16:01 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-20 18:57 - 2013-12-18 12:31 - 00000950 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-20 18:55 - 2013-11-20 14:47 - 00002970 _____ C:\WINDOWS\System32\Tasks\ASUS InstantOn Config
2016-01-20 18:51 - 2013-11-20 14:49 - 00003268 _____ C:\WINDOWS\System32\Tasks\AsusVibeSchedule
2016-01-20 18:42 - 2015-10-10 13:05 - 00000000 ____D C:\Program Files (x86)\AVG
2016-01-20 18:41 - 2013-12-18 12:21 - 00000074 _____ C:\Users\Roman\AppData\Roaming\sp_data.sys
2016-01-20 18:40 - 2014-01-26 11:48 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-01-20 18:40 - 2013-12-18 12:31 - 00000946 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-20 18:37 - 2015-06-21 13:17 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-20 18:37 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-20 18:24 - 2013-11-20 14:47 - 00000000 ____D C:\ProgramData\Temp
2016-01-20 15:35 - 2015-06-07 12:00 - 00003474 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2016-01-20 15:35 - 2015-06-07 12:00 - 00003464 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2016-01-19 21:15 - 2014-09-14 16:07 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-19 20:19 - 2015-10-31 21:15 - 00001227 _____ C:\Users\Public\Desktop\Acronis Disk Director 12.lnk
2016-01-19 20:19 - 2015-10-16 12:57 - 00001139 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk
2016-01-19 20:19 - 2015-06-21 13:41 - 00001448 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-19 20:19 - 2015-06-21 13:28 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-19 20:19 - 2015-06-21 13:16 - 00001328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2016-01-19 20:19 - 2015-06-21 13:16 - 00001316 _____ C:\Users\Public\Desktop\AudioWizard.lnk
2016-01-19 20:19 - 2015-06-14 16:01 - 00001120 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-19 20:19 - 2015-03-15 16:22 - 00000858 _____ C:\Users\Public\Desktop\PowerISO.lnk
2016-01-19 20:19 - 2015-01-22 16:44 - 00002117 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Card.lnk
2016-01-19 20:19 - 2015-01-11 12:48 - 00001177 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2016-01-19 20:19 - 2015-01-11 12:48 - 00001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2016-01-19 20:19 - 2015-01-06 13:35 - 00001269 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 2014.lnk
2016-01-19 20:19 - 2014-12-26 17:16 - 00001958 _____ C:\Users\Public\Desktop\Samsung Kies.lnk
2016-01-19 20:19 - 2014-12-26 17:16 - 00001956 _____ C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
2016-01-19 20:19 - 2014-05-19 19:14 - 00001067 _____ C:\Users\Public\Desktop\WarThunder.lnk
2016-01-19 20:19 - 2014-04-23 19:40 - 00001885 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk
2016-01-19 20:19 - 2014-02-10 18:30 - 00002041 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2016-01-19 20:19 - 2014-01-28 12:33 - 00001224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PitchPerfect Musical Instrument Tuner.lnk
2016-01-19 20:19 - 2014-01-28 12:33 - 00001212 _____ C:\Users\Public\Desktop\PitchPerfect Musical Instrument Tuner.lnk
2016-01-19 20:19 - 2014-01-28 12:33 - 00001212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TempoPerfect Metronome Software.lnk
2016-01-19 20:19 - 2014-01-28 12:33 - 00001200 _____ C:\Users\Public\Desktop\TempoPerfect Metronome Software.lnk
2016-01-19 20:19 - 2014-01-26 11:49 - 00001331 _____ C:\Users\Roman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2016-01-19 20:19 - 2013-12-19 13:12 - 00000648 _____ C:\Users\Public\Desktop\Total Commander 64 bit.lnk
2016-01-19 20:19 - 2013-12-18 15:15 - 00000953 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-19 20:19 - 2013-12-18 13:27 - 00001013 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-01-19 20:19 - 2013-05-01 12:17 - 00001376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-01-19 20:19 - 2013-05-01 12:17 - 00001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-01-19 20:19 - 2013-05-01 12:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-01-19 20:18 - 2015-10-16 12:57 - 00001137 _____ C:\Users\Roman\Desktop\Viber.lnk
2016-01-19 20:18 - 2015-07-26 17:49 - 00000809 _____ C:\Users\Roman\Desktop\World of Warships.lnk
2016-01-19 20:18 - 2015-03-15 16:30 - 00000948 _____ C:\Users\Roman\Desktop\FlatOut2.lnk
2016-01-19 20:18 - 2014-09-15 15:04 - 00002326 _____ C:\Users\Roman\Desktop\Ochrana financí.lnk
2016-01-19 20:18 - 2014-05-26 19:28 - 00002041 _____ C:\Users\Roman\Desktop\Canon Solution Menu EX.lnk
2016-01-19 20:18 - 2014-04-23 19:40 - 00001855 _____ C:\Users\Roman\Desktop\PlanetSide 2 PSG.lnk
2016-01-19 20:18 - 2014-02-06 19:35 - 00000955 _____ C:\Users\Roman\Desktop\Find and Mount.lnk
2016-01-19 20:18 - 2014-02-06 19:16 - 00000999 _____ C:\Users\Roman\Desktop\HD Tune Pro.lnk
2016-01-19 20:18 - 2013-12-19 13:08 - 00001078 _____ C:\Users\Roman\Desktop\Your Unin-staller!.lnk
2016-01-19 20:17 - 2013-08-22 15:44 - 00489984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-19 20:08 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-19 19:24 - 2014-11-21 02:39 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-18 22:58 - 2013-12-18 20:03 - 00000000 ____D C:\Users\Roman\AppData\Roaming\vlc
2016-01-16 12:12 - 2014-02-10 18:27 - 00000000 ____D C:\WINDOWS\system32\STRING
2016-01-16 12:12 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-16 10:26 - 2014-02-10 18:33 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-15 15:27 - 2013-12-20 00:08 - 00724992 ___SH C:\Users\Roman\Downloads\Thumbs.db
2016-01-14 21:19 - 2014-09-14 16:09 - 00000000 ____D C:\Users\Roman\AppData\Roaming\TeamViewer
2016-01-14 21:19 - 2013-12-18 13:27 - 00000000 ____D C:\Users\Roman\AppData\Roaming\TS3Client
2016-01-14 21:14 - 2013-08-22 16:36 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-01-14 21:11 - 2013-12-18 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-14 16:36 - 2013-12-18 12:20 - 00000000 ____D C:\Users\Roman\AppData\Local\Packages
2016-01-11 17:22 - 2013-12-18 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2016-01-11 17:22 - 2013-12-18 12:36 - 00000000 ____D C:\Games
2016-01-11 15:17 - 2014-12-12 23:06 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Skype
2016-01-05 15:29 - 2014-12-12 23:06 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-05 15:29 - 2014-12-12 23:06 - 00000000 ____D C:\Users\Roman\AppData\Local\Skype
2016-01-05 15:29 - 2014-12-12 23:06 - 00000000 ____D C:\ProgramData\Skype
2016-01-05 12:07 - 2013-05-07 17:56 - 00077680 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys
2015-12-22 12:22 - 2015-06-27 20:18 - 00000992 _____ C:\Users\Roman\Desktop\µTorrent.lnk
2015-12-21 22:02 - 2015-06-21 13:17 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-21 21:03 - 2014-12-20 12:42 - 00000000 ____D C:\ProgramData\Package Cache
==================== Files in the root of some directories =======
2013-12-24 01:49 - 2013-12-24 01:49 - 0000092 _____ () C:\Users\Roman\AppData\Roaming\Control System_Settings.ini
2013-12-18 12:21 - 2016-01-20 18:41 - 0000074 _____ () C:\Users\Roman\AppData\Roaming\sp_data.sys
2015-06-21 13:16 - 2015-06-21 13:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-05-01 12:15 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-05-01 12:15 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-05-01 12:15 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Some files in TEMP:
====================
C:\Users\Roman\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-12-22 22:00
==================== End of FRST.txt ============================
- Přílohy
-
- Addition.rar
- (12.35 KiB) Staženo 72 x
Re: Prosím o kontrolu
zopakuj akciu s fixlist
Kód: Vybrat vše
Start
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe [1051088 2012-12-13] (IObit)
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSDefenseBT64.sys [X]
2016-01-20 15:33 - 2016-01-20 18:10 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Tencent
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-01-07 14:39 - 2016-01-16 12:09 - 02342912 _____ C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
End
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu
ďakujem tu je log
Fix result of Farbar Recovery Scan Tool (x64) Version:18-01-2016
Ran by Roman (2016-01-21 16:00:41) Run:2
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe [1051088 2012-12-13] (IObit)
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSDefenseBT64.sys [X]
2016-01-20 15:33 - 2016-01-20 18:10 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Tencent
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-01-07 14:39 - 2016-01-16 12:09 - 02342912 _____ C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
End
*****************
[584] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe => process closed successfully.
[1132] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe => process closed successfully.
AdvancedSystemCareService6 => service removed successfully
TSDefenseBt => service removed successfully
C:\Users\Roman\AppData\Roaming\Tencent => moved successfully
C:\Program Files (x86)\Tencent => moved successfully
C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤 => moved successfully
==== End of Fixlog 16:00:42 ====
Fix result of Farbar Recovery Scan Tool (x64) Version:18-01-2016
Ran by Roman (2016-01-21 16:00:41) Run:2
Running from C:\Users\Roman\Desktop
Loaded Profiles: Roman (Available Profiles: Roman)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe
(IOBit) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe
R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ascsvc.exe [1051088 2012-12-13] (IObit)
S1 TSDefenseBt; \??\C:\Program Files (x86)\Tencent\QQPCMgr\10.10.16444.223\TSDefenseBT64.sys [X]
2016-01-20 15:33 - 2016-01-20 18:10 - 00000000 ____D C:\Users\Roman\AppData\Roaming\Tencent
2016-01-19 19:23 - 2016-01-19 19:23 - 00000000 ____D C:\Program Files (x86)\Tencent
2016-01-07 14:39 - 2016-01-16 12:09 - 02342912 _____ C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
End
*****************
[584] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCSvc.exe => process closed successfully.
[1132] C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCAvSvc.exe => process closed successfully.
AdvancedSystemCareService6 => service removed successfully
TSDefenseBt => service removed successfully
C:\Users\Roman\AppData\Roaming\Tencent => moved successfully
C:\Program Files (x86)\Tencent => moved successfully
C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤 => moved successfully
==== End of Fixlog 16:00:42 ====
Re: Prosím o kontrolu
Su este nejake problemy ?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu
zatiaľ už nepozorujem žiadne, ďakujem veľmi pekne za pomoc
Re: Prosím o kontrolu
rado sa stalo 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?