Ahoj všichni a předem díky za pomoc.
Mám v notebooku nějaké svinstvo s čínskými znaky, kterého se nelze zbavit. vlezlo mi to do browseru, změnilo vyhledávač (což samozřejmě už nejde dát na jiný) a celkově to vyhazuje pop-upy.
adwcleaner log níže
# AdwCleaner v5.033 - Logfile created 12/02/2016 at 17:57:46
# Updated 07/02/2016 by Xplode
# Database : 2016-02-07.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Karolina - KAROLINA-PC
# Running from : C:\Users\Karolina\Desktop\adwcleaner_5.033.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : QQPCRTP
[-] Service Deleted : TAOAccelerator
[-] Service Deleted : TSDefenseBt
[-] Service Deleted : TSSysKit
[-] Service Deleted : QMUdisk
[-] Service Deleted : QQSysMonX64
[-] Service Deleted : TFsFlt
[-] Service Deleted : TAOKernelDriver
[-] Service Deleted : TSSKX64
[-] Service Deleted : SPS
***** [ Folders ] *****
[-] Folder Deleted : C:\Genius
[#] Folder Deleted : C:\Program Files (x86)\tencent
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[#] Folder Deleted : C:\Program Files\Common Files\tencent
[#] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\ProgramData\TXQMPC
[-] Folder Deleted : C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
[-] Folder Deleted : C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl
[-] Folder Deleted : C:\Users\Karolina\AppData\Roaming\tencent
[-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
***** [ Files ] *****
[-] File Deleted : C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage
[-] File Deleted : C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nonjdcjchghhkdoolnlbekcfllmednbl_0.localstorage
[-] File Deleted : C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Karolina\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\电脑管家.lnk
[-] File Deleted : C:\Windows\SysNative\drivers\TAOAccelerator64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\TSSKX64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\TAOKernel64.sys
[-] File Deleted : C:\Windows\SysNative\drivers\TFsFltX64.sys
[-] File Deleted : C:\Windows\SysWOW64\SearchProtectService.exe
[-] File Deleted : C:\Windows\SysWOW64\drivers\TsFltMgr.sys
[-] File Deleted : C:\Windows\SysWOW64\drivers\TS888x64.sys
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@qq.com/QQPCMgr
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Key Deleted : HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\QMContextUninstall
[-] Key Deleted : HKEY_CLASSES_ROOT\Folder\ShellEx\ContextMenuHandlers\QMContextUninstall
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Plus-HD-7.6-bg.exe]
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14CD42DD-ABCD-3586-DCAB-40E3693E3737}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{16EE6530-8649-4F42-A9E4-F6A3295AF975}
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{21FA44EF-376D-4D53-9B0F-8A89D3229068}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CBDECEF7-7A29-4CBF-A009-2673D82C7BF9}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{63332668-8CE1-445D-A5EE-25929176714E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D4801E96-E7A1-45F6-B124-7A36DFB40B81}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2AEF02C3-5159-4C81-A688-8D954F0DEE56}_NewSearch
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QQPCMgr
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3C}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3D}
***** [ Web browsers ] *****
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : websearch.ask.com
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : microsoft-office-2010.softonic.com
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : kindle-to-pdf-converter.en.softonic.com
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : journey-to-the-center-of-the-earth.en.softonic.com
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : >
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nafaimnnclfjfedmmabolbppcngeolgf
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : nonjdcjchghhkdoolnlbekcfllmednbl
[-] [C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : ooebklgpfnbcnpokahmdidgbmlcdepkm
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7762 bytes] ##########
a tady je combofix
ComboFix 16-02-09.01 - Karolina 13.02.2016 14:30:49.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4063.1977 [GMT 1:00]
Spuštěný z: c:\users\Karolina\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Karolina\AppData\Local\assembly\tmp
c:\users\Karolina\AppData\Local\assembly\tmp\OXA3633N\__AssemblyInfo__.ini
c:\users\Karolina\AppData\Local\assembly\tmp\OXA3633N\Microsoft.Office.Tools.Common.v4.0.Utilities.DLL
c:\windows\IsUn0405.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\tmp144F.tmp
c:\windows\SysWow64\tmp145F.tmp
c:\windows\SysWow64\tmp6F2B.tmp
c:\windows\SysWow64\tmp6F3B.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-01-13 do 2016-02-13 )))))))))))))))))))))))))))))))
.
.
2016-02-13 13:44 . 2016-02-13 13:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-12 16:59 . 2016-02-12 16:59 -------- d-----w- c:\programdata\TXQMPC
2016-02-10 22:10 . 2016-02-10 22:10 210432 ----a-w- c:\windows\system32\aepic.dll
2016-02-10 22:10 . 2016-02-10 22:10 1164800 ----a-w- c:\windows\system32\aeinv.dll
2016-02-10 21:57 . 2016-02-10 21:57 62464 ----a-w- c:\windows\system32\drivers\appid.sys
2016-02-10 21:54 . 2016-02-10 21:54 879616 ----a-w- c:\windows\system32\advapi32.dll
2016-02-10 21:54 . 2016-02-10 21:54 643072 ----a-w- c:\windows\SysWow64\advapi32.dll
2016-02-10 21:52 . 2016-02-10 21:52 76288 ----a-w- c:\windows\system32\devenum.dll
2016-02-10 21:52 . 2016-02-10 21:52 67584 ----a-w- c:\windows\SysWow64\devenum.dll
2016-02-10 21:52 . 2016-02-10 21:52 624640 ----a-w- c:\windows\system32\qedit.dll
2016-02-10 21:52 . 2016-02-10 21:52 509952 ----a-w- c:\windows\SysWow64\qedit.dll
2016-02-10 21:52 . 2016-02-10 21:52 91648 ----a-w- c:\windows\system32\mapi32.dll
2016-02-10 21:52 . 2016-02-10 21:52 76800 ----a-w- c:\windows\SysWow64\mapistub.dll
2016-02-10 21:52 . 2016-02-10 21:52 14336 ----a-w- c:\windows\SysWow64\fixmapi.exe
2016-02-10 21:52 . 2016-02-10 21:52 91648 ----a-w- c:\windows\system32\mapistub.dll
2016-02-10 21:52 . 2016-02-10 21:52 17920 ----a-w- c:\windows\system32\fixmapi.exe
2016-02-10 21:51 . 2016-02-10 21:51 3211264 ----a-w- c:\windows\system32\win32k.sys
2016-02-10 21:25 . 2016-02-10 21:25 87864 ------w- c:\windows\system32\drivers\TFsFltX64.sys
2016-02-10 21:24 . 2016-02-12 17:00 -------- d-----w- c:\programdata\Tencent
2016-02-10 09:37 . 2016-02-10 09:37 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2259791-36CE-43F6-A778-7F540B49C3CE}\offreg.3656.dll
2016-02-09 17:53 . 2016-02-09 17:53 -------- d-----w- c:\users\Karolina\AppData\Roaming\GameMill Entertainment
2016-02-09 17:16 . 2016-02-09 17:16 -------- d-----w- c:\programdata\Big Fish
2016-02-09 17:14 . 2016-02-09 17:16 -------- d-----w- c:\users\Karolina\AppData\Local\Big Fish
2016-02-09 09:05 . 2016-02-09 09:05 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-02-09 09:05 . 2016-02-09 09:05 52184 ----a-w- c:\windows\avastSS.scr
2016-02-03 11:01 . 2016-02-03 11:01 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2259791-36CE-43F6-A778-7F540B49C3CE}\offreg.4380.dll
2016-02-03 10:53 . 2015-12-16 09:15 11154520 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2259791-36CE-43F6-A778-7F540B49C3CE}\mpengine.dll
2016-02-03 10:53 . 2016-02-03 10:53 -------- d-----w- C:\4b07b6a08b1f5c3eab3c975b
2016-02-03 10:50 . 2016-02-03 10:50 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2016-02-03 10:50 . 2016-02-03 10:50 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2016-02-03 10:50 . 2016-02-03 10:50 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2016-02-03 10:50 . 2016-02-03 10:50 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2016-02-03 10:50 . 2016-02-03 10:50 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2016-02-03 10:50 . 2016-02-03 10:50 69120 ----a-w- c:\windows\SysWow64\nlsbres.dll
2016-02-03 10:50 . 2016-02-03 10:50 69120 ----a-w- c:\windows\system32\nlsbres.dll
2016-02-03 10:47 . 2016-02-03 10:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-02-03 10:47 . 2016-02-03 10:47 2048 ----a-w- c:\windows\system32\tzres.dll
2016-02-03 10:42 . 2016-02-03 10:42 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2016-02-03 10:42 . 2016-02-03 10:42 1180160 ----a-w- c:\windows\system32\FntCache.dll
2016-02-03 10:42 . 2016-02-03 10:42 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-02-03 10:42 . 2016-02-03 10:42 1648128 ----a-w- c:\windows\system32\DWrite.dll
2016-02-03 10:42 . 2016-02-03 10:42 1008640 ----a-w- c:\windows\system32\user32.dll
2016-02-03 10:41 . 2016-02-03 10:41 241664 ----a-w- c:\windows\system32\els.dll
2016-02-03 10:41 . 2016-02-03 10:41 179712 ----a-w- c:\windows\SysWow64\els.dll
2016-02-03 10:39 . 2016-02-03 10:39 17408 ----a-w- c:\windows\system32\wshrm.dll
2016-02-03 10:39 . 2016-02-03 10:39 14848 ----a-w- c:\windows\SysWow64\wshrm.dll
2016-02-03 10:39 . 2016-02-03 10:39 146944 ----a-w- c:\windows\system32\drivers\rmcast.sys
2016-02-03 10:38 . 2016-02-03 10:38 802304 ----a-w- c:\windows\system32\usp10.dll
2016-02-03 10:38 . 2016-02-03 10:38 627712 ----a-w- c:\windows\SysWow64\usp10.dll
2016-02-03 10:37 . 2016-02-03 10:37 487936 ----a-w- c:\windows\SysWow64\catsrvut.dll
2016-02-03 10:37 . 2016-02-03 10:37 1242624 ----a-w- c:\windows\SysWow64\comsvcs.dll
2016-02-03 10:37 . 2016-02-03 10:37 525312 ----a-w- c:\windows\system32\catsrvut.dll
2016-02-03 10:37 . 2016-02-03 10:37 1735680 ----a-w- c:\windows\system32\comsvcs.dll
2016-02-03 10:18 . 2016-02-03 10:18 497664 ----a-w- c:\windows\system32\drivers\afd.sys
2016-02-03 10:18 . 2016-02-03 10:18 118272 ----a-w- c:\windows\system32\drivers\tdx.sys
2016-02-03 10:16 . 2016-02-03 10:16 950720 ----a-w- c:\windows\system32\drivers\ndis.sys
2016-02-03 10:11 . 2016-02-03 10:11 939520 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2016-02-03 10:11 . 2016-02-03 10:11 274944 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll
2016-02-03 10:11 . 2016-02-03 10:11 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2016-02-03 10:11 . 2016-02-03 10:11 1415168 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\InkObj.dll
2016-02-03 10:11 . 2016-02-03 10:11 126464 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\rtscom.dll
2016-02-03 10:11 . 2016-02-03 10:11 353280 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkDiv.dll
2016-02-03 10:11 . 2016-02-03 10:11 275456 ----a-w- c:\windows\system32\InkEd.dll
2016-02-03 10:11 . 2016-02-03 10:11 2103296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2016-02-03 10:11 . 2016-02-03 10:11 169984 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\rtscom.dll
2016-02-03 10:11 . 2016-02-03 10:11 1372160 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2016-02-03 10:08 . 2016-02-03 10:08 459344 ----a-w- c:\windows\system32\drivers\cng.sys
2016-02-03 10:08 . 2016-02-03 10:08 298192 ----a-w- c:\windows\system32\bcryptprimitives.dll
2016-02-03 10:08 . 2016-02-03 10:08 251000 ----a-w- c:\windows\SysWow64\bcryptprimitives.dll
2016-02-03 10:06 . 2016-02-03 10:06 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2016-02-03 10:06 . 2016-02-03 10:06 6656 ----a-w- c:\windows\system32\shimeng.dll
2016-02-03 10:06 . 2016-02-03 10:06 342016 ----a-w- c:\windows\system32\apphelp.dll
2016-02-03 10:06 . 2016-02-03 10:06 23552 ----a-w- c:\windows\system32\sdbinst.exe
2016-02-03 10:06 . 2016-02-03 10:06 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2016-02-03 10:06 . 2016-02-03 10:06 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2016-02-03 10:06 . 2016-02-03 10:06 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2016-02-03 10:02 . 2016-02-03 10:02 634432 ----a-w- c:\windows\system32\winload.exe
2016-02-03 09:56 . 2016-02-03 09:56 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-02-03 09:56 . 2016-02-03 09:56 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-02-03 09:56 . 2016-02-03 09:56 14176768 ----a-w- c:\windows\system32\shell32.dll
2016-02-03 09:53 . 2016-02-03 09:53 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2016-02-03 09:53 . 2016-02-03 09:53 22528 ----a-w- c:\windows\system32\icaapi.dll
2016-02-03 09:51 . 2016-02-03 09:51 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2016-02-03 09:51 . 2016-02-03 09:51 46080 ----a-w- c:\windows\system32\atmlib.dll
2016-02-03 09:51 . 2016-02-03 09:51 41984 ----a-w- c:\windows\system32\lpk.dll
2016-02-03 09:51 . 2016-02-03 09:51 372736 ----a-w- c:\windows\system32\atmfd.dll
2016-02-03 09:51 . 2016-02-03 09:51 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2016-02-03 09:51 . 2016-02-03 09:51 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2016-02-03 09:51 . 2016-02-03 09:51 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2016-02-03 09:51 . 2016-02-03 09:51 14336 ----a-w- c:\windows\system32\dciman32.dll
2016-02-03 09:51 . 2016-02-03 09:51 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2016-02-03 09:51 . 2016-02-03 09:51 100864 ----a-w- c:\windows\system32\fontsub.dll
2016-02-03 09:47 . 2016-02-03 09:47 41984 ----a-w- c:\windows\system32\UtcResources.dll
2016-02-03 09:47 . 2016-02-03 09:47 1390592 ----a-w- c:\windows\system32\diagtrack.dll
2016-02-03 09:47 . 2016-02-03 09:47 879104 ----a-w- c:\windows\system32\tdh.dll
2016-02-03 09:47 . 2016-02-03 09:47 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2016-02-03 09:45 . 2016-02-03 09:45 82944 ----a-w- c:\windows\system32\dwmapi.dll
2016-02-03 09:45 . 2016-02-03 09:45 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2016-02-03 09:45 . 2016-02-03 09:45 1632256 ----a-w- c:\windows\system32\dwmcore.dll
2016-02-03 09:45 . 2016-02-03 09:45 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2016-02-03 09:44 . 2016-02-03 09:44 1941504 ----a-w- c:\windows\system32\authui.dll
2016-02-03 09:44 . 2016-02-03 09:44 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-02-03 09:44 . 2016-02-03 09:44 70656 ----a-w- c:\windows\system32\appinfo.dll
2016-02-03 09:44 . 2016-02-03 09:44 115136 ----a-w- c:\windows\system32\consent.exe
2016-02-03 09:39 . 2016-02-03 09:39 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\system32\msxml6r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\system32\msxml3r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2004480 ----a-w- c:\windows\system32\msxml6.dll
2016-02-03 09:39 . 2016-02-03 09:39 1887232 ----a-w- c:\windows\system32\msxml3.dll
2016-02-03 09:39 . 2016-02-03 09:39 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2016-02-03 09:39 . 2016-02-03 09:39 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2016-02-03 09:38 . 2016-02-03 09:38 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2016-02-03 09:38 . 2016-02-03 09:38 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2016-02-03 09:37 . 2016-02-03 09:37 82432 ----a-w- c:\windows\SysWow64\davclnt.dll
2016-02-03 09:37 . 2016-02-03 09:37 260096 ----a-w- c:\windows\system32\WebClnt.dll
2016-02-03 09:37 . 2016-02-03 09:37 206848 ----a-w- c:\windows\SysWow64\WebClnt.dll
2016-02-03 09:37 . 2016-02-03 09:37 102912 ----a-w- c:\windows\system32\davclnt.dll
2016-02-03 09:34 . 2016-02-03 09:34 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\mountmgr.sys.mui
2016-02-03 09:34 . 2016-02-03 09:34 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2016-02-03 09:34 . 2016-02-03 09:34 11264 ----a-w- c:\windows\system32\msmmsp.dll
2016-02-03 09:34 . 2016-02-03 09:34 1743360 ----a-w- c:\windows\system32\sysmain.dll
2016-02-03 09:27 . 2016-02-03 09:27 52736 ----a-w- c:\windows\system32\basesrv.dll
2016-02-03 09:23 . 2016-02-03 09:23 193536 ----a-w- c:\windows\system32\notepad.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-10 21:58 . 2016-02-10 21:58 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-10 21:58 . 2016-02-10 21:58 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-02-10 21:57 . 2016-02-10 21:57 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-10 21:57 . 2016-02-10 21:57 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-02-10 21:57 . 2016-02-10 21:57 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-02-10 21:53 . 2009-07-14 00:22 1393152 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2016-02-10 21:06 . 2013-03-01 13:47 287016 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-02-09 09:05 . 2013-12-18 16:31 165344 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-02-09 09:05 . 2014-04-18 14:08 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-02-09 09:05 . 2013-03-01 13:47 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-02-09 09:05 . 2012-02-24 13:42 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-02-09 09:05 . 2010-05-11 15:30 463744 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-02-09 09:05 . 2010-05-11 15:30 107792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-02-09 09:04 . 2011-03-26 21:32 1065720 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-02-03 10:35 . 2016-02-03 10:35 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-02-03 10:35 . 2016-02-03 10:35 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-02-03 10:06 . 2016-02-03 10:06 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2016-02-03 10:06 . 2016-02-03 10:06 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2016-02-03 10:06 . 2016-02-03 10:06 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2016-02-03 10:06 . 2016-02-03 10:06 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2016-02-03 10:06 . 2016-02-03 10:06 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-02-03 10:06 . 2016-02-03 10:06 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2016-02-03 10:06 . 2016-02-03 10:06 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2016-02-03 10:06 . 2016-02-03 10:06 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2016-02-03 10:06 . 2016-02-03 10:06 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2016-02-03 09:39 . 2016-02-03 09:39 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2016-01-17 22:46 . 2016-01-07 16:10 3571488 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-12-30 15:05 . 2015-12-30 15:05 0 ---ha-w- c:\users\Karolina\AppData\Local\BITF621.tmp
2015-12-02 12:18 . 2010-05-11 15:58 301728 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-01-17 22:01 1536296 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-01-17 22:01 1536296 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-01-17 22:01 1536296 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 9"="c:\program files (x86)\IObit\Advanced SystemCare\ASCTray.exe" [2015-11-06 2010912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2016-02-09 7139768]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2015-11-22 1444880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 athsgt;athsgt;c:\windows\system32\DRIVERS\athsgt.sys;c:\windows\SYSNATIVE\DRIVERS\athsgt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 limsgt;limsgt;c:\windows\system32\DRIVERS\limsgt.sys;c:\windows\SYSNATIVE\DRIVERS\limsgt.sys [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 QQPCRTP;QQPCMgr RTP Service;c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRtp.exe;c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRtp.exe [x]
R3 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
R3 cmshusbser;Mobile Connector USB Device for Legacy Serial Communication IN ANDROID DEVICE;c:\windows\system32\DRIVERS\cmshusbser.sys;c:\windows\SYSNATIVE\DRIVERS\cmshusbser.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 GGSAFERDriver;GGSAFER Driver; [x]
R3 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe;c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [x]
R3 TVSched;TV Task Scheduler (TVTS);c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe;c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AdvancedSystemCareService9;Advanced SystemCare Service 9;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 ClickToRunSvc;Microsoft Office Click-to-Run Service;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe;c:\windows\SYSNATIVE\vfsFPService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys;c:\windows\SYSNATIVE\Drivers\AVerAF15.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys;c:\windows\SYSNATIVE\DRIVERS\johci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 11:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-09 20:45 1090376 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.109\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-24 09:17]
.
2016-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-24 09:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-01-17 23:08 2093360 ----a-w- c:\program files\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-01-17 23:08 2093360 ----a-w- c:\program files\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-01-17 23:08 2093360 ----a-w- c:\program files\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-02-09 09:05 905248 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.Google.com/
uCustomizeSearch = hxxp://www.Google.com/
mCustomizeSearch = hxxp://www.google.com
mSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\program files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-QQPCTray - c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCTRAY.EXE
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file)
ShellIconOverlayIdentifiers-{B7667919-3765-4815-A66D-98A09BE662D6} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-CodInstl - c:\windows\system32\CDUninst.isu
AddRemove-QQPCMgr - c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\Uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" QQPCTray"="\"c:\\Program Files (x86)\\Tencent\\QQPCMgr\\11.1.16923.222\\QQPCTRAY.EXE\" /regrun /qqrepair"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,82,80,41,4b,da,7c,15,4b,8e,74,d4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,82,80,41,4b,da,7c,15,4b,8e,74,d4,\
.
[HKEY_USERS\S-1-5-21-417890151-1962072562-667573049-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ac,ba,2f,57,c4,3d,3c,4d,b7,4e,f0,28,c9,05,a3,75,4c,df,80,02,6c,cf,14,
e4,17,c1,82,17,16,6a,4a,c6,2e,05,58,2c,e6,b3,c2,4d,88,91,81,74,d2,9a,c7,bf,\
"??"=hex:d8,90,4b,a3,73,2d,6c,95,da,79,42,27,2f,a3,90,1c
.
[HKEY_USERS\S-1-5-21-417890151-1962072562-667573049-1000\Software\SecuROM\License information*]
"datasecu"=hex:c1,15,d3,e7,d1,15,1e,fd,a3,87,d5,4c,34,ca,7e,5b,85,0f,7c,3d,bc,
3d,01,64,a0,8b,6a,e6,f5,e5,39,fa,08,91,21,8d,e8,0a,a3,ab,1a,29,53,e5,5b,86,\
"rkeysecu"=hex:e2,1c,9c,ff,e4,ff,7d,03,23,9a,e2,72,39,73,4a,a3
.
[HKEY_USERS\S-1-5-21-417890151-1962072562-667573049-1000_Classes\.*MSWIM*]
@Allowed: (Read) (RestrictedCode)
@="ExtractNow"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\IObit\Advanced SystemCare\Monitor.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
.
**************************************************************************
.
Celkový čas: 2016-02-13 14:58:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-02-13 13:58
.
Před spuštěním: Volných bajtů: 176 704 249 856
Po spuštění: Volných bajtů: 176 011 694 080
.
- - End Of File - - 234C3C3338667905295849FD57660DEE
E6317055AD057D25F3037CDC5F95CCAC
Ohlásit tento příspěvek
Nahoru Profil Upravit příspěvek Odpovědět s citací
skorpo
Předmět příspěvku: Re: čínský šmejd iqiyi-nejde odinstalovatPříspěvekNapsal: včera, 15:03
Online
Návštěvník
Návštěvník
Registrován: 12 úno 2016 18:12
Příspěvky: 3
Log z Combofix. Prosím o pomoc. Děkuji.
ComboFix 16-02-09.01 - Karolina 13.02.2016 14:30:49.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.4063.1977 [GMT 1:00]
Spuštěný z: c:\users\Karolina\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Karolina\AppData\Local\assembly\tmp
c:\users\Karolina\AppData\Local\assembly\tmp\OXA3633N\__AssemblyInfo__.ini
c:\users\Karolina\AppData\Local\assembly\tmp\OXA3633N\Microsoft.Office.Tools.Common.v4.0.Utilities.DLL
c:\windows\IsUn0405.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\tmp144F.tmp
c:\windows\SysWow64\tmp145F.tmp
c:\windows\SysWow64\tmp6F2B.tmp
c:\windows\SysWow64\tmp6F3B.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2016-01-13 do 2016-02-13 )))))))))))))))))))))))))))))))
.
.
2016-02-13 13:44 . 2016-02-13 13:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-02-12 16:59 . 2016-02-12 16:59 -------- d-----w- c:\programdata\TXQMPC
2016-02-10 22:10 . 2016-02-10 22:10 210432 ----a-w- c:\windows\system32\aepic.dll
2016-02-10 22:10 . 2016-02-10 22:10 1164800 ----a-w- c:\windows\system32\aeinv.dll
2016-02-10 21:57 . 2016-02-10 21:57 62464 ----a-w- c:\windows\system32\drivers\appid.sys
2016-02-10 21:54 . 2016-02-10 21:54 879616 ----a-w- c:\windows\system32\advapi32.dll
2016-02-10 21:54 . 2016-02-10 21:54 643072 ----a-w- c:\windows\SysWow64\advapi32.dll
2016-02-10 21:52 . 2016-02-10 21:52 76288 ----a-w- c:\windows\system32\devenum.dll
2016-02-10 21:52 . 2016-02-10 21:52 67584 ----a-w- c:\windows\SysWow64\devenum.dll
2016-02-10 21:52 . 2016-02-10 21:52 624640 ----a-w- c:\windows\system32\qedit.dll
2016-02-10 21:52 . 2016-02-10 21:52 509952 ----a-w- c:\windows\SysWow64\qedit.dll
2016-02-10 21:52 . 2016-02-10 21:52 91648 ----a-w- c:\windows\system32\mapi32.dll
2016-02-10 21:52 . 2016-02-10 21:52 76800 ----a-w- c:\windows\SysWow64\mapistub.dll
2016-02-10 21:52 . 2016-02-10 21:52 14336 ----a-w- c:\windows\SysWow64\fixmapi.exe
2016-02-10 21:52 . 2016-02-10 21:52 91648 ----a-w- c:\windows\system32\mapistub.dll
2016-02-10 21:52 . 2016-02-10 21:52 17920 ----a-w- c:\windows\system32\fixmapi.exe
2016-02-10 21:51 . 2016-02-10 21:51 3211264 ----a-w- c:\windows\system32\win32k.sys
2016-02-10 21:25 . 2016-02-10 21:25 87864 ------w- c:\windows\system32\drivers\TFsFltX64.sys
2016-02-10 21:24 . 2016-02-12 17:00 -------- d-----w- c:\programdata\Tencent
2016-02-10 09:37 . 2016-02-10 09:37 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2259791-36CE-43F6-A778-7F540B49C3CE}\offreg.3656.dll
2016-02-09 17:53 . 2016-02-09 17:53 -------- d-----w- c:\users\Karolina\AppData\Roaming\GameMill Entertainment
2016-02-09 17:16 . 2016-02-09 17:16 -------- d-----w- c:\programdata\Big Fish
2016-02-09 17:14 . 2016-02-09 17:16 -------- d-----w- c:\users\Karolina\AppData\Local\Big Fish
2016-02-09 09:05 . 2016-02-09 09:05 398152 ----a-w- c:\windows\system32\aswBoot.exe
2016-02-09 09:05 . 2016-02-09 09:05 52184 ----a-w- c:\windows\avastSS.scr
2016-02-03 11:01 . 2016-02-03 11:01 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2259791-36CE-43F6-A778-7F540B49C3CE}\offreg.4380.dll
2016-02-03 10:53 . 2015-12-16 09:15 11154520 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B2259791-36CE-43F6-A778-7F540B49C3CE}\mpengine.dll
2016-02-03 10:53 . 2016-02-03 10:53 -------- d-----w- C:\4b07b6a08b1f5c3eab3c975b
2016-02-03 10:50 . 2016-02-03 10:50 7168 ----a-w- c:\windows\system32\kbdgeoqw.dll
2016-02-03 10:50 . 2016-02-03 10:50 7168 ----a-w- c:\windows\system32\KBDAZEL.DLL
2016-02-03 10:50 . 2016-02-03 10:50 7168 ----a-w- c:\windows\system32\KBDAZE.DLL
2016-02-03 10:50 . 2016-02-03 10:50 6656 ----a-w- c:\windows\SysWow64\kbdgeoqw.dll
2016-02-03 10:50 . 2016-02-03 10:50 6656 ----a-w- c:\windows\SysWow64\KBDAZEL.DLL
2016-02-03 10:50 . 2016-02-03 10:50 69120 ----a-w- c:\windows\SysWow64\nlsbres.dll
2016-02-03 10:50 . 2016-02-03 10:50 69120 ----a-w- c:\windows\system32\nlsbres.dll
2016-02-03 10:47 . 2016-02-03 10:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-02-03 10:47 . 2016-02-03 10:47 2048 ----a-w- c:\windows\system32\tzres.dll
2016-02-03 10:42 . 2016-02-03 10:42 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2016-02-03 10:42 . 2016-02-03 10:42 1180160 ----a-w- c:\windows\system32\FntCache.dll
2016-02-03 10:42 . 2016-02-03 10:42 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-02-03 10:42 . 2016-02-03 10:42 1648128 ----a-w- c:\windows\system32\DWrite.dll
2016-02-03 10:42 . 2016-02-03 10:42 1008640 ----a-w- c:\windows\system32\user32.dll
2016-02-03 10:41 . 2016-02-03 10:41 241664 ----a-w- c:\windows\system32\els.dll
2016-02-03 10:41 . 2016-02-03 10:41 179712 ----a-w- c:\windows\SysWow64\els.dll
2016-02-03 10:39 . 2016-02-03 10:39 17408 ----a-w- c:\windows\system32\wshrm.dll
2016-02-03 10:39 . 2016-02-03 10:39 14848 ----a-w- c:\windows\SysWow64\wshrm.dll
2016-02-03 10:39 . 2016-02-03 10:39 146944 ----a-w- c:\windows\system32\drivers\rmcast.sys
2016-02-03 10:38 . 2016-02-03 10:38 802304 ----a-w- c:\windows\system32\usp10.dll
2016-02-03 10:38 . 2016-02-03 10:38 627712 ----a-w- c:\windows\SysWow64\usp10.dll
2016-02-03 10:37 . 2016-02-03 10:37 487936 ----a-w- c:\windows\SysWow64\catsrvut.dll
2016-02-03 10:37 . 2016-02-03 10:37 1242624 ----a-w- c:\windows\SysWow64\comsvcs.dll
2016-02-03 10:37 . 2016-02-03 10:37 525312 ----a-w- c:\windows\system32\catsrvut.dll
2016-02-03 10:37 . 2016-02-03 10:37 1735680 ----a-w- c:\windows\system32\comsvcs.dll
2016-02-03 10:18 . 2016-02-03 10:18 497664 ----a-w- c:\windows\system32\drivers\afd.sys
2016-02-03 10:18 . 2016-02-03 10:18 118272 ----a-w- c:\windows\system32\drivers\tdx.sys
2016-02-03 10:16 . 2016-02-03 10:16 950720 ----a-w- c:\windows\system32\drivers\ndis.sys
2016-02-03 10:11 . 2016-02-03 10:11 939520 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2016-02-03 10:11 . 2016-02-03 10:11 274944 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\InkDiv.dll
2016-02-03 10:11 . 2016-02-03 10:11 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
2016-02-03 10:11 . 2016-02-03 10:11 1415168 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\InkObj.dll
2016-02-03 10:11 . 2016-02-03 10:11 126464 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\rtscom.dll
2016-02-03 10:11 . 2016-02-03 10:11 353280 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkDiv.dll
2016-02-03 10:11 . 2016-02-03 10:11 275456 ----a-w- c:\windows\system32\InkEd.dll
2016-02-03 10:11 . 2016-02-03 10:11 2103296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2016-02-03 10:11 . 2016-02-03 10:11 169984 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\rtscom.dll
2016-02-03 10:11 . 2016-02-03 10:11 1372160 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2016-02-03 10:08 . 2016-02-03 10:08 459344 ----a-w- c:\windows\system32\drivers\cng.sys
2016-02-03 10:08 . 2016-02-03 10:08 298192 ----a-w- c:\windows\system32\bcryptprimitives.dll
2016-02-03 10:08 . 2016-02-03 10:08 251000 ----a-w- c:\windows\SysWow64\bcryptprimitives.dll
2016-02-03 10:06 . 2016-02-03 10:06 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2016-02-03 10:06 . 2016-02-03 10:06 6656 ----a-w- c:\windows\system32\shimeng.dll
2016-02-03 10:06 . 2016-02-03 10:06 342016 ----a-w- c:\windows\system32\apphelp.dll
2016-02-03 10:06 . 2016-02-03 10:06 23552 ----a-w- c:\windows\system32\sdbinst.exe
2016-02-03 10:06 . 2016-02-03 10:06 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2016-02-03 10:06 . 2016-02-03 10:06 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2016-02-03 10:06 . 2016-02-03 10:06 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2016-02-03 10:02 . 2016-02-03 10:02 634432 ----a-w- c:\windows\system32\winload.exe
2016-02-03 09:56 . 2016-02-03 09:56 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-02-03 09:56 . 2016-02-03 09:56 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-02-03 09:56 . 2016-02-03 09:56 14176768 ----a-w- c:\windows\system32\shell32.dll
2016-02-03 09:53 . 2016-02-03 09:53 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2016-02-03 09:53 . 2016-02-03 09:53 22528 ----a-w- c:\windows\system32\icaapi.dll
2016-02-03 09:51 . 2016-02-03 09:51 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2016-02-03 09:51 . 2016-02-03 09:51 46080 ----a-w- c:\windows\system32\atmlib.dll
2016-02-03 09:51 . 2016-02-03 09:51 41984 ----a-w- c:\windows\system32\lpk.dll
2016-02-03 09:51 . 2016-02-03 09:51 372736 ----a-w- c:\windows\system32\atmfd.dll
2016-02-03 09:51 . 2016-02-03 09:51 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2016-02-03 09:51 . 2016-02-03 09:51 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2016-02-03 09:51 . 2016-02-03 09:51 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2016-02-03 09:51 . 2016-02-03 09:51 14336 ----a-w- c:\windows\system32\dciman32.dll
2016-02-03 09:51 . 2016-02-03 09:51 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2016-02-03 09:51 . 2016-02-03 09:51 100864 ----a-w- c:\windows\system32\fontsub.dll
2016-02-03 09:47 . 2016-02-03 09:47 41984 ----a-w- c:\windows\system32\UtcResources.dll
2016-02-03 09:47 . 2016-02-03 09:47 1390592 ----a-w- c:\windows\system32\diagtrack.dll
2016-02-03 09:47 . 2016-02-03 09:47 879104 ----a-w- c:\windows\system32\tdh.dll
2016-02-03 09:47 . 2016-02-03 09:47 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2016-02-03 09:45 . 2016-02-03 09:45 82944 ----a-w- c:\windows\system32\dwmapi.dll
2016-02-03 09:45 . 2016-02-03 09:45 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2016-02-03 09:45 . 2016-02-03 09:45 1632256 ----a-w- c:\windows\system32\dwmcore.dll
2016-02-03 09:45 . 2016-02-03 09:45 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2016-02-03 09:44 . 2016-02-03 09:44 1941504 ----a-w- c:\windows\system32\authui.dll
2016-02-03 09:44 . 2016-02-03 09:44 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-02-03 09:44 . 2016-02-03 09:44 70656 ----a-w- c:\windows\system32\appinfo.dll
2016-02-03 09:44 . 2016-02-03 09:44 115136 ----a-w- c:\windows\system32\consent.exe
2016-02-03 09:39 . 2016-02-03 09:39 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\system32\msxml6r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2048 ----a-w- c:\windows\system32\msxml3r.dll
2016-02-03 09:39 . 2016-02-03 09:39 2004480 ----a-w- c:\windows\system32\msxml6.dll
2016-02-03 09:39 . 2016-02-03 09:39 1887232 ----a-w- c:\windows\system32\msxml3.dll
2016-02-03 09:39 . 2016-02-03 09:39 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2016-02-03 09:39 . 2016-02-03 09:39 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2016-02-03 09:38 . 2016-02-03 09:38 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2016-02-03 09:38 . 2016-02-03 09:38 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2016-02-03 09:37 . 2016-02-03 09:37 82432 ----a-w- c:\windows\SysWow64\davclnt.dll
2016-02-03 09:37 . 2016-02-03 09:37 260096 ----a-w- c:\windows\system32\WebClnt.dll
2016-02-03 09:37 . 2016-02-03 09:37 206848 ----a-w- c:\windows\SysWow64\WebClnt.dll
2016-02-03 09:37 . 2016-02-03 09:37 102912 ----a-w- c:\windows\system32\davclnt.dll
2016-02-03 09:34 . 2016-02-03 09:34 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\mountmgr.sys.mui
2016-02-03 09:34 . 2016-02-03 09:34 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2016-02-03 09:34 . 2016-02-03 09:34 11264 ----a-w- c:\windows\system32\msmmsp.dll
2016-02-03 09:34 . 2016-02-03 09:34 1743360 ----a-w- c:\windows\system32\sysmain.dll
2016-02-03 09:27 . 2016-02-03 09:27 52736 ----a-w- c:\windows\system32\basesrv.dll
2016-02-03 09:23 . 2016-02-03 09:23 193536 ----a-w- c:\windows\system32\notepad.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-10 21:58 . 2016-02-10 21:58 344064 ----a-w- c:\windows\system32\schannel.dll
2016-02-10 21:58 . 2016-02-10 21:58 190464 ----a-w- c:\windows\system32\rpchttp.dll
2016-02-10 21:57 . 2016-02-10 21:57 251392 ----a-w- c:\windows\SysWow64\schannel.dll
2016-02-10 21:57 . 2016-02-10 21:57 141312 ----a-w- c:\windows\SysWow64\rpchttp.dll
2016-02-10 21:57 . 2016-02-10 21:57 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2016-02-10 21:53 . 2009-07-14 00:22 1393152 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2016-02-10 21:06 . 2013-03-01 13:47 287016 ----a-w- c:\windows\system32\drivers\aswvmm.sys
2016-02-09 09:05 . 2013-12-18 16:31 165344 ----a-w- c:\windows\system32\drivers\aswStm.sys
2016-02-09 09:05 . 2014-04-18 14:08 37656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2016-02-09 09:05 . 2013-03-01 13:47 74544 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2016-02-09 09:05 . 2012-02-24 13:42 103064 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2016-02-09 09:05 . 2010-05-11 15:30 463744 ----a-w- c:\windows\system32\drivers\aswSP.sys
2016-02-09 09:05 . 2010-05-11 15:30 107792 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2016-02-09 09:04 . 2011-03-26 21:32 1065720 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2016-02-03 10:35 . 2016-02-03 10:35 230400 ----a-w- c:\windows\SysWow64\webcheck.dll
2016-02-03 10:35 . 2016-02-03 10:35 262144 ----a-w- c:\windows\system32\webcheck.dll
2016-02-03 10:06 . 2016-02-03 10:06 562176 ----a-w- c:\windows\apppatch\AcLayers.dll
2016-02-03 10:06 . 2016-02-03 10:06 470528 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2016-02-03 10:06 . 2016-02-03 10:06 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2016-02-03 10:06 . 2016-02-03 10:06 309248 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2016-02-03 10:06 . 2016-02-03 10:06 2560 ----a-w- c:\windows\apppatch\AcRes.dll
2016-02-03 10:06 . 2016-02-03 10:06 2178560 ----a-w- c:\windows\apppatch\AcGenral.dll
2016-02-03 10:06 . 2016-02-03 10:06 211968 ----a-w- c:\windows\apppatch\AcXtrnal.dll
2016-02-03 10:06 . 2016-02-03 10:06 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2016-02-03 10:06 . 2016-02-03 10:06 103424 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2016-02-03 09:39 . 2016-02-03 09:39 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2016-01-17 22:46 . 2016-01-07 16:10 3571488 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-12-30 15:05 . 2015-12-30 15:05 0 ---ha-w- c:\users\Karolina\AppData\Local\BITF621.tmp
2015-12-02 12:18 . 2010-05-11 15:58 301728 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-01-07 16:18 329376 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\FileSyncShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-01-17 22:01 1536296 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-01-17 22:01 1536296 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-01-17 22:01 1536296 ----a-w- c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 9"="c:\program files (x86)\IObit\Advanced SystemCare\ASCTray.exe" [2015-11-06 2010912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-07-02 98304]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"AvastUI.exe"="c:\program files\Alwil Software\Avast5\AvastUI.exe" [2016-02-09 7139768]
"Magic Desktop for HP notification"="c:\programdata\Easybits Magic Desktop for HP\mdhpSUN.exe" [2015-11-22 1444880]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"HideFastUserSwitching"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSimpleNetIDList"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="c:\windows\system32\userinit.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 athsgt;athsgt;c:\windows\system32\DRIVERS\athsgt.sys;c:\windows\SYSNATIVE\DRIVERS\athsgt.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 limsgt;limsgt;c:\windows\system32\DRIVERS\limsgt.sys;c:\windows\SYSNATIVE\DRIVERS\limsgt.sys [x]
R2 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R2 QQPCRTP;QQPCMgr RTP Service;c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRtp.exe;c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRtp.exe [x]
R3 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [x]
R3 cmshusbser;Mobile Connector USB Device for Legacy Serial Communication IN ANDROID DEVICE;c:\windows\system32\DRIVERS\cmshusbser.sys;c:\windows\SYSNATIVE\DRIVERS\cmshusbser.sys [x]
R3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [x]
R3 GGSAFERDriver;GGSAFER Driver; [x]
R3 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RegFilter;RegFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe;c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [x]
R3 TVSched;TV Task Scheduler (TVTS);c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe;c:\program files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe [x]
R3 UrlFilter;UrlFilter;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys;c:\program files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 FileMonitor;FileMonitor;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys;c:\program files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS;c:\windows\SysWOW64\drivers\HWiNFO64A.SYS [x]
S2 AdvancedSystemCareService9;Advanced SystemCare Service 9;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 ClickToRunSvc;Microsoft Office Click-to-Run Service;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe;c:\program files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 IMFservice;IMF Service;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe;c:\program files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [x]
S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe;c:\windows\SYSNATIVE\vfsFPService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 AVerAF15;HP DVB-T TV Tuner;c:\windows\system32\Drivers\AVerAF15.sys;c:\windows\SYSNATIVE\Drivers\AVerAF15.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 johci;JMicron 1394 Filter Driver;c:\windows\system32\DRIVERS\johci.sys;c:\windows\SYSNATIVE\DRIVERS\johci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
ezSharedSvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-08-20 11:24 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-09 20:45 1090376 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.109\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2016-02-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-24 09:17]
.
2016-02-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-07-24 09:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive1]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive2]
@="{5AB7172C-9C11-405C-8DD5-AF20F3606282}"
[HKEY_CLASSES_ROOT\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive3]
@="{A78ED123-AB77-406B-9962-2A5D9D2F7F30}"
[HKEY_CLASSES_ROOT\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive4]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ OneDrive5]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2016-01-07 16:19 358064 ----a-w- c:\users\Karolina\AppData\Local\Microsoft\OneDrive\17.3.4604.0120\amd64\FileSyncShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2016-01-17 23:08 2093360 ----a-w- c:\program files\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2016-01-17 23:08 2093360 ----a-w- c:\program files\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2016-01-17 23:08 2093360 ----a-w- c:\program files\Microsoft Office\root\Office16\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2016-02-09 09:05 905248 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-03-23 487424]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://seznam.cz/
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.Google.com/
uCustomizeSearch = hxxp://www.Google.com/
mCustomizeSearch = hxxp://www.google.com
mSearchAssistant = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Odeslat obrázek do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Odeslat stránku do zařízení &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Se&nd to OneNote - c:\program files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-QQPCTray - c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCTRAY.EXE
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{95080B13-AA71-4EE8-B951-7E98221E1ED5} - (no file)
ShellIconOverlayIdentifiers-{B7667919-3765-4815-A66D-98A09BE662D6} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-CodInstl - c:\windows\system32\CDUninst.isu
AddRemove-QQPCMgr - c:\program files (x86)\Tencent\QQPCMgr\11.1.16923.222\Uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
" QQPCTray"="\"c:\\Program Files (x86)\\Tencent\\QQPCMgr\\11.1.16923.222\\QQPCTRAY.EXE\" /regrun /qqrepair"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,82,80,41,4b,da,7c,15,4b,8e,74,d4,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,82,80,41,4b,da,7c,15,4b,8e,74,d4,\
.
[HKEY_USERS\S-1-5-21-417890151-1962072562-667573049-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ac,ba,2f,57,c4,3d,3c,4d,b7,4e,f0,28,c9,05,a3,75,4c,df,80,02,6c,cf,14,
e4,17,c1,82,17,16,6a,4a,c6,2e,05,58,2c,e6,b3,c2,4d,88,91,81,74,d2,9a,c7,bf,\
"??"=hex:d8,90,4b,a3,73,2d,6c,95,da,79,42,27,2f,a3,90,1c
.
[HKEY_USERS\S-1-5-21-417890151-1962072562-667573049-1000\Software\SecuROM\License information*]
"datasecu"=hex:c1,15,d3,e7,d1,15,1e,fd,a3,87,d5,4c,34,ca,7e,5b,85,0f,7c,3d,bc,
3d,01,64,a0,8b,6a,e6,f5,e5,39,fa,08,91,21,8d,e8,0a,a3,ab,1a,29,53,e5,5b,86,\
"rkeysecu"=hex:e2,1c,9c,ff,e4,ff,7d,03,23,9a,e2,72,39,73,4a,a3
.
[HKEY_USERS\S-1-5-21-417890151-1962072562-667573049-1000_Classes\.*MSWIM*]
@Allowed: (Read) (RestrictedCode)
@="ExtractNow"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000001
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\program files (x86)\DigitalPersona\Bin\DpHostW.exe
c:\program files (x86)\IObit\Advanced SystemCare\Monitor.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\program files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
.
**************************************************************************
.
Celkový čas: 2016-02-13 14:58:28 - počítač byl restartován
ComboFix-quarantined-files.txt 2016-02-13 13:58
.
Před spuštěním: Volných bajtů: 176 704 249 856
Po spuštění: Volných bajtů: 176 011 694 080
.
- - End Of File - - 234C3C3338667905295849FD57660DEE
E6317055AD057D25F3037CDC5F95CCAC
díky
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
čínská aplikace nejde odinstalovat
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: čínská aplikace nejde odinstalovat
Zdravím!
Proč spuštíte Combofix bez pokynu rádce? Je to profesinální utilita, kterou si laik snadno může poškodit systém. V záhlaví stránky (Pravidla fóra) máte jasně napsáno, co máte spustit, požadujete-li od nás pomoc. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Proč spuštíte Combofix bez pokynu rádce? Je to profesinální utilita, kterou si laik snadno může poškodit systém. V záhlaví stránky (Pravidla fóra) máte jasně napsáno, co máte spustit, požadujete-li od nás pomoc. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: čínská aplikace nejde odinstalovat
Zdravím, musím rozdělit na 2 odpovědi, text je moc dlouhý. díky
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Karolina (administrator) on KAROLINA-PC (14-02-2016 11:34:38)
Running from C:\Users\Karolina\Desktop
Loaded Profiles: Karolina (Available Profiles: Karolina)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(forum.viry.cz) C:\Users\Karolina\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [7139768 2016-02-09] (AVAST Software)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1444880 2015-11-22] (Easybits)
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCTRAY.EXE" /regrun /qqrepair
HKU\S-1-5-21-417890151-1962072562-667573049-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-06] (IObit)
HKU\S-1-5-21-417890151-1962072562-667573049-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-417890151-1962072562-667573049-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-417890151-1962072562-667573049-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2016-02-09] (AVAST Software)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B15BDA20-B1F8-4205-BDA9-735F10059DE4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E7D758D2-D006-4EE0-A622-B33A923B5CEB}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-417890151-1962072562-667573049-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-417890151-1962072562-667573049-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-417890151-1962072562-667573049-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {CCDE0922-CEA4-46A7-A315-9DEF7285248A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {CCDE0922-CEA4-46A7-A315-9DEF7285248A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> DefaultScope {CCDE0922-CEA4-46A7-A315-9DEF7285248A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> search13 URL = hxxp://search13.net/search.php?q={searchTerms}
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {152509EE-2247-4D3A-BF19-3F7E076160F6} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {40D39C80-C042-4F98-9EFE-A43FD048E5EC} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {477335C2-2809-4C86-9652-4BD6761D3B8F} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {5B9258D9-FA56-4BE9-91D6-564D69C15138} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {9D3FFDDF-67E9-4948-ADF5-1CF819F51F5C} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {A4302671-E6A4-450E-84A8-F1C98476A441} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {AB363E11-3911-4F82-B22D-AFB6E3937C00} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {BFD9572B-3562-4814-849A-B62083EF8146} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {CCDE0922-CEA4-46A7-A315-9DEF7285248A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {FE493546-FD36-47AE-B5D9-A7A519B16D5A} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2016-02-09] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-01-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-01-18] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2009-11-25] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2016-02-09] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-01-17] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-17] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25] (CANON INC.)
Toolbar: HKU\.DEFAULT -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> No Name - {95080B13-AA71-4EE8-B951-7E98221E1ED5} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-27] (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-05-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2013-06-28] ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-12] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-417890151-1962072562-667573049-1000: @lingea.com/x-lingea-translate -> C:\Program Files (x86)\Common Files\Lingea Shared\LG_Mozilla.dll [2014-04-18] (Lingea s.r.o.)
FF Plugin HKU\S-1-5-21-417890151-1962072562-667573049-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Karolina\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-10] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2016-02-09]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2009-08-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-31] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\Alwil Software\Avast5\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\Alwil Software\Avast5\SafePrice\FF [2016-02-09]
FF HKU\S-1-5-21-417890151-1962072562-667573049-1000\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Disk Google) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Causality Games) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl [2015-03-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Bookmark Manager) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2016-02-01]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2015-10-27]
CHR Extension: (Uncharted 2) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmioeheihppgmilgbdcameakgnfapfob [2015-07-10]
CHR Extension: (iLivid) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2016-02-12]
CHR Extension: (Citace PRO) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpfaidppllikakgbjppnjfidjkpafmp [2015-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-03-06]
CHR Extension: (电脑管家上网防护) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-02-12]
CHR Extension: (Gmail) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2016-02-09]
CHR HKLM-x32\...\Chrome\Extension: [ligocpecgmjonmijmlompafnhnpgjccd] - C:\Program Files (x86)\Lingea\Lexicon5\syst\LG_Chrome.crx [2014-04-18]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
S3 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [237096 2016-02-09] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2772720 2016-01-17] (Microsoft Corporation)
R2 DpHost; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [322624 2009-07-17] (DigitalPersona, Inc.) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-05-10] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [878912 2015-04-02] (IObit)
S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-04] (Electronic Arts)
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 TVCapSvc; c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [296360 2009-10-06] ()
S3 TVSched; c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe [169376 2009-10-06] ()
R2 vfsFPService; C:\Windows\system32\vfsFPService.exe [721712 2009-08-17] (Validity Sensors, Inc.)
R2 vfsFPService; C:\Windows\SysWOW64\vfsFPService.exe [599344 2009-08-17] (Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 QQPCRTP; "C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRtp.exe" -r [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-10] (AVAST Software)
S2 athsgt; C:\Windows\SysWOW64\DRIVERS\athsgt.sys [164992 2010-10-10] () [File not signed]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-08-20] ()
R3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [311424 2009-05-22] (AVerMedia TECHNOLOGIES, Inc.)
S3 cmshusbser; C:\Windows\System32\DRIVERS\cmshusbser.sys [127232 2011-11-30] (QUALCOMM Incorporated)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
S3 GGSAFERDriver; no ImagePath
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-05-22] (REALiX(tm))
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2015-05-22] (JMicron Technology Corp.)
S2 limsgt; C:\Windows\SysWOW64\DRIVERS\limsgt.sys [12544 2010-10-10] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-08-20] ()
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-05-22] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-05-13] () [File not signed]
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
U3 a8b0q2v5; C:\Windows\System32\Drivers\a8b0q2v5.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U3 aghqxgvw; C:\Windows\System32\Drivers\aghqxgvw.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 nmwcd; system32\drivers\ccdcmbx64.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbox64.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-14 11:34 - 2016-02-14 11:36 - 00028538 _____ C:\Users\Karolina\Desktop\FRST.txt
2016-02-14 11:33 - 2016-02-14 11:34 - 00000000 ____D C:\FRST
2016-02-14 11:33 - 2016-02-14 11:33 - 00112640 _____ (forum.viry.cz) C:\Users\Karolina\Desktop\FRSTLauncher.exe
2016-02-14 11:32 - 2016-02-14 11:33 - 02370560 _____ (Farbar) C:\Users\Karolina\Desktop\FRST64.exe
2016-02-14 11:30 - 2016-02-14 11:30 - 00112640 _____ (forum.viry.cz) C:\Users\Karolina\Desktop\Nepotvrzeno 38211.crdownload
2016-02-13 14:58 - 2016-02-13 14:58 - 00041839 _____ C:\ComboFix.txt
2016-02-13 14:27 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-02-13 14:27 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-02-13 14:27 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-02-13 14:27 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-02-13 14:27 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-02-13 14:27 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-02-13 14:27 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-02-13 14:27 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-02-13 14:26 - 2016-02-13 14:58 - 00000000 ____D C:\Qoobox
2016-02-13 14:25 - 2016-02-13 14:55 - 00000000 ____D C:\Windows\erdnt
2016-02-13 14:25 - 2016-02-13 14:25 - 05657611 ____R (Swearware) C:\Users\Karolina\Desktop\ComboFix.exe
2016-02-12 18:03 - 2016-02-12 18:03 - 00007877 _____ C:\Users\Karolina\Desktop\AdwCleaner[C1].txt
2016-02-12 17:59 - 2016-02-12 17:59 - 00000000 ____D C:\ProgramData\TXQMPC
2016-02-12 17:41 - 2016-02-12 17:41 - 01508352 _____ C:\Users\Karolina\Desktop\adwcleaner_5.033.exe
2016-02-11 11:44 - 2016-02-11 11:44 - 00000000 ____D C:\Users\Karolina\AppData\LocalLow\uTorrent
2016-02-11 11:34 - 2016-02-11 11:35 - 05275552 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 23:14 - 2016-02-10 23:14 - 00000000 ____H C:\asc_rdflag
2016-02-10 23:10 - 2016-02-10 23:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 23:10 - 2016-02-10 23:10 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 05553600 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 01729984 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00706496 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-02-10 22:58 - 2016-02-10 22:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00631384 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-02-10 22:58 - 2016-02-10 22:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 22:58 - 2016-02-10 22:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 22:58 - 2016-02-10 22:58 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 22:58 - 2016-02-10 22:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 22:58 - 2016-02-10 22:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 22:58 - 2016-02-10 22:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 03998144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-10 22:57 - 2016-02-10 22:57 - 03943360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-10 22:57 - 2016-02-10 22:57 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-02-10 22:57 - 2016-02-10 22:57 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-02-10 22:57 - 2016-02-10 22:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-10 22:57 - 2016-02-10 22:57 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-02-10 22:57 - 2016-02-10 22:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-10 22:57 - 2016-02-10 22:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-10 22:54 - 2016-02-10 22:54 - 00879616 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 22:54 - 2016-02-10 22:54 - 00643072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-02-10 22:53 - 2016-02-10 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-02-10 22:53 - 2016-02-10 22:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-02-10 22:53 - 2016-02-10 22:53 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-02-10 22:53 - 2016-02-10 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-02-10 22:53 - 2016-02-10 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-02-10 22:53 - 2016-02-10 22:53 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-02-10 22:53 - 2016-02-10 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-02-10 22:53 - 2016-02-10 22:53 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-02-10 22:53 - 2016-02-10 22:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-02-10 22:52 - 2016-02-10 22:52 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-02-10 22:51 - 2016-02-10 22:51 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 22:42 - 2016-02-10 22:42 - 73256960 _____ C:\Windows\system32\config\components.iobit
2016-02-10 22:27 - 2016-02-10 22:27 - 00005120 _____ C:\Users\Karolina\AppData\Roaming\GiftBag.db
2016-02-10 22:25 - 2016-02-10 22:25 - 00087864 ____N (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-02-10 22:24 - 2016-02-12 18:00 - 00000000 ____D C:\ProgramData\Tencent
2016-02-10 22:22 - 2016-02-10 23:26 - 00000270 __RSH C:\ProgramData\ntuser.pol
2016-02-10 22:22 - 2016-02-10 22:22 - 00000008 __RSH C:\Users\Karolina\ntuser.pol
2016-02-10 16:18 - 2016-02-10 16:18 - 00000000 ____D C:\Users\Karolina\AppData\LocalLow\CampoSanto
2016-02-09 18:53 - 2016-02-09 18:53 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\GameMill Entertainment
2016-02-09 18:16 - 2016-02-09 18:16 - 00000000 ____D C:\ProgramData\Big Fish
2016-02-09 18:14 - 2016-02-09 18:16 - 00000000 ____D C:\Users\Karolina\AppData\Local\Big Fish
2016-02-09 17:49 - 2016-02-09 17:49 - 00034304 _____ C:\Users\Karolina\Downloads\A78A.tmp
2016-02-09 10:05 - 2016-02-09 10:05 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-09 10:05 - 2016-02-09 10:05 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-05 14:41 - 2016-02-05 14:42 - 00000660 _____ C:\Users\Karolina\AppData\Roaming\Microsoft\Windows\Start Menu\WinRAR.lnk
2016-02-03 11:53 - 2016-02-03 11:53 - 00000000 ____D C:\4b07b6a08b1f5c3eab3c975b
2016-02-03 11:52 - 2016-02-03 11:52 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-03 11:52 - 2016-02-03 11:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-03 11:52 - 2016-02-03 11:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-03 11:52 - 2016-02-03 11:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-03 11:50 - 2016-02-03 11:50 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-02-03 11:50 - 2016-02-03 11:50 - 00419928 _____ C:\Windows\system32\locale.nls
2016-02-03 11:50 - 2016-02-03 11:50 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-02-03 11:50 - 2016-02-03 11:50 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-02-03 11:50 - 2016-02-03 11:50 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-02-03 11:50 - 2016-02-03 11:50 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-02-03 11:50 - 2016-02-03 11:50 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-02-03 11:50 - 2016-02-03 11:50 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-02-03 11:50 - 2016-02-03 11:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-02-03 11:50 - 2016-02-03 11:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-02-03 11:47 - 2016-02-03 11:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-02-03 11:47 - 2016-02-03 11:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-02-03 11:42 - 2016-02-03 11:42 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-02-03 11:42 - 2016-02-03 11:42 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-02-03 11:42 - 2016-02-03 11:42 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-02-03 11:42 - 2016-02-03 11:42 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Karolina (administrator) on KAROLINA-PC (14-02-2016 11:34:38)
Running from C:\Users\Karolina\Desktop
Loaded Profiles: Karolina (Available Profiles: Karolina)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\35.0.2066.37\opera.exe
(forum.viry.cz) C:\Users\Karolina\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPCam_Menu] => c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvastUI.exe [7139768 2016-02-09] (AVAST Software)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1444880 2015-11-22] (Easybits)
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCTRAY.EXE" /regrun /qqrepair
HKU\S-1-5-21-417890151-1962072562-667573049-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-06] (IObit)
HKU\S-1-5-21-417890151-1962072562-667573049-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-417890151-1962072562-667573049-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-417890151-1962072562-667573049-1000\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShA64.dll [2016-02-09] (AVAST Software)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B15BDA20-B1F8-4205-BDA9-735F10059DE4}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E7D758D2-D006-4EE0-A622-B33A923B5CEB}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-417890151-1962072562-667573049-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-417890151-1962072562-667573049-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://seznam.cz/
HKU\S-1-5-21-417890151-1962072562-667573049-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> {CCDE0922-CEA4-46A7-A315-9DEF7285248A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {CCDE0922-CEA4-46A7-A315-9DEF7285248A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> DefaultScope {CCDE0922-CEA4-46A7-A315-9DEF7285248A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> search13 URL = hxxp://search13.net/search.php?q={searchTerms}
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {152509EE-2247-4D3A-BF19-3F7E076160F6} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {40D39C80-C042-4F98-9EFE-A43FD048E5EC} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {477335C2-2809-4C86-9652-4BD6761D3B8F} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {5B9258D9-FA56-4BE9-91D6-564D69C15138} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {9D3FFDDF-67E9-4948-ADF5-1CF819F51F5C} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {A4302671-E6A4-450E-84A8-F1C98476A441} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {AB363E11-3911-4F82-B22D-AFB6E3937C00} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {BFD9572B-3562-4814-849A-B62083EF8146} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_13415
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {CCDE0922-CEA4-46A7-A315-9DEF7285248A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {FE493546-FD36-47AE-B5D9-A7A519B16D5A} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_13415
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll [2016-02-09] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-01-17] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-01-18] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2009-11-25] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2016-02-09] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-01-17] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-17] (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2009-11-25] (CANON INC.)
Toolbar: HKU\.DEFAULT -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> No Name - {95080B13-AA71-4EE8-B951-7E98221E1ED5} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-27] (CANON INC.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-12-13] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-05-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-05-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2013-06-28] ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-12] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-417890151-1962072562-667573049-1000: @lingea.com/x-lingea-translate -> C:\Program Files (x86)\Common Files\Lingea Shared\LG_Mozilla.dll [2014-04-18] (Lingea s.r.o.)
FF Plugin HKU\S-1-5-21-417890151-1962072562-667573049-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Karolina\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-10] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2016-02-09]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2009-08-25] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-31] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\Alwil Software\Avast5\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\Alwil Software\Avast5\SafePrice\FF [2016-02-09]
FF HKU\S-1-5-21-417890151-1962072562-667573049-1000\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\firefoxext
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Disk Google) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Causality Games) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\femoooemgmjaebeodbbikbkmhlafenpl [2015-03-19]
CHR Extension: (Dokumenty Google offline) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Bookmark Manager) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2016-02-01]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2015-10-27]
CHR Extension: (Uncharted 2) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmioeheihppgmilgbdcameakgnfapfob [2015-07-10]
CHR Extension: (iLivid) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2016-02-12]
CHR Extension: (Citace PRO) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncpfaidppllikakgbjppnjfidjkpafmp [2015-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-03-06]
CHR Extension: (电脑管家上网防护) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-02-12]
CHR Extension: (Gmail) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx [2016-02-09]
CHR HKLM-x32\...\Chrome\Extension: [ligocpecgmjonmijmlompafnhnpgjccd] - C:\Program Files (x86)\Lingea\Lexicon5\syst\LG_Chrome.crx [2014-04-18]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
S3 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [237096 2016-02-09] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2772720 2016-01-17] (Microsoft Corporation)
R2 DpHost; C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe [322624 2009-07-17] (DigitalPersona, Inc.) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2012-05-10] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [878912 2015-04-02] (IObit)
S3 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-04] (Electronic Arts)
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
S3 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) [File not signed]
S3 TVCapSvc; c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVCapSvc.exe [296360 2009-10-06] ()
S3 TVSched; c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\TVSched.exe [169376 2009-10-06] ()
R2 vfsFPService; C:\Windows\system32\vfsFPService.exe [721712 2009-08-17] (Validity Sensors, Inc.)
R2 vfsFPService; C:\Windows\SysWOW64\vfsFPService.exe [599344 2009-08-17] (Validity Sensors, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 QQPCRTP; "C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCRtp.exe" -r [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-10] (AVAST Software)
S2 athsgt; C:\Windows\SysWOW64\DRIVERS\athsgt.sys [164992 2010-10-10] () [File not signed]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-08-20] ()
R3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [311424 2009-05-22] (AVerMedia TECHNOLOGIES, Inc.)
S3 cmshusbser; C:\Windows\System32\DRIVERS\cmshusbser.sys [127232 2011-11-30] (QUALCOMM Incorporated)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
S3 GGSAFERDriver; no ImagePath
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-05-22] (REALiX(tm))
R3 johci; C:\Windows\System32\DRIVERS\johci.sys [26208 2015-05-22] (JMicron Technology Corp.)
S2 limsgt; C:\Windows\SysWOW64\DRIVERS\limsgt.sys [12544 2010-10-10] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-08-20] ()
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2015-05-22] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-05-13] () [File not signed]
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
U3 a8b0q2v5; C:\Windows\System32\Drivers\a8b0q2v5.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U3 aghqxgvw; C:\Windows\System32\Drivers\aghqxgvw.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 nmwcd; system32\drivers\ccdcmbx64.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbox64.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-14 11:34 - 2016-02-14 11:36 - 00028538 _____ C:\Users\Karolina\Desktop\FRST.txt
2016-02-14 11:33 - 2016-02-14 11:34 - 00000000 ____D C:\FRST
2016-02-14 11:33 - 2016-02-14 11:33 - 00112640 _____ (forum.viry.cz) C:\Users\Karolina\Desktop\FRSTLauncher.exe
2016-02-14 11:32 - 2016-02-14 11:33 - 02370560 _____ (Farbar) C:\Users\Karolina\Desktop\FRST64.exe
2016-02-14 11:30 - 2016-02-14 11:30 - 00112640 _____ (forum.viry.cz) C:\Users\Karolina\Desktop\Nepotvrzeno 38211.crdownload
2016-02-13 14:58 - 2016-02-13 14:58 - 00041839 _____ C:\ComboFix.txt
2016-02-13 14:27 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-02-13 14:27 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-02-13 14:27 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-02-13 14:27 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-02-13 14:27 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-02-13 14:27 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-02-13 14:27 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-02-13 14:27 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-02-13 14:26 - 2016-02-13 14:58 - 00000000 ____D C:\Qoobox
2016-02-13 14:25 - 2016-02-13 14:55 - 00000000 ____D C:\Windows\erdnt
2016-02-13 14:25 - 2016-02-13 14:25 - 05657611 ____R (Swearware) C:\Users\Karolina\Desktop\ComboFix.exe
2016-02-12 18:03 - 2016-02-12 18:03 - 00007877 _____ C:\Users\Karolina\Desktop\AdwCleaner[C1].txt
2016-02-12 17:59 - 2016-02-12 17:59 - 00000000 ____D C:\ProgramData\TXQMPC
2016-02-12 17:41 - 2016-02-12 17:41 - 01508352 _____ C:\Users\Karolina\Desktop\adwcleaner_5.033.exe
2016-02-11 11:44 - 2016-02-11 11:44 - 00000000 ____D C:\Users\Karolina\AppData\LocalLow\uTorrent
2016-02-11 11:34 - 2016-02-11 11:35 - 05275552 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 23:14 - 2016-02-10 23:14 - 00000000 ____H C:\asc_rdflag
2016-02-10 23:10 - 2016-02-10 23:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-10 23:10 - 2016-02-10 23:10 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 05553600 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 01729984 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00706496 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-02-10 22:58 - 2016-02-10 22:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00631384 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-02-10 22:58 - 2016-02-10 22:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-10 22:58 - 2016-02-10 22:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-10 22:58 - 2016-02-10 22:58 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-10 22:58 - 2016-02-10 22:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-10 22:58 - 2016-02-10 22:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-10 22:58 - 2016-02-10 22:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-10 22:58 - 2016-02-10 22:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-10 22:58 - 2016-02-10 22:58 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 03998144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-10 22:57 - 2016-02-10 22:57 - 03943360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-10 22:57 - 2016-02-10 22:57 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-02-10 22:57 - 2016-02-10 22:57 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-02-10 22:57 - 2016-02-10 22:57 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-10 22:57 - 2016-02-10 22:57 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-02-10 22:57 - 2016-02-10 22:57 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-10 22:57 - 2016-02-10 22:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-10 22:57 - 2016-02-10 22:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-10 22:54 - 2016-02-10 22:54 - 00879616 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-10 22:54 - 2016-02-10 22:54 - 00643072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 01955328 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01575424 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 01568768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVENCOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 01325056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 01232896 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01153024 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 01026048 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 01010688 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00978944 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2adec.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00902144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPEG2ENC.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00815616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMADMOE.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00740352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00739328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00666112 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVXENCD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFWMAAEC.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSDECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP4SDECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVSENCD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00292352 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-02-10 22:53 - 2016-02-10 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MPG4DECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP43DECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-02-10 22:53 - 2016-02-10 22:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00224768 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RESAMPLEDMO.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qasf.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksproxy.ax
2016-02-10 22:53 - 2016-02-10 22:53 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VIDRESZR.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COLORCNV.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-02-10 22:53 - 2016-02-10 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MP3DMOD.DLL
2016-02-10 22:53 - 2016-02-10 22:53 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-02-10 22:53 - 2016-02-10 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfvdsp.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-02-10 22:53 - 2016-02-10 22:53 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-02-10 22:53 - 2016-02-10 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-02-10 22:53 - 2016-02-10 22:53 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-02-10 22:53 - 2016-02-10 22:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ksuser.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-02-10 22:53 - 2016-02-10 22:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00624640 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00509952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapistub.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mapi32.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devenum.dll
2016-02-10 22:52 - 2016-02-10 22:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-02-10 22:52 - 2016-02-10 22:52 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fixmapi.exe
2016-02-10 22:51 - 2016-02-10 22:51 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-10 22:42 - 2016-02-10 22:42 - 73256960 _____ C:\Windows\system32\config\components.iobit
2016-02-10 22:27 - 2016-02-10 22:27 - 00005120 _____ C:\Users\Karolina\AppData\Roaming\GiftBag.db
2016-02-10 22:25 - 2016-02-10 22:25 - 00087864 ____N (电脑管家) C:\Windows\system32\Drivers\TFsFltX64.sys
2016-02-10 22:24 - 2016-02-12 18:00 - 00000000 ____D C:\ProgramData\Tencent
2016-02-10 22:22 - 2016-02-10 23:26 - 00000270 __RSH C:\ProgramData\ntuser.pol
2016-02-10 22:22 - 2016-02-10 22:22 - 00000008 __RSH C:\Users\Karolina\ntuser.pol
2016-02-10 16:18 - 2016-02-10 16:18 - 00000000 ____D C:\Users\Karolina\AppData\LocalLow\CampoSanto
2016-02-09 18:53 - 2016-02-09 18:53 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\GameMill Entertainment
2016-02-09 18:16 - 2016-02-09 18:16 - 00000000 ____D C:\ProgramData\Big Fish
2016-02-09 18:14 - 2016-02-09 18:16 - 00000000 ____D C:\Users\Karolina\AppData\Local\Big Fish
2016-02-09 17:49 - 2016-02-09 17:49 - 00034304 _____ C:\Users\Karolina\Downloads\A78A.tmp
2016-02-09 10:05 - 2016-02-09 10:05 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-09 10:05 - 2016-02-09 10:05 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-05 14:41 - 2016-02-05 14:42 - 00000660 _____ C:\Users\Karolina\AppData\Roaming\Microsoft\Windows\Start Menu\WinRAR.lnk
2016-02-03 11:53 - 2016-02-03 11:53 - 00000000 ____D C:\4b07b6a08b1f5c3eab3c975b
2016-02-03 11:52 - 2016-02-03 11:52 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-03 11:52 - 2016-02-03 11:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-03 11:52 - 2016-02-03 11:52 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-03 11:52 - 2016-02-03 11:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-03 11:52 - 2016-02-03 11:52 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-02-03 11:50 - 2016-02-03 11:50 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-02-03 11:50 - 2016-02-03 11:50 - 00419928 _____ C:\Windows\system32\locale.nls
2016-02-03 11:50 - 2016-02-03 11:50 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-02-03 11:50 - 2016-02-03 11:50 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-02-03 11:50 - 2016-02-03 11:50 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-02-03 11:50 - 2016-02-03 11:50 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-02-03 11:50 - 2016-02-03 11:50 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-02-03 11:50 - 2016-02-03 11:50 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-02-03 11:50 - 2016-02-03 11:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-02-03 11:50 - 2016-02-03 11:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-02-03 11:47 - 2016-02-03 11:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-02-03 11:47 - 2016-02-03 11:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-02-03 11:42 - 2016-02-03 11:42 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-02-03 11:42 - 2016-02-03 11:42 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-02-03 11:42 - 2016-02-03 11:42 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-02-03 11:42 - 2016-02-03 11:42 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
- Přílohy
-
- Addition.rar
- (21.13 KiB) Staženo 73 x
Re: čínská aplikace nejde odinstalovat
2016-02-03 11:42 - 2016-02-03 11:42 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-02-03 11:41 - 2016-02-03 11:41 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-02-03 11:41 - 2016-02-03 11:41 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-02-03 11:39 - 2016-02-03 11:39 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-02-03 11:39 - 2016-02-03 11:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-02-03 11:39 - 2016-02-03 11:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-02-03 11:38 - 2016-02-03 11:38 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-02-03 11:38 - 2016-02-03 11:38 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-02-03 11:37 - 2016-02-03 11:37 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-02-03 11:37 - 2016-02-03 11:37 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-02-03 11:37 - 2016-02-03 11:37 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-02-03 11:37 - 2016-02-03 11:37 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-03 11:35 - 2016-02-03 11:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-03 11:35 - 2016-02-03 11:35 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-03 11:35 - 2016-02-03 11:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-03 11:35 - 2016-02-03 11:35 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-03 11:35 - 2016-02-03 11:35 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-03 11:35 - 2016-02-03 11:35 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-03 11:35 - 2016-02-03 11:35 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-03 11:35 - 2016-02-03 11:35 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-03 11:35 - 2016-02-03 11:35 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-03 11:35 - 2016-02-03 11:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-03 11:35 - 2016-02-03 11:35 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-03 11:18 - 2016-02-03 11:18 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-02-03 11:18 - 2016-02-03 11:18 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-02-03 11:16 - 2016-02-03 11:16 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-02-03 11:11 - 2016-02-03 11:11 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-03 11:11 - 2016-02-03 11:11 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-03 11:08 - 2016-02-03 11:08 - 00459344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-03 11:08 - 2016-02-03 11:08 - 00298192 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-02-03 11:08 - 2016-02-03 11:08 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-02-03 11:06 - 2016-02-03 11:06 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-02-03 11:06 - 2016-02-03 11:06 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-02-03 11:06 - 2016-02-03 11:06 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2016-02-03 11:06 - 2016-02-03 11:06 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-02-03 11:06 - 2016-02-03 11:06 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-02-03 11:06 - 2016-02-03 11:06 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2016-02-03 11:06 - 2016-02-03 11:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2016-02-03 11:02 - 2016-02-03 11:02 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-02-03 10:56 - 2016-02-03 10:56 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-03 10:56 - 2016-02-03 10:56 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-03 10:56 - 2016-02-03 10:56 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-03 10:56 - 2016-02-03 10:56 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-03 10:53 - 2016-02-03 10:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-02-03 10:53 - 2016-02-03 10:53 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-02-03 10:47 - 2016-02-03 10:47 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-02-03 10:47 - 2016-02-03 10:47 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-02-03 10:47 - 2016-02-03 10:47 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-02-03 10:47 - 2016-02-03 10:47 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-02-03 10:45 - 2016-02-03 10:45 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-02-03 10:45 - 2016-02-03 10:45 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-02-03 10:45 - 2016-02-03 10:45 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-02-03 10:45 - 2016-02-03 10:45 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-02-03 10:44 - 2016-02-03 10:44 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-03 10:44 - 2016-02-03 10:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-03 10:44 - 2016-02-03 10:44 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-02-03 10:44 - 2016-02-03 10:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-02-03 10:38 - 2016-02-03 10:38 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-02-03 10:38 - 2016-02-03 10:38 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-02-03 10:37 - 2016-02-03 10:37 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-02-03 10:37 - 2016-02-03 10:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-02-03 10:37 - 2016-02-03 10:37 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-02-03 10:37 - 2016-02-03 10:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-02-03 10:34 - 2016-02-03 10:34 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-02-03 10:34 - 2016-02-03 10:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-02-03 10:34 - 2016-02-03 10:34 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-02-03 10:27 - 2016-02-03 10:27 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-02-03 10:23 - 2016-02-03 10:23 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-02-03 10:23 - 2016-02-03 10:23 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-02-03 10:23 - 2016-02-03 10:23 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-02-03 10:19 - 2016-02-03 10:19 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-02-03 10:19 - 2016-02-03 10:19 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-02-03 10:19 - 2016-02-03 10:19 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-02-03 10:19 - 2016-02-03 10:19 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-02-03 10:19 - 2016-02-03 10:19 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2016-02-03 10:19 - 2016-02-03 10:19 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-02-03 10:19 - 2016-02-03 10:19 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-02-02 13:07 - 2016-02-02 13:07 - 00001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Annotator.lnk
2016-02-02 13:07 - 2016-02-02 13:07 - 00001090 _____ C:\Users\Public\Desktop\PDF Annotator.lnk
2016-02-02 13:07 - 2016-02-02 13:07 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\Softland
2016-02-02 13:07 - 2016-02-02 13:07 - 00000000 ____D C:\Users\Karolina\AppData\Local\PDF Annotator
2016-02-02 13:07 - 2016-02-02 13:07 - 00000000 ____D C:\Program Files (x86)\PDF Annotator
2016-02-02 13:07 - 2014-06-16 10:13 - 00033056 _____ (Softland) C:\Windows\system32\novamnv7.dll
2016-02-02 13:07 - 2014-06-16 10:13 - 00022304 _____ (Softland) C:\Windows\system32\novamiv7.dll
2016-02-02 13:07 - 2014-01-10 16:43 - 00007549 _____ C:\Windows\system32\novav7.ctm
2016-02-02 13:07 - 2014-01-10 16:42 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-02-01 21:40 - 2016-01-31 19:12 - 00014731 _____ C:\Users\Karolina\Documents\mamka kontakty.vcf
2016-01-31 20:00 - 2016-01-31 20:00 - 00003430 _____ C:\Users\Karolina\Documents\mamka kontakty.csv
2016-01-31 19:49 - 2016-02-05 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProcessText Group
2016-01-26 20:04 - 2016-01-26 20:04 - 00001245 _____ C:\Users\Karolina\Desktop\The Treasures of Montezuma 4.lnk
2016-01-22 08:49 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-01-20 21:43 - 2016-01-20 21:43 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\AlawarEntertainment
2016-01-20 21:42 - 2016-01-20 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Treasures of Montezuma 4
2016-01-20 21:41 - 2016-01-20 21:42 - 00000000 ____D C:\Program Files (x86)\The Treasures of Montezuma 4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-14 11:34 - 2009-07-14 05:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-14 11:34 - 2009-07-14 05:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-14 11:33 - 2009-11-28 05:41 - 00670924 _____ C:\Windows\system32\perfh005.dat
2016-02-14 11:33 - 2009-11-28 05:41 - 00142504 _____ C:\Windows\system32\perfc005.dat
2016-02-14 11:33 - 2009-07-14 06:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-14 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-14 11:27 - 2015-03-17 20:22 - 00000439 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-02-14 11:24 - 2013-07-24 10:01 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-14 11:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-13 18:28 - 2010-05-23 14:17 - 00000000 ____D C:\Users\Karolina\Documents\stáhnuté
2016-02-13 18:25 - 2012-02-26 19:17 - 00000000 ____D C:\Users\Karolina\Documents\My Games
2016-02-13 18:24 - 2010-09-09 21:10 - 00000000 ____D C:\Users\Karolina\Documents\Škola
2016-02-13 16:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-13 15:16 - 2010-05-12 17:22 - 00000000 ___RD C:\Users\Karolina\Documents\Kajak,Caroline,Kaja,Karolina
2016-02-13 15:16 - 2010-05-12 13:21 - 00000000 ____D C:\Users\Karolina\AppData\Local\Deployment
2016-02-13 15:16 - 2010-05-12 13:21 - 00000000 ____D C:\Users\Karolina\AppData\Local\Apps\2.0
2016-02-13 14:58 - 2010-06-22 19:02 - 00000000 ____D C:\Users\Bara
2016-02-13 14:50 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-02-13 14:21 - 2015-02-14 19:52 - 00002916 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Karolina
2016-02-13 14:20 - 2012-07-04 10:04 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-12 17:57 - 2014-03-05 14:53 - 00000000 ____D C:\AdwCleaner
2016-02-12 17:47 - 2013-07-24 10:01 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-12 17:45 - 2013-07-24 10:01 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-12 17:45 - 2013-07-24 10:01 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-11 11:57 - 2015-12-03 20:46 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-02-11 11:57 - 2015-02-14 19:53 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\ProductData
2016-02-11 11:57 - 2015-02-14 19:51 - 00000000 ____D C:\ProgramData\ProductData
2016-02-11 11:57 - 2015-01-31 16:18 - 00000000 ____D C:\Users\Karolina\AppData\LocalLow\IObit
2016-02-11 11:57 - 2014-07-11 18:04 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\uTorrent
2016-02-11 11:57 - 2011-07-21 20:37 - 00000000 ____D C:\ProgramData\IObit
2016-02-11 11:57 - 2011-07-21 20:32 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\IObit
2016-02-11 11:57 - 2010-05-10 17:24 - 00000000 ____D C:\Users\Karolina
2016-02-11 11:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-02-10 23:36 - 2012-09-04 13:55 - 00000000 ____D C:\found.000
2016-02-10 23:36 - 2009-09-07 01:40 - 00000000 ____D C:\SwSetup
2016-02-10 22:53 - 2009-07-14 01:22 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-02-10 22:47 - 2010-12-08 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2016-02-10 22:47 - 2010-05-13 18:39 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\DAEMON Tools Lite
2016-02-10 22:35 - 2010-05-10 17:27 - 00121592 _____ C:\Users\Karolina\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-10 22:22 - 2010-06-05 14:22 - 00000000 ____D C:\Users\Karolina\AppData\Local\CrashDumps
2016-02-10 22:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-02-10 22:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-02-10 22:06 - 2013-03-01 14:47 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-10 21:17 - 2010-05-16 15:29 - 00000000 ____D C:\Users\Karolina\Desktop\Hry-zástupci
2016-02-10 21:15 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-10 20:36 - 2011-10-11 16:05 - 00000000 ____D C:\Users\Karolina\Documents\Lexicon
2016-02-10 15:57 - 2014-09-23 19:30 - 00000000 ____D C:\Users\Karolina\Desktop\VŠ-materiály, učebnice
2016-02-10 14:00 - 2014-07-26 11:55 - 00000000 ____D C:\ProgramData\Origin
2016-02-10 13:47 - 2014-12-14 22:43 - 00000000 ____D C:\Users\Karolina\AppData\Local\Spotify
2016-02-10 10:52 - 2014-12-14 22:43 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\Spotify
2016-02-09 21:45 - 2014-03-06 15:00 - 00002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-09 21:45 - 2014-03-06 15:00 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-09 19:00 - 2009-11-27 21:32 - 00000000 ____D C:\ProgramData\Temp
2016-02-09 10:05 - 2014-04-18 15:08 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-09 10:05 - 2013-12-18 17:31 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-09 10:05 - 2013-03-01 14:47 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-09 10:05 - 2012-02-24 14:42 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-09 10:05 - 2010-05-11 16:30 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-02-09 10:05 - 2010-05-11 16:30 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-09 10:04 - 2011-03-26 22:32 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-05 14:17 - 2010-10-31 11:59 - 00000000 ____D C:\Users\Karolina\Desktop\blbosti,filmy.hry
2016-02-05 13:04 - 2016-01-04 10:47 - 00002256 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-02-04 20:38 - 2014-07-26 11:55 - 00000000 ____D C:\Program Files (x86)\Origin
2016-02-04 18:13 - 2014-05-15 06:15 - 00000000 ___RD C:\Users\Karolina\Virtual Machines
2016-02-04 18:06 - 2016-01-13 09:48 - 131317760 _____ C:\Windows\system32\config\software.iodefrag.bak
2016-02-04 18:06 - 2016-01-13 09:48 - 131317760 _____ C:\Windows\system32\config\software.iodefrag
2016-02-04 18:06 - 2016-01-13 09:48 - 00397312 _____ C:\Windows\system32\config\default.iodefrag.bak
2016-02-04 18:06 - 2016-01-13 09:48 - 00397312 _____ C:\Windows\system32\config\default.iodefrag
2016-02-04 18:06 - 2016-01-13 09:48 - 00061440 _____ C:\Windows\system32\config\sam.iodefrag.bak
2016-02-04 18:06 - 2016-01-13 09:48 - 00061440 _____ C:\Windows\system32\config\sam.iodefrag
2016-02-04 18:06 - 2016-01-13 09:48 - 00028672 _____ C:\Windows\system32\config\security.iodefrag.bak
2016-02-04 18:06 - 2016-01-13 09:48 - 00028672 _____ C:\Windows\system32\config\security.iodefrag
2016-02-03 22:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-03 14:21 - 2015-05-23 20:18 - 00003852 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1432408718
2016-02-03 14:21 - 2015-05-23 20:18 - 00000000 ____D C:\Program Files (x86)\Opera
2016-02-03 11:27 - 2013-07-28 21:15 - 01564008 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-02-03 10:16 - 2014-12-22 13:29 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\MPC-HC
2016-02-03 10:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\ModemLogs
2016-01-31 19:25 - 2010-05-29 14:00 - 00196608 _____ C:\Windows\system32\Ikeext.etl
2016-01-31 17:17 - 2016-01-07 18:12 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-31 17:14 - 2014-05-14 21:57 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-01-31 17:14 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-01-31 17:12 - 2011-05-14 13:52 - 00000000 ____D C:\Program Files\Microsoft Office
2016-01-22 13:11 - 2015-11-24 18:58 - 00000000 ____D C:\Users\Karolina\AppData\Local\Microsoft_Corporation
2016-01-21 19:49 - 2015-09-24 19:54 - 00000000 ____D C:\Users\Karolina\AppData\Local\Battle.net
2016-01-21 19:40 - 2015-09-24 19:53 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-01-20 13:23 - 2015-09-09 17:21 - 00000000 ____D C:\Program Files (x86)\Steam
==================== Files in the root of some directories =======
2011-01-10 18:56 - 2011-07-11 17:00 - 0001854 _____ () C:\Users\Karolina\AppData\Roaming\GhostObjGAFix.xml
2016-02-10 22:27 - 2016-02-10 22:27 - 0005120 _____ () C:\Users\Karolina\AppData\Roaming\GiftBag.db
2002-08-29 16:33 - 2002-08-29 16:33 - 0319488 ____R () C:\Users\Karolina\AppData\Roaming\MafiaSetup.exe
2011-07-20 22:29 - 2013-11-09 22:52 - 0045270 _____ () C:\Users\Karolina\AppData\Roaming\room_v3.dat
2010-05-10 17:36 - 2010-05-10 17:36 - 0000000 _____ () C:\Users\Karolina\AppData\Local\AtStart.txt
2015-12-30 16:05 - 2015-12-30 16:05 - 0000000 ____H () C:\Users\Karolina\AppData\Local\BITF621.tmp
2015-03-17 17:55 - 2015-03-17 17:55 - 0004608 _____ () C:\Users\Karolina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-05-10 17:36 - 2010-05-10 17:36 - 0000000 _____ () C:\Users\Karolina\AppData\Local\DSwitch.txt
2010-05-10 17:36 - 2010-05-10 17:36 - 0000000 _____ () C:\Users\Karolina\AppData\Local\QSwitch.txt
2014-02-12 16:07 - 2014-02-12 16:07 - 0004821 _____ () C:\Users\Karolina\AppData\Local\recently-used.xbel
2011-07-07 18:12 - 2015-04-05 17:00 - 0001232 _____ () C:\Users\Karolina\AppData\Local\SRDownloader (1).nast
2011-05-14 21:50 - 2011-12-23 23:16 - 0001032 _____ () C:\Users\Karolina\AppData\Local\SRDownloader.nast
2010-05-30 17:15 - 2010-05-30 17:15 - 0055960 _____ () C:\Users\Karolina\AppData\Local\tmpSLUNECNI-SKVRNA.0
2010-05-30 17:15 - 2010-05-30 17:15 - 0041789 _____ () C:\Users\Karolina\AppData\Local\tmpSLUNECNI-SKVRNA.1
2010-05-30 17:15 - 2010-05-30 17:15 - 0042521 _____ () C:\Users\Karolina\AppData\Local\tmpSLUNECNI-SKVRNA.2
2010-05-30 17:15 - 2010-05-30 17:15 - 0043051 _____ () C:\Users\Karolina\AppData\Local\tmpSLUNECNI-SKVRNA.JPG
2015-12-30 15:58 - 2015-12-30 16:04 - 0000000 _____ () C:\Users\Karolina\AppData\Local\{16A196FC-73D3-4BC0-B254-57EB2410A2C9}
2012-09-02 10:39 - 2015-01-31 18:19 - 0003304 _____ () C:\ProgramData\HPWALog.txt
Files to move or delete:
====================
C:\Users\Karolina\ABC_cheater.exe
C:\Users\Karolina\asc-setup-pro.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Karolina\Desktop" je 52347 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
C:\Windows\AutoKMS.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS
"C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
cmd /c(@attrib -h -r -s c:\windows\system32\grouppolicy\machine\registry.pol >nul)&(@copy/b/y c:\windows\system32\grouppolicy\machine\r c:\windows\system32\grouppolicy\machine\registry.pol >nul)&(@attrib +r c:\windows\system32\grouppolicy\machine\registry.pol >nul)&(@start/b gpupdate.exe /force >l) [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR
C:\Genius\ioCentre\gTaskBar.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant
Re§im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Karolina^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
2016-02-03 11:41 - 2016-02-03 11:41 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2016-02-03 11:41 - 2016-02-03 11:41 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2016-02-03 11:39 - 2016-02-03 11:39 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2016-02-03 11:39 - 2016-02-03 11:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2016-02-03 11:39 - 2016-02-03 11:39 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2016-02-03 11:38 - 2016-02-03 11:38 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-02-03 11:38 - 2016-02-03 11:38 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-02-03 11:37 - 2016-02-03 11:37 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2016-02-03 11:37 - 2016-02-03 11:37 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2016-02-03 11:37 - 2016-02-03 11:37 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2016-02-03 11:37 - 2016-02-03 11:37 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-03 11:35 - 2016-02-03 11:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-03 11:35 - 2016-02-03 11:35 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-03 11:35 - 2016-02-03 11:35 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-03 11:35 - 2016-02-03 11:35 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-03 11:35 - 2016-02-03 11:35 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-03 11:35 - 2016-02-03 11:35 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-03 11:35 - 2016-02-03 11:35 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-03 11:35 - 2016-02-03 11:35 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-03 11:35 - 2016-02-03 11:35 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-03 11:35 - 2016-02-03 11:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-03 11:35 - 2016-02-03 11:35 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-03 11:35 - 2016-02-03 11:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-03 11:18 - 2016-02-03 11:18 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2016-02-03 11:18 - 2016-02-03 11:18 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2016-02-03 11:16 - 2016-02-03 11:16 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2016-02-03 11:11 - 2016-02-03 11:11 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-03 11:11 - 2016-02-03 11:11 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-03 11:08 - 2016-02-03 11:08 - 00459344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-03 11:08 - 2016-02-03 11:08 - 00298192 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-02-03 11:08 - 2016-02-03 11:08 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-02-03 11:06 - 2016-02-03 11:06 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-02-03 11:06 - 2016-02-03 11:06 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-02-03 11:06 - 2016-02-03 11:06 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2016-02-03 11:06 - 2016-02-03 11:06 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-02-03 11:06 - 2016-02-03 11:06 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-02-03 11:06 - 2016-02-03 11:06 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2016-02-03 11:06 - 2016-02-03 11:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2016-02-03 11:02 - 2016-02-03 11:02 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-02-03 10:56 - 2016-02-03 10:56 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-03 10:56 - 2016-02-03 10:56 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-03 10:56 - 2016-02-03 10:56 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-02-03 10:56 - 2016-02-03 10:56 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-02-03 10:53 - 2016-02-03 10:53 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-02-03 10:53 - 2016-02-03 10:53 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-02-03 10:51 - 2016-02-03 10:51 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-02-03 10:47 - 2016-02-03 10:47 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-02-03 10:47 - 2016-02-03 10:47 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-02-03 10:47 - 2016-02-03 10:47 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-02-03 10:47 - 2016-02-03 10:47 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-02-03 10:45 - 2016-02-03 10:45 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-02-03 10:45 - 2016-02-03 10:45 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-02-03 10:45 - 2016-02-03 10:45 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-02-03 10:45 - 2016-02-03 10:45 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-02-03 10:44 - 2016-02-03 10:44 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-03 10:44 - 2016-02-03 10:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-03 10:44 - 2016-02-03 10:44 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-02-03 10:44 - 2016-02-03 10:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2016-02-03 10:39 - 2016-02-03 10:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-02-03 10:38 - 2016-02-03 10:38 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-02-03 10:38 - 2016-02-03 10:38 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-02-03 10:37 - 2016-02-03 10:37 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-02-03 10:37 - 2016-02-03 10:37 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-02-03 10:37 - 2016-02-03 10:37 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-02-03 10:37 - 2016-02-03 10:37 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-02-03 10:34 - 2016-02-03 10:34 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2016-02-03 10:34 - 2016-02-03 10:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-02-03 10:34 - 2016-02-03 10:34 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-02-03 10:27 - 2016-02-03 10:27 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-02-03 10:23 - 2016-02-03 10:23 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2016-02-03 10:23 - 2016-02-03 10:23 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2016-02-03 10:23 - 2016-02-03 10:23 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2016-02-03 10:19 - 2016-02-03 10:19 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-02-03 10:19 - 2016-02-03 10:19 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-02-03 10:19 - 2016-02-03 10:19 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2016-02-03 10:19 - 2016-02-03 10:19 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2016-02-03 10:19 - 2016-02-03 10:19 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2016-02-03 10:19 - 2016-02-03 10:19 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2016-02-03 10:19 - 2016-02-03 10:19 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2016-02-02 13:07 - 2016-02-02 13:07 - 00001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Annotator.lnk
2016-02-02 13:07 - 2016-02-02 13:07 - 00001090 _____ C:\Users\Public\Desktop\PDF Annotator.lnk
2016-02-02 13:07 - 2016-02-02 13:07 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\Softland
2016-02-02 13:07 - 2016-02-02 13:07 - 00000000 ____D C:\Users\Karolina\AppData\Local\PDF Annotator
2016-02-02 13:07 - 2016-02-02 13:07 - 00000000 ____D C:\Program Files (x86)\PDF Annotator
2016-02-02 13:07 - 2014-06-16 10:13 - 00033056 _____ (Softland) C:\Windows\system32\novamnv7.dll
2016-02-02 13:07 - 2014-06-16 10:13 - 00022304 _____ (Softland) C:\Windows\system32\novamiv7.dll
2016-02-02 13:07 - 2014-01-10 16:43 - 00007549 _____ C:\Windows\system32\novav7.ctm
2016-02-02 13:07 - 2014-01-10 16:42 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-02-01 21:40 - 2016-01-31 19:12 - 00014731 _____ C:\Users\Karolina\Documents\mamka kontakty.vcf
2016-01-31 20:00 - 2016-01-31 20:00 - 00003430 _____ C:\Users\Karolina\Documents\mamka kontakty.csv
2016-01-31 19:49 - 2016-02-05 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProcessText Group
2016-01-26 20:04 - 2016-01-26 20:04 - 00001245 _____ C:\Users\Karolina\Desktop\The Treasures of Montezuma 4.lnk
2016-01-22 08:49 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-01-22 08:49 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-01-20 21:43 - 2016-01-20 21:43 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\AlawarEntertainment
2016-01-20 21:42 - 2016-01-20 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Treasures of Montezuma 4
2016-01-20 21:41 - 2016-01-20 21:42 - 00000000 ____D C:\Program Files (x86)\The Treasures of Montezuma 4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-02-14 11:34 - 2009-07-14 05:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-14 11:34 - 2009-07-14 05:45 - 00026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-14 11:33 - 2009-11-28 05:41 - 00670924 _____ C:\Windows\system32\perfh005.dat
2016-02-14 11:33 - 2009-11-28 05:41 - 00142504 _____ C:\Windows\system32\perfc005.dat
2016-02-14 11:33 - 2009-07-14 06:13 - 01584626 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-14 11:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-14 11:27 - 2015-03-17 20:22 - 00000439 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2016-02-14 11:24 - 2013-07-24 10:01 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-14 11:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-13 18:28 - 2010-05-23 14:17 - 00000000 ____D C:\Users\Karolina\Documents\stáhnuté
2016-02-13 18:25 - 2012-02-26 19:17 - 00000000 ____D C:\Users\Karolina\Documents\My Games
2016-02-13 18:24 - 2010-09-09 21:10 - 00000000 ____D C:\Users\Karolina\Documents\Škola
2016-02-13 16:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-13 15:16 - 2010-05-12 17:22 - 00000000 ___RD C:\Users\Karolina\Documents\Kajak,Caroline,Kaja,Karolina
2016-02-13 15:16 - 2010-05-12 13:21 - 00000000 ____D C:\Users\Karolina\AppData\Local\Deployment
2016-02-13 15:16 - 2010-05-12 13:21 - 00000000 ____D C:\Users\Karolina\AppData\Local\Apps\2.0
2016-02-13 14:58 - 2010-06-22 19:02 - 00000000 ____D C:\Users\Bara
2016-02-13 14:50 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-02-13 14:21 - 2015-02-14 19:52 - 00002916 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Karolina
2016-02-13 14:20 - 2012-07-04 10:04 - 00004184 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-12 17:57 - 2014-03-05 14:53 - 00000000 ____D C:\AdwCleaner
2016-02-12 17:47 - 2013-07-24 10:01 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-12 17:45 - 2013-07-24 10:01 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-12 17:45 - 2013-07-24 10:01 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-11 11:57 - 2015-12-03 20:46 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-02-11 11:57 - 2015-02-14 19:53 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\ProductData
2016-02-11 11:57 - 2015-02-14 19:51 - 00000000 ____D C:\ProgramData\ProductData
2016-02-11 11:57 - 2015-01-31 16:18 - 00000000 ____D C:\Users\Karolina\AppData\LocalLow\IObit
2016-02-11 11:57 - 2014-07-11 18:04 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\uTorrent
2016-02-11 11:57 - 2011-07-21 20:37 - 00000000 ____D C:\ProgramData\IObit
2016-02-11 11:57 - 2011-07-21 20:32 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\IObit
2016-02-11 11:57 - 2010-05-10 17:24 - 00000000 ____D C:\Users\Karolina
2016-02-11 11:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-02-10 23:36 - 2012-09-04 13:55 - 00000000 ____D C:\found.000
2016-02-10 23:36 - 2009-09-07 01:40 - 00000000 ____D C:\SwSetup
2016-02-10 22:53 - 2009-07-14 01:22 - 01393152 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-02-10 22:47 - 2010-12-08 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2016-02-10 22:47 - 2010-05-13 18:39 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\DAEMON Tools Lite
2016-02-10 22:35 - 2010-05-10 17:27 - 00121592 _____ C:\Users\Karolina\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-10 22:22 - 2010-06-05 14:22 - 00000000 ____D C:\Users\Karolina\AppData\Local\CrashDumps
2016-02-10 22:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-02-10 22:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-02-10 22:06 - 2013-03-01 14:47 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-10 21:17 - 2010-05-16 15:29 - 00000000 ____D C:\Users\Karolina\Desktop\Hry-zástupci
2016-02-10 21:15 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-10 20:36 - 2011-10-11 16:05 - 00000000 ____D C:\Users\Karolina\Documents\Lexicon
2016-02-10 15:57 - 2014-09-23 19:30 - 00000000 ____D C:\Users\Karolina\Desktop\VŠ-materiály, učebnice
2016-02-10 14:00 - 2014-07-26 11:55 - 00000000 ____D C:\ProgramData\Origin
2016-02-10 13:47 - 2014-12-14 22:43 - 00000000 ____D C:\Users\Karolina\AppData\Local\Spotify
2016-02-10 10:52 - 2014-12-14 22:43 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\Spotify
2016-02-09 21:45 - 2014-03-06 15:00 - 00002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-09 21:45 - 2014-03-06 15:00 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-09 19:00 - 2009-11-27 21:32 - 00000000 ____D C:\ProgramData\Temp
2016-02-09 10:05 - 2014-04-18 15:08 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-09 10:05 - 2013-12-18 17:31 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-09 10:05 - 2013-03-01 14:47 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-09 10:05 - 2012-02-24 14:42 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-09 10:05 - 2010-05-11 16:30 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-02-09 10:05 - 2010-05-11 16:30 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-09 10:04 - 2011-03-26 22:32 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-05 14:17 - 2010-10-31 11:59 - 00000000 ____D C:\Users\Karolina\Desktop\blbosti,filmy.hry
2016-02-05 13:04 - 2016-01-04 10:47 - 00002256 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2016-02-04 20:38 - 2014-07-26 11:55 - 00000000 ____D C:\Program Files (x86)\Origin
2016-02-04 18:13 - 2014-05-15 06:15 - 00000000 ___RD C:\Users\Karolina\Virtual Machines
2016-02-04 18:06 - 2016-01-13 09:48 - 131317760 _____ C:\Windows\system32\config\software.iodefrag.bak
2016-02-04 18:06 - 2016-01-13 09:48 - 131317760 _____ C:\Windows\system32\config\software.iodefrag
2016-02-04 18:06 - 2016-01-13 09:48 - 00397312 _____ C:\Windows\system32\config\default.iodefrag.bak
2016-02-04 18:06 - 2016-01-13 09:48 - 00397312 _____ C:\Windows\system32\config\default.iodefrag
2016-02-04 18:06 - 2016-01-13 09:48 - 00061440 _____ C:\Windows\system32\config\sam.iodefrag.bak
2016-02-04 18:06 - 2016-01-13 09:48 - 00061440 _____ C:\Windows\system32\config\sam.iodefrag
2016-02-04 18:06 - 2016-01-13 09:48 - 00028672 _____ C:\Windows\system32\config\security.iodefrag.bak
2016-02-04 18:06 - 2016-01-13 09:48 - 00028672 _____ C:\Windows\system32\config\security.iodefrag
2016-02-03 22:44 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-02-03 14:21 - 2015-05-23 20:18 - 00003852 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1432408718
2016-02-03 14:21 - 2015-05-23 20:18 - 00000000 ____D C:\Program Files (x86)\Opera
2016-02-03 11:27 - 2013-07-28 21:15 - 01564008 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-02-03 10:16 - 2014-12-22 13:29 - 00000000 ____D C:\Users\Karolina\AppData\Roaming\MPC-HC
2016-02-03 10:16 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\ModemLogs
2016-01-31 19:25 - 2010-05-29 14:00 - 00196608 _____ C:\Windows\system32\Ikeext.etl
2016-01-31 17:17 - 2016-01-07 18:12 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-31 17:14 - 2014-05-14 21:57 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-01-31 17:14 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-01-31 17:12 - 2011-05-14 13:52 - 00000000 ____D C:\Program Files\Microsoft Office
2016-01-22 13:11 - 2015-11-24 18:58 - 00000000 ____D C:\Users\Karolina\AppData\Local\Microsoft_Corporation
2016-01-21 19:49 - 2015-09-24 19:54 - 00000000 ____D C:\Users\Karolina\AppData\Local\Battle.net
2016-01-21 19:40 - 2015-09-24 19:53 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-01-20 13:23 - 2015-09-09 17:21 - 00000000 ____D C:\Program Files (x86)\Steam
==================== Files in the root of some directories =======
2011-01-10 18:56 - 2011-07-11 17:00 - 0001854 _____ () C:\Users\Karolina\AppData\Roaming\GhostObjGAFix.xml
2016-02-10 22:27 - 2016-02-10 22:27 - 0005120 _____ () C:\Users\Karolina\AppData\Roaming\GiftBag.db
2002-08-29 16:33 - 2002-08-29 16:33 - 0319488 ____R () C:\Users\Karolina\AppData\Roaming\MafiaSetup.exe
2011-07-20 22:29 - 2013-11-09 22:52 - 0045270 _____ () C:\Users\Karolina\AppData\Roaming\room_v3.dat
2010-05-10 17:36 - 2010-05-10 17:36 - 0000000 _____ () C:\Users\Karolina\AppData\Local\AtStart.txt
2015-12-30 16:05 - 2015-12-30 16:05 - 0000000 ____H () C:\Users\Karolina\AppData\Local\BITF621.tmp
2015-03-17 17:55 - 2015-03-17 17:55 - 0004608 _____ () C:\Users\Karolina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-05-10 17:36 - 2010-05-10 17:36 - 0000000 _____ () C:\Users\Karolina\AppData\Local\DSwitch.txt
2010-05-10 17:36 - 2010-05-10 17:36 - 0000000 _____ () C:\Users\Karolina\AppData\Local\QSwitch.txt
2014-02-12 16:07 - 2014-02-12 16:07 - 0004821 _____ () C:\Users\Karolina\AppData\Local\recently-used.xbel
2011-07-07 18:12 - 2015-04-05 17:00 - 0001232 _____ () C:\Users\Karolina\AppData\Local\SRDownloader (1).nast
2011-05-14 21:50 - 2011-12-23 23:16 - 0001032 _____ () C:\Users\Karolina\AppData\Local\SRDownloader.nast
2010-05-30 17:15 - 2010-05-30 17:15 - 0055960 _____ () C:\Users\Karolina\AppData\Local\tmpSLUNECNI-SKVRNA.0
2010-05-30 17:15 - 2010-05-30 17:15 - 0041789 _____ () C:\Users\Karolina\AppData\Local\tmpSLUNECNI-SKVRNA.1
2010-05-30 17:15 - 2010-05-30 17:15 - 0042521 _____ () C:\Users\Karolina\AppData\Local\tmpSLUNECNI-SKVRNA.2
2010-05-30 17:15 - 2010-05-30 17:15 - 0043051 _____ () C:\Users\Karolina\AppData\Local\tmpSLUNECNI-SKVRNA.JPG
2015-12-30 15:58 - 2015-12-30 16:04 - 0000000 _____ () C:\Users\Karolina\AppData\Local\{16A196FC-73D3-4BC0-B254-57EB2410A2C9}
2012-09-02 10:39 - 2015-01-31 18:19 - 0003304 _____ () C:\ProgramData\HPWALog.txt
Files to move or delete:
====================
C:\Users\Karolina\ABC_cheater.exe
C:\Users\Karolina\asc-setup-pro.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Karolina\Desktop" je 52347 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 5
"C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount
C:\Windows\AutoKMS.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AutoKMS
"C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
cmd /c(@attrib -h -r -s c:\windows\system32\grouppolicy\machine\registry.pol >nul)&(@copy/b/y c:\windows\system32\grouppolicy\machine\r c:\windows\system32\grouppolicy\machine\registry.pol >nul)&(@attrib +r c:\windows\system32\grouppolicy\machine\registry.pol >nul)&(@start/b gpupdate.exe /force >l) [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate
C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DpAgent
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR
C:\Genius\ioCentre\gTaskBar.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ioCentre
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WirelessAssistant
Re§im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Karolina^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Lingea Update Center.lnk
C:\PROGRA~2\COMMON~1\LINGEA~1\luc.exe
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: čínská aplikace nejde odinstalovat
Otevřte poznámkový blok a zkopírujte do něj:
Z logu:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Karolina\AppData\Local\BITF621.tmp
C:\Users\Karolina\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\Karolina\ABC_cheater.exe
C:\Users\Karolina\asc-setup-pro.exe
ShellExecuteHooks-x32: - UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No File [ ]
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy-x32: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-417890151-1962072562-667573049-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM -> {CCDE0922-CEA4-46A7-A315-9DEF7285248A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {CCDE0922-CEA4-46A7-A315-9DEF7285248A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> DefaultScope {CCDE0922-CEA4-46A7-A315-9DEF7285248A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> search13 URL = hxxp://search13.net/search.php?q={searchTerms}
SearchScopes: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> {CCDE0922-CEA4-46A7-A315-9DEF7285248A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\.DEFAULT -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
Toolbar: HKU\S-1-5-21-417890151-1962072562-667573049-1000 -> No Name - {95080B13-AA71-4EE8-B951-7E98221E1ED5} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR Extension: (电脑管家上网防护) - C:\Users\Karolina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-02-12]
S3 GGSAFERDriver; no ImagePath
U3 a8b0q2v5; C:\Windows\System32\Drivers\a8b0q2v5.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
U3 aghqxgvw; C:\Windows\System32\Drivers\aghqxgvw.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
C:\Windows\system32\Drivers\TFsFltX64.sys
C:\Users\Karolina\Downloads\A78A.tmp
End
Z logu:
To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\Karolina novou složku, přesuňte do ní všechna data z plochy (kromě zástupců) a na plochu si dejte zástupce té složky pro snazší přístup.Velikost slozky "C:\Users\Karolina\Desktop" je 52347 MB.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: čínská aplikace nejde odinstalovat
Problém vyřešen. Děkuji mockrát 
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: čínská aplikace nejde odinstalovat
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?