Trojan.Agent-Gen-Kazy, Dropper

Zpráva

jask · #1 Příspěvek od **jask** » 03 bře 2016 12:11

Dobrý den prosím o kontrolu logu zFRST a AdwCl. , pořád vyskakují v prohlížeči nová okna a nedají se odstranit. SuperAntiSp. našel Gen.Kazy a Gen-Dropper ale po odstranění je to pořád stejné

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-03-2016
Ran by Jana (administrator) on JANA-TOSH (03-03-2016 01:20:12)
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana (Available Profiles: Jana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
() C:\Program Files (x86)\Search Extensions\Client.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
() C:\Program Files (x86)\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0\updater.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_20_0_0_306_ActiveX.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-05-03] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-01-07] (Nero AG)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-20] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [Windows] => C:\Users\Public\Windows\run.vbs [76 2014-04-19] ()
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-03-02] (SUPERAntiSpyware)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [BrowserChoice] => C:\Windows\System32\browserchoice.exe [294912 2010-02-23] (Microsoft Corporation)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-20] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2014-05-24]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk [2011-05-03]
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2016-03-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-169495403-3244652656-2952094556-1000] => Proxy is enabled.
ProxyServer: [S-1-5-21-169495403-3244652656-2952094556-1000] => http=127.0.0.1:52395;https=127.0.0.1:52395
Tcpip\Parameters: [DhcpNameServer] 10.0.0.22 77.48.100.254
Tcpip\..\Interfaces\{B8041227-3E8A-4206-9B19-CF226DF7174A}: [DhcpNameServer] 10.0.0.22 77.48.100.254
Tcpip\..\Interfaces\{E2D80CFB-D6CA-43D1-83EB-F8D159B1C896}: [DhcpNameServer] 46.252.224.18 8.8.8.8
ManualProxies: 1http=127.0.0.1:49168;https=127.0.0.1:49168

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbcwgIVwgQRxhAeFwNTA1CEwIOeQgBUxRGFwwUcVoBVAFDFQUFIk0FA1ADB0VXfVBdFElXTwhgIU1dE1wVVVp6L0w=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/places?touch=4&cat=1
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
URLSearchHook: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope {243329F3-99E6-4845-B0B5-A670043D2F54} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQELUAlHEFRFbVoABAxcFQYRdxQBUABDDAIVeQ4JAgBEGQcXcB9aFQQTSEcFME0FCFwEURNNfXpZFVwDRFFXL2BXFA==&q={searchTerms}
SearchScopes: HKLM -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {243329F3-99E6-4845-B0B5-A670043D2F54} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQELUAlHEFRFbVoABAxcFQYRdxQBUABDDAIVeQ4JAgBEGQcXcB9aFQQTSEcFME0FCFwEURNNfXpZFVwDRFFXL2BXFA==&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {243329F3-99E6-4845-B0B5-A670043D2F54} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQELUAlHEFRFbVoABAxcFQYRdxQBUABDDAIVeQ4JAgBEGQcXcB9aFQQTSEcFME0FCFwEURNNfXpZFVwDRFFXL2BXFA==&q={searchTerms}
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> OldSearch URL = hxxp://search.eshield.com/serp?guid={DE12B183-DBEA-40D8-BC4C-E4BF259D4C44}&action=default_search&k={searchTerms}
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {0694D8A4-5CDC-4992-9D13-815C11178B53} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {0C5F344C-7BB4-49B0-AA36-469B7ABF8E97} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {181D6206-208E-4259-A70F-65EC6874E45D} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keyw ... nkCode=ur2
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {1D80E9EA-F3DA-4B8C-A8CB-3DDFB08C02C3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {243329F3-99E6-4845-B0B5-A670043D2F54} URL =
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {32393742-6038-475F-A244-C1EE5C647CC6} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {3BDA6B89-CEEB-4AE6-B2E4-44B9F9BB7F7C} URL = hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=A ... psv=&pt=tb
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {3CD1AEDF-434C-4FAD-85EB-15DA2C96B566} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {4BB7C6C0-C5F0-44E7-8F38-2D241D662F17} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11433
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {54C6FA14-A19B-47B5-82A2-CF571BF63EB0} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {5C10703D-C2F2-48A5-A914-1359EE18BA0B} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {737AED41-FC1A-475C-8F4F-ABEC20C33644} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {914EB8B9-5590-4E3C-BE4D-E9CAFA078450} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {CB3DE0FE-CF2F-46DD-BA85-CAF617E00CCC} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQELUAlHEFRFbVoABAxcFQYRdxQBUABDDAIVeQ4JAgBEGQcXcB9aFQQTSEcFME0FCFwEURNNfXpZFVwDRFFXL2BXFA==&q={searchTerms}
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {E72F9919-8D5F-44F3-A652-1C2DD0561478} URL = hxxp://rover.ebay.com/rover/1/710-71511-9400-6/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQELUAlHEFRFbVoABAxcFQYRdxQBUABDDAIVeQ4JAgBEGQcXcB9aFQQTSEcFME0FCFwEURNNfXpZFVwDRFFXL2BXFA==&q={searchTerms}
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {F0CEABAF-0336-42C8-94CA-7AD98FA8E2C4} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-02-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-20] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-21] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (<TOSHIBA>)
Toolbar: HKLM - No Name - {C457D7A4-8720-42C1-9536-F74F4616FDAC} - No File
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/update ... .203.0.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-11] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @eximion.com/KalydoPlayer -> C:\Users\Jana\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll [2013-03-05] (Eximion B.V.)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @nsroblox.roblox.com/launcher -> C:\Users\Jana\AppData\Local\Roblox\Versions\version-3c333d16b2ee4af9\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Jana\AppData\Local\Roblox\Versions\version-3c333d16b2ee4af9\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @tnt2npapi.com/Plugin -> C:\Users\Jana\AppData\Local\TNT2\2.0.0.2010\npTNT2.dll [2015-10-09] (Eshield)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jana\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-20]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-20]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbcwgIVwgQRxhAeFwNTA1CEwIOeQgBUxRGFwwUcVoBVAFDFQUFIk0FA1oDB0VXfV5bFElXTwhgIU1dE1wVVVp6L0w="
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQELUAlHEFRFbVoABAxcFQYRdxQBUABDDAIVeQ4JAgBEGQcXcB9aFQQTQkcFME0FBloEURNNfXpZFVwDRFFXL2BXFA==&q={searchTerms}
CHR DefaultSearchKeyword: Default -> searchinterneat-a.akamaihd.net
CHR DefaultNewTabURL: Default -> hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHA0QcQkOUFgXDFYbJQwVVQpDFhgacQAKTA5HGAISIwANWQtFERNBNARaAktXUUEeJ1pNER8fHHZCNFxKBF0FTmxMNQ==
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Avast Online Security) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-03-02]
CHR Extension: (Skype) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-10]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-20]
CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-02-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

Opera:
=======
OPR Extension: (Catered to You) - C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Extensions\pkmakaanhncmdgejahimnaijogbljgif [2016-03-03]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-20] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [158952 2016-02-11] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3472368 2014-12-01] (INCA Internet Co., Ltd.)
S2 psrem02; C:\Windows\system32\psrem02.exe [606328 2006-05-11] (Protection Technology)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 Update Mgr CateredtoYou; C:\Program Files (x86)\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0\updater.exe [1271528 2016-03-03] () <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-23] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-20] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
R0 psdrv02; C:\Windows\System32\drivers\psdrv02.sys [74616 2006-09-11] (Protection Technology)
R0 pssync05; C:\Windows\System32\drivers\pssync05.sys [80768 2006-11-03] (Protection Technology)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 cpuz134; \??\C:\Users\Jana\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-03 01:20 - 2016-03-03 01:20 - 00030959 _____ C:\Users\Jana\Desktop\FRST.txt
2016-03-03 01:19 - 2016-03-03 01:19 - 00069005 _____ C:\Users\Jana\Desktop\FRST3.txt
2016-03-03 01:18 - 2016-03-03 01:19 - 00033545 _____ C:\Users\Jana\Desktop\Addition.txt
2016-03-03 01:17 - 2016-03-03 01:20 - 00000000 ____D C:\FRST
2016-03-03 01:15 - 2016-03-03 01:15 - 02371584 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2016-03-03 01:12 - 2016-03-03 01:12 - 00112640 _____ (forum.viry.cz) C:\Users\Jana\Desktop\FRSTLauncher.exe
2016-03-03 00:33 - 2016-03-03 00:33 - 00007404 _____ C:\Users\Jana\Documents\cc_20160303_003348.reg
2016-03-03 00:20 - 2016-03-03 00:20 - 00002026 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2016-03-03 00:10 - 2016-03-03 00:10 - 00007434 _____ C:\Users\Jana\Documents\startup.txt
2016-03-02 23:50 - 2016-03-02 23:50 - 00013670 _____ C:\Users\Jana\Documents\cc_20160302_235027.reg
2016-02-21 15:16 - 2016-02-21 15:17 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\TOSHIBA Bulletin Board
2016-02-21 15:03 - 2016-02-21 15:03 - 00001895 _____ C:\Users\Public\Desktop\Battery Check Utility.lnk
2016-02-21 14:57 - 2016-02-21 14:57 - 00000000 ____D C:\Users\Jana\AppData\Roaming\WinBatch
2016-02-21 14:33 - 2016-02-21 14:33 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Sun
2016-02-21 14:33 - 2016-02-21 14:33 - 00000000 ____D C:\Users\Jana\.oracle_jre_usage
2016-02-21 14:31 - 2016-02-21 14:31 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\Oracle
2016-02-20 23:20 - 2016-02-20 23:20 - 00004570 _____ C:\Users\Jana\Documents\cc_20160220_232046.reg
2016-02-20 22:02 - 2016-02-20 22:02 - 00003234 _____ C:\Users\Jana\Documents\cc_20160220_220243.reg
2016-02-20 16:21 - 2016-02-20 16:13 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-20 16:18 - 2016-02-20 16:18 - 05206896 _____ (AVAST Software) C:\Users\Jana\Downloads\avast_free_antivirus_setup_online.exe
2016-02-20 16:14 - 2016-03-02 22:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-20 16:14 - 2016-02-23 17:05 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-02-20 16:14 - 2016-02-20 16:22 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-20 16:14 - 2016-02-20 16:22 - 00001929 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Users\Jana\AppData\Roaming\AVAST Software
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Program Files\Common Files\AV
2016-02-20 16:14 - 2016-02-20 16:13 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-20 16:13 - 2016-02-20 16:13 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-20 16:12 - 2016-02-20 16:12 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-20 16:12 - 2016-02-20 16:12 - 00000000 ____D C:\Program Files\AVAST Software
2016-02-20 15:31 - 2016-02-20 15:31 - 00011990 _____ C:\Users\Jana\Documents\cc_20160220_153131.reg
2016-02-14 18:31 - 2016-02-14 18:31 - 00003432 _____ C:\Windows\System32\Tasks\Reimage Reminder
2016-02-14 18:30 - 2016-02-14 18:31 - 00000000 ____D C:\ProgramData\Reimage Protector
2016-02-14 18:30 - 2016-02-14 18:30 - 00004274 _____ C:\Windows\System32\Tasks\ReimageUpdater
2016-02-14 18:29 - 2016-02-14 18:31 - 00000150 _____ C:\Windows\Reimage.ini
2016-02-13 14:40 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-13 14:40 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-13 14:18 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-13 14:18 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-13 14:18 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-13 14:18 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-13 14:18 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-13 14:18 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-13 14:18 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-13 14:18 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-13 14:18 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-13 14:18 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-13 14:18 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-13 14:18 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-13 14:18 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-13 14:18 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-13 14:17 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-13 14:17 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-13 14:17 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-13 14:17 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-13 14:17 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-13 14:17 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-13 14:17 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-13 14:17 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-13 14:17 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-13 14:17 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-13 14:17 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-13 14:17 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-13 14:17 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-13 14:17 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-13 14:17 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-13 14:17 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-13 14:17 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-13 14:17 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-13 14:17 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-13 14:17 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-13 14:17 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-13 14:17 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-13 14:17 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-13 14:17 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-13 14:17 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-13 14:17 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-13 14:17 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-13 14:17 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-13 14:17 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-13 14:17 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-13 14:17 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-13 14:17 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-13 14:17 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-13 14:17 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-13 14:17 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-13 14:17 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-13 14:17 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-13 14:17 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-13 14:17 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-13 14:17 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-13 14:17 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-13 14:17 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-13 14:17 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-13 14:17 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-13 14:17 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-13 14:17 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-13 14:17 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-13 14:16 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-13 14:16 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-13 14:16 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-13 14:16 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-13 14:16 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-13 14:16 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-13 14:16 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-13 14:16 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-13 14:16 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-13 14:16 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-13 14:14 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-13 14:14 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-13 14:14 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-13 14:14 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-13 14:14 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-13 14:14 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-13 14:14 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-13 14:14 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-13 14:14 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-13 14:14 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-13 14:14 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-13 14:14 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-13 14:14 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-13 14:14 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-13 14:14 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-13 14:14 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-13 14:14 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-13 14:14 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-13 14:14 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-13 14:14 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-13 14:14 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-13 14:14 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-13 14:14 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-13 14:14 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-13 14:14 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-13 14:14 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-13 14:14 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-13 14:14 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-13 14:14 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-13 14:14 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-13 14:14 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-13 14:14 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-13 14:14 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-13 14:14 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-13 14:14 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-13 14:14 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-13 14:13 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-13 14:13 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-13 14:13 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-13 14:13 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-13 14:13 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-13 14:13 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-03 00:46 - 2014-07-10 20:18 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-03 00:44 - 2009-07-14 05:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-03 00:44 - 2009-07-14 05:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-03 00:38 - 2014-05-11 12:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-03 00:37 - 2011-10-23 10:22 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2016-03-03 00:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-03 00:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-03 00:22 - 2014-07-10 20:18 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-03 00:20 - 2011-05-03 09:51 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-03-03 00:05 - 2014-11-26 16:00 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-03 00:05 - 2014-07-10 20:18 - 00000000 ____D C:\Program Files\Google
2016-03-02 23:37 - 2014-07-10 20:18 - 00000000 ____D C:\Users\Jana\AppData\Local\Google
2016-02-25 14:27 - 2015-10-09 17:18 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1444407479
2016-02-25 14:27 - 2015-10-09 17:17 - 00000000 ____D C:\Program Files (x86)\Opera
2016-02-23 17:43 - 2014-04-26 17:56 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.minecraft
2016-02-23 17:35 - 2014-04-26 17:35 - 00000000 ____D C:\Users\Jana\GSplay
2016-02-21 15:07 - 2011-10-23 10:01 - 00000000 ____D C:\Users\Jana\AppData\Local\VirtualStore
2016-02-21 15:03 - 2011-05-03 09:42 - 00000000 ____D C:\Program Files (x86)\TOSHIBA
2016-02-21 15:03 - 2011-05-03 09:37 - 00000000 ____D C:\Program Files\TOSHIBA
2016-02-21 14:58 - 2011-05-03 09:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2016-02-21 14:51 - 2014-06-15 05:46 - 00000000 ____D C:\Users\Jana\AppData\Local\ElevatedDiagnostics
2016-02-21 14:33 - 2011-10-23 10:41 - 00000000 ____D C:\Users\Jana
2016-02-21 14:32 - 2014-04-26 17:34 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-21 14:32 - 2014-04-26 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-21 14:32 - 2011-05-03 09:37 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-21 14:05 - 2015-10-09 17:19 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-02-20 22:51 - 2014-06-15 20:02 - 00000000 ____D C:\ProgramData\HappyCloud
2016-02-20 21:40 - 2014-11-26 21:35 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2016-02-20 21:40 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-02-20 21:39 - 2011-05-03 10:02 - 00000000 ____D C:\Program Files\mcafee
2016-02-20 16:57 - 2011-10-23 10:30 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Adobe
2016-02-20 16:57 - 2011-05-03 09:51 - 00000000 ____D C:\ProgramData\Adobe
2016-02-20 16:56 - 2014-07-13 20:23 - 00000000 ____D C:\Users\Jana\AppData\Local\Adobe
2016-02-20 16:55 - 2015-04-18 19:17 - 00000000 ____D C:\Users\Jana\AppData\Roaming\gtyt5r8wcgT
2016-02-20 16:38 - 2011-05-03 10:02 - 00000000 ____D C:\ProgramData\McAfee
2016-02-20 16:38 - 2011-05-03 10:02 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-02-20 16:28 - 2014-04-27 05:57 - 00000003 _____ C:\Users\Jana\stut
2016-02-20 16:10 - 2010-11-21 03:50 - 00000000 ____D C:\Users\Administrator
2016-02-20 15:43 - 2011-02-14 09:37 - 00631526 _____ C:\Windows\system32\perfh005.dat
2016-02-20 15:43 - 2011-02-14 09:37 - 00122148 _____ C:\Windows\system32\perfc005.dat
2016-02-20 15:43 - 2009-07-14 06:13 - 01470298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-20 15:30 - 2014-04-12 16:52 - 00000000 ____D C:\Users\Jana\AppData\Local\CrashDumps
2016-02-20 15:22 - 2015-10-09 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
2016-02-20 15:22 - 2015-10-09 17:18 - 00000000 ____D C:\Program Files (x86)\OneSystemCare
2016-02-20 15:22 - 2015-10-09 17:17 - 00000000 ____D C:\Program Files (x86)\Catered to You
2016-02-14 18:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-02-14 11:59 - 2015-10-09 17:18 - 00000274 _____ C:\Windows\Tasks\One System CarePeriod.job
2016-02-14 11:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-14 10:56 - 2009-07-14 05:45 - 00413168 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-14 10:52 - 2010-11-21 08:17 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-14 10:27 - 2013-08-15 21:52 - 00000000 ____D C:\Windows\system32\MRT
2016-02-14 10:27 - 2011-11-13 10:28 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:46 - 2014-07-10 20:18 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 18:46 - 2013-08-19 19:19 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 18:46 - 2013-08-19 19:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some files in TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\{47390B7E-C8E9-4D3F-B65B-4C38E653629A}.dll
C:\Users\Jana\AppData\Local\Temp\{5C3D0419-A914-443F-8744-C6DE06191F36}.dll
C:\Users\Jana\AppData\Local\Temp\{85907482-3E73-4EE0-B1E3-5638CE3EA640}.dll
C:\Users\Jana\AppData\Local\Temp\{8FADBBC5-95B7-48C5-B8E8-8D524E9C89FE}.dll
C:\Users\Jana\AppData\Local\Temp\{DD3FD0F5-E0B7-4808-82C8-60200161501F}.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-02-21 18:31

==================== End of FRST.txt ============================

# AdwCleaner v5.037 - Logfile created 03/03/2016 at 14:23:09
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jana - JANA-TOSH
# Running from : C:\Users\Jana\Desktop\adwcleaner_5.037.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : Service Mgr CateredtoYou
Service Found : Update Mgr CateredtoYou

***** [ Folders ] *****

Folder Found : C:\Program Files (x86)\OneSystemCare
Folder Found : C:\Program Files (x86)\Search Extensions
Folder Found : C:\Program Files (x86)\TNT2
Folder Found : C:\Program Files (x86)\Catered to You
Folder Found : C:\Program Files (x86)\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0
Folder Found : C:\Program Files (x86)\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0
Folder Found : C:\ProgramData\AskPartnerNetwork
Folder Found : C:\ProgramData\Reimage Protector
Folder Found : C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0
Folder Found : C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
Folder Found : C:\Users\Jana\AppData\Local\TNT2
Folder Found : C:\Users\Jana\AppData\Roaming\One System Care
Folder Found : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Extensions\pkmakaanhncmdgejahimnaijogbljgif
Folder Found : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Extensions\pkmakaanhncmdgejahimnaijogbljgif
Folder Found : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Extensions\pkmakaanhncmdgejahimnaijogbljgif
Folder Found : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Extensions\pkmakaanhncmdgejahimnaijogbljgif
Folder Found : C:\Windows\SysNative\Tasks\RocketTab
Folder Found : C:\Windows\SysNative\Tasks\UpdateAdmin

***** [ Files ] *****

File Found : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_pkmakaanhncmdgejahimnaijogbljgif_0.localstorage
File Found : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\pkmakaanhncmdgejahimnaijogbljgif
File Found : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_pkmakaanhncmdgejahimnaijogbljgif_0.localstorage
File Found : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\pkmakaanhncmdgejahimnaijogbljgif
File Found : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_pkmakaanhncmdgejahimnaijogbljgif_0.localstorage
File Found : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\pkmakaanhncmdgejahimnaijogbljgif
File Found : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_pkmakaanhncmdgejahimnaijogbljgif_0.localstorage
File Found : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\pkmakaanhncmdgejahimnaijogbljgif
File Found : C:\Users\Public\Desktop\eBay.lnk
File Found : C:\Windows\Reimage.ini

***** [ DLL ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

Task Found : Reimage Reminder
Task Found : ReimageUpdater
Task Found : RocketTab
Task Found : RocketTab Update Task
Task Found : UpdateAdmin
Task Found : One System CarePeriod
Task Found : One System Care Run Delay
Task Found : One System Care Monitor
Task Found : Reimage Reminder
Task Found : ReimageUpdater
Task Found : RocketTab
Task Found : RocketTab Update Task

***** [ Registry ] *****

Key Found : HKCU\Software\MozillaPlugins\@tnt2npapi.com/Plugin
Key Found : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Found : HKCU\Software\248f147491a302acb50014e1ff3c2f4e
Key Found : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Found : HKCU\Software\Classes\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FEB2313-F89B-4AC6-8153-84025604A06A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{FBB037E4-1CB2-406C-ACCC-925BD5BC7FD7}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FEB2313-F89B-4AC6-8153-84025604A06A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
Key Found : HKCU\Software\DownloadAdmin
Key Found : HKCU\Software\One System Care
Key Found : HKCU\Software\Reimage
Key Found : HKCU\Software\RocketTabInstalled
Key Found : HKCU\Software\rttasks
Key Found : HKCU\Software\Search Extensions
Key Found : HKCU\Software\TNT2
Key Found : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
Key Found : HKLM\SOFTWARE\RocketTab
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab
Key Found : [x64] HKLM\SOFTWARE\Reimage
Key Found : HKU\.DEFAULT\Software\AskPartnerNetwork
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbcwgIVwgQRxhAeFwNTA1CEwIOeQgBUxRGFwwUcVoBVAFDFQUFIk0FA1ADB0VXfVBdFElXTwhgIU1dE1wVVVp6L0w=
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\OldSearch
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BDA6B89-CEEB-4AE6-B2E4-44B9F9BB7F7C}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CB3DE0FE-CF2F-46DD-BA85-CAF617E00CCC}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{243329F3-99E6-4845-B0B5-A670043D2F54}
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {243329F3-99E6-4845-B0B5-A670043D2F54}
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mmotraffic.com

***** [ Web browsers ] *****

[C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : searchinterneat-a.akamaihd.net
[C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQELUAlHEFRFbVoABAxcFQYRdxQBUABDDAIVeQ4JAgBEGQcXcB9aFQQTQkcFME0FBloEURNNfXpZFVwDRFFXL2BXFA==&q={searchTerms}

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [11372 bytes] - [03/03/2016 13:07:09]
C:\AdwCleaner\AdwCleaner[S2].txt - [11265 bytes] - [03/03/2016 14:23:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [11339 bytes] ##########

#2 Příspěvek od **Rudy** » 03 bře 2016 17:58

V ADW jste neklikl na >cleaning<. Spusťte ADW ještě jednou.

jask · #3 Příspěvek od **jask** » 03 bře 2016 22:20

díky, tady je log

# AdwCleaner v5.037 - Logfile created 03/03/2016 at 21:54:53
# Updated 28/02/2016 by Xplode
# Database : 2016-03-02.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Jana - JANA-TOSH
# Running from : C:\Users\Jana\Desktop\adwcleaner_5.037.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : Service Mgr CateredtoYou
[-] Service Deleted : Update Mgr CateredtoYou

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\OneSystemCare
[-] Folder Deleted : C:\Program Files (x86)\Search Extensions
[-] Folder Deleted : C:\Program Files (x86)\TNT2
[-] Folder Deleted : C:\Program Files (x86)\Catered to You
[-] Folder Deleted : C:\Program Files (x86)\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0
[!] Folder Not Deleted : C:\Program Files (x86)\Common Files\a95f8535-bd08-4370-a6e0-814924c0d5f0
[-] Folder Deleted : C:\ProgramData\AskPartnerNetwork
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[-] Folder Deleted : C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0
[!] Folder Not Deleted : C:\ProgramData\a95f8535-bd08-4370-a6e0-814924c0d5f0
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\One System Care
[-] Folder Deleted : C:\Users\Jana\AppData\Local\TNT2
[-] Folder Deleted : C:\Users\Jana\AppData\Roaming\One System Care
[-] Folder Deleted : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Extensions\pkmakaanhncmdgejahimnaijogbljgif
[!] Folder Not Deleted : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Extensions\pkmakaanhncmdgejahimnaijogbljgif
[!] Folder Not Deleted : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Extensions\pkmakaanhncmdgejahimnaijogbljgif
[!] Folder Not Deleted : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Extensions\pkmakaanhncmdgejahimnaijogbljgif
[#] Folder Deleted : C:\Windows\SysNative\Tasks\RocketTab
[#] Folder Deleted : C:\Windows\SysNative\Tasks\UpdateAdmin

***** [ Files ] *****

[-] File Deleted : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_pkmakaanhncmdgejahimnaijogbljgif_0.localstorage
[-] File Deleted : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\pkmakaanhncmdgejahimnaijogbljgif
[-] File Deleted : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_pkmakaanhncmdgejahimnaijogbljgif_0.localstorage
[-] File Deleted : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\pkmakaanhncmdgejahimnaijogbljgif
[-] File Deleted : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_pkmakaanhncmdgejahimnaijogbljgif_0.localstorage
[-] File Deleted : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\pkmakaanhncmdgejahimnaijogbljgif
[-] File Deleted : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_pkmakaanhncmdgejahimnaijogbljgif_0.localstorage
[-] File Deleted : C:\Users\Jana\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\pkmakaanhncmdgejahimnaijogbljgif
[-] File Deleted : C:\Users\Public\Desktop\eBay.lnk
[-] File Deleted : C:\Windows\Reimage.ini

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : Reimage Reminder
[-] Task Deleted : ReimageUpdater
[-] Task Deleted : RocketTab
[-] Task Deleted : RocketTab Update Task
[-] Task Deleted : UpdateAdmin
[-] Task Deleted : One System CarePeriod
[-] Task Deleted : One System Care Run Delay
[-] Task Deleted : One System Care Monitor
[-] Task Deleted : Reimage Reminder
[-] Task Deleted : ReimageUpdater
[-] Task Deleted : RocketTab
[-] Task Deleted : RocketTab Update Task

***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\MozillaPlugins\@tnt2npapi.com/Plugin
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKCU\Software\248f147491a302acb50014e1ff3c2f4e
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKCU\Software\Classes\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FBB037E4-1CB2-406C-ACCC-925BD5BC7FD7}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
[-] Key Deleted : HKCU\Software\DownloadAdmin
[-] Key Deleted : HKCU\Software\One System Care
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\RocketTabInstalled
[-] Key Deleted : HKCU\Software\rttasks
[-] Key Deleted : HKCU\Software\Search Extensions
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Key Deleted : HKLM\SOFTWARE\RocketTab
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\OldSearch
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BDA6B89-CEEB-4AE6-B2E4-44B9F9BB7F7C}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CB3DE0FE-CF2F-46DD-BA85-CAF617E00CCC}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{243329F3-99E6-4845-B0B5-A670043D2F54}
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mmotraffic.com

***** [ Web browsers ] *****

[-] [C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : searchinterneat-a.akamaihd.net
[-] [C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted : hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfQELUAlHEFRFbVoABAxcFQYRdxQBUABDDAIVeQ4JAgBEGQcXcB9aFQQTQkcFME0FBloEURNNfXpZFVwDRFFXL2BXFA==&q={searchTerms}

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [11932 bytes] - [03/03/2016 21:54:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [11372 bytes] - [03/03/2016 13:07:09]
C:\AdwCleaner\AdwCleaner[S2].txt - [11539 bytes] - [03/03/2016 14:23:09]
C:\AdwCleaner\AdwCleaner[S3].txt - [11837 bytes] - [03/03/2016 21:53:10]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12228 bytes] ##########

#4 Příspěvek od **Rudy** » 03 bře 2016 22:31

Dejte nový log FRST.

jask · #5 Příspěvek od **jask** » 03 bře 2016 22:46

tady je log frst

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-03-2016
Ran by Jana (administrator) on JANA-TOSH (03-03-2016 22:42:45)
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana (Available Profiles: Jana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(forum.viry.cz) C:\Users\Jana\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-05-03] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-01-07] (Nero AG)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-20] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [Windows] => C:\Users\Public\Windows\run.vbs [76 2014-04-19] ()
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-03-02] (SUPERAntiSpyware)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-20] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2014-05-24]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk [2011-05-03]
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2016-03-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-169495403-3244652656-2952094556-1000] => http=127.0.0.1:52585;https=127.0.0.1:52585
Tcpip\Parameters: [DhcpNameServer] 10.0.0.22 77.48.100.254
Tcpip\..\Interfaces\{B8041227-3E8A-4206-9B19-CF226DF7174A}: [DhcpNameServer] 10.0.0.22 77.48.100.254
Tcpip\..\Interfaces\{E2D80CFB-D6CA-43D1-83EB-F8D159B1C896}: [DhcpNameServer] 46.252.224.18 8.8.8.8
ManualProxies: 1http=127.0.0.1:52585;https=127.0.0.1:52585

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/places?touch=4&cat=1
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.viry.cz/
URLSearchHook: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {243329F3-99E6-4845-B0B5-A670043D2F54} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {0694D8A4-5CDC-4992-9D13-815C11178B53} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {0C5F344C-7BB4-49B0-AA36-469B7ABF8E97} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {181D6206-208E-4259-A70F-65EC6874E45D} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keyw ... nkCode=ur2
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {1D80E9EA-F3DA-4B8C-A8CB-3DDFB08C02C3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {243329F3-99E6-4845-B0B5-A670043D2F54} URL =
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {32393742-6038-475F-A244-C1EE5C647CC6} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {3CD1AEDF-434C-4FAD-85EB-15DA2C96B566} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {4BB7C6C0-C5F0-44E7-8F38-2D241D662F17} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11433
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {54C6FA14-A19B-47B5-82A2-CF571BF63EB0} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {5C10703D-C2F2-48A5-A914-1359EE18BA0B} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {737AED41-FC1A-475C-8F4F-ABEC20C33644} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {914EB8B9-5590-4E3C-BE4D-E9CAFA078450} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {E72F9919-8D5F-44F3-A652-1C2DD0561478} URL = hxxp://rover.ebay.com/rover/1/710-71511-9400-6/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {F0CEABAF-0336-42C8-94CA-7AD98FA8E2C4} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-02-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-20] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-21] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (<TOSHIBA>)
Toolbar: HKLM - No Name - {C457D7A4-8720-42C1-9536-F74F4616FDAC} - No File
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/update ... .203.0.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @eximion.com/KalydoPlayer -> C:\Users\Jana\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll [2013-03-05] (Eximion B.V.)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @nsroblox.roblox.com/launcher -> C:\Users\Jana\AppData\Local\Roblox\Versions\version-3c333d16b2ee4af9\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Jana\AppData\Local\Roblox\Versions\version-3c333d16b2ee4af9\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jana\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-20]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-20]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbcwgIVwgQRxhAeFwNTA1CEwIOeQgBUxRGFwwUcVoBVAFDFQUFIk0FA1oDB0VXfV5bFElXTwhgIU1dE1wVVVp6L0w="
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Avast Online Security) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-03-02]
CHR Extension: (Skype) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-10]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-03]
CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-20] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-02-25] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3472368 2014-12-01] (INCA Internet Co., Ltd.)
S2 psrem02; C:\Windows\system32\psrem02.exe [606328 2006-05-11] (Protection Technology)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-23] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-20] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
R0 psdrv02; C:\Windows\System32\drivers\psdrv02.sys [74616 2006-09-11] (Protection Technology)
R0 pssync05; C:\Windows\System32\drivers\pssync05.sys [80768 2006-11-03] (Protection Technology)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 cpuz134; \??\C:\Users\Jana\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-03 22:42 - 2016-03-03 22:42 - 00028336 _____ C:\Users\Jana\Desktop\FRST.txt
2016-03-03 22:37 - 2016-03-03 22:37 - 00112640 _____ (forum.viry.cz) C:\Users\Jana\Downloads\FRSTLauncher (1).exe
2016-03-03 22:37 - 2016-03-03 22:37 - 00112640 _____ (forum.viry.cz) C:\Users\Jana\Desktop\FRSTLauncher.exe
2016-03-03 14:16 - 2016-03-03 14:16 - 00010914 _____ C:\Users\Jana\Desktop\Addition.rar
2016-03-03 13:06 - 2016-03-03 21:54 - 00000000 ____D C:\AdwCleaner
2016-03-03 12:54 - 2016-03-03 12:54 - 01518592 _____ C:\Users\Jana\Desktop\adwcleaner_5.037.exe
2016-03-03 01:22 - 2016-03-03 01:22 - 00093230 _____ C:\Users\Jana\Desktop\Shortcut.txt
2016-03-03 01:17 - 2016-03-03 22:42 - 00000000 ____D C:\FRST
2016-03-03 01:15 - 2016-03-03 01:15 - 02371584 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2016-03-03 00:33 - 2016-03-03 00:33 - 00007404 _____ C:\Users\Jana\Documents\cc_20160303_003348.reg
2016-03-03 00:20 - 2016-03-03 00:20 - 00002026 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2016-03-03 00:10 - 2016-03-03 00:10 - 00007434 _____ C:\Users\Jana\Documents\startup.txt
2016-03-02 23:50 - 2016-03-02 23:50 - 00013670 _____ C:\Users\Jana\Documents\cc_20160302_235027.reg
2016-02-21 15:16 - 2016-02-21 15:17 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\TOSHIBA Bulletin Board
2016-02-21 15:03 - 2016-02-21 15:03 - 00001895 _____ C:\Users\Public\Desktop\Battery Check Utility.lnk
2016-02-21 14:57 - 2016-02-21 14:57 - 00000000 ____D C:\Users\Jana\AppData\Roaming\WinBatch
2016-02-21 14:33 - 2016-02-21 14:33 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Sun
2016-02-21 14:33 - 2016-02-21 14:33 - 00000000 ____D C:\Users\Jana\.oracle_jre_usage
2016-02-21 14:31 - 2016-02-21 14:31 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\Oracle
2016-02-20 23:20 - 2016-02-20 23:20 - 00004570 _____ C:\Users\Jana\Documents\cc_20160220_232046.reg
2016-02-20 22:02 - 2016-02-20 22:02 - 00003234 _____ C:\Users\Jana\Documents\cc_20160220_220243.reg
2016-02-20 16:21 - 2016-02-20 16:13 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-20 16:18 - 2016-02-20 16:18 - 05206896 _____ (AVAST Software) C:\Users\Jana\Downloads\avast_free_antivirus_setup_online.exe
2016-02-20 16:14 - 2016-03-02 22:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-20 16:14 - 2016-02-23 17:05 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-02-20 16:14 - 2016-02-20 16:22 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-20 16:14 - 2016-02-20 16:22 - 00001929 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Users\Jana\AppData\Roaming\AVAST Software
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Program Files\Common Files\AV
2016-02-20 16:14 - 2016-02-20 16:13 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-20 16:13 - 2016-02-20 16:13 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-20 16:12 - 2016-02-20 16:12 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-20 16:12 - 2016-02-20 16:12 - 00000000 ____D C:\Program Files\AVAST Software
2016-02-20 15:31 - 2016-02-20 15:31 - 00011990 _____ C:\Users\Jana\Documents\cc_20160220_153131.reg
2016-02-13 14:40 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-13 14:40 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-13 14:18 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-13 14:18 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-13 14:18 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-13 14:18 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-13 14:18 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-13 14:18 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-13 14:18 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-13 14:18 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-13 14:18 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-13 14:18 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-13 14:18 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-13 14:18 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-13 14:18 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-13 14:18 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-13 14:17 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-13 14:17 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-13 14:17 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-13 14:17 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-13 14:17 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-13 14:17 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-13 14:17 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-13 14:17 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-13 14:17 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-13 14:17 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-13 14:17 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-13 14:17 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-13 14:17 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-13 14:17 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-13 14:17 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-13 14:17 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-13 14:17 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-13 14:17 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-13 14:17 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-13 14:17 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-13 14:17 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-13 14:17 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-13 14:17 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-13 14:17 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-13 14:17 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-13 14:17 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-13 14:17 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-13 14:17 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-13 14:17 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-13 14:17 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-13 14:17 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-13 14:17 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-13 14:17 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-13 14:17 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-13 14:17 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-13 14:17 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-13 14:17 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-13 14:17 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-13 14:17 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-13 14:17 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-13 14:17 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-13 14:17 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-13 14:17 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-13 14:17 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-13 14:17 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-13 14:17 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-13 14:17 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-13 14:16 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-13 14:16 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-13 14:16 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-13 14:16 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-13 14:16 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-13 14:16 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-13 14:16 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-13 14:16 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-13 14:16 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-13 14:16 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-13 14:14 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-13 14:14 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-13 14:14 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-13 14:14 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-13 14:14 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-13 14:14 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-13 14:14 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-13 14:14 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-13 14:14 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-13 14:14 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-13 14:14 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-13 14:14 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-13 14:14 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-13 14:14 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-13 14:14 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-13 14:14 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-13 14:14 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-13 14:14 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-13 14:14 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-13 14:14 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-13 14:14 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-13 14:14 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-13 14:14 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-13 14:14 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-13 14:14 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-13 14:14 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-13 14:14 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-13 14:14 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-13 14:14 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-13 14:14 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-13 14:14 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-13 14:14 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-13 14:14 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-13 14:14 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-13 14:14 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-13 14:14 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-13 14:13 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-13 14:13 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-13 14:13 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-13 14:13 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-13 14:13 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-13 14:13 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-03 22:05 - 2009-07-14 05:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-03 22:05 - 2009-07-14 05:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-03 22:01 - 2011-02-14 09:37 - 00631526 _____ C:\Windows\system32\perfh005.dat
2016-03-03 22:01 - 2011-02-14 09:37 - 00122148 _____ C:\Windows\system32\perfc005.dat
2016-03-03 22:01 - 2009-07-14 06:13 - 01470298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-03 22:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-03 22:00 - 2014-05-11 12:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-03 22:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-03-03 21:56 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-03 21:46 - 2014-07-10 20:18 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-03 17:27 - 2011-05-03 10:02 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-03 17:27 - 2009-07-14 06:08 - 00032564 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-03 13:46 - 2014-04-12 16:52 - 00000000 ____D C:\Users\Jana\AppData\Local\CrashDumps
2016-03-03 11:30 - 2011-05-03 10:02 - 00000000 ____D C:\ProgramData\McAfee
2016-03-03 11:28 - 2015-10-09 17:18 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1444407479
2016-03-03 11:28 - 2015-10-09 17:17 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-03 01:45 - 2011-10-23 10:22 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2016-03-03 00:22 - 2014-07-10 20:18 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-03 00:20 - 2011-05-03 09:51 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-03-03 00:05 - 2014-11-26 16:00 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-03 00:05 - 2014-07-10 20:18 - 00000000 ____D C:\Program Files\Google
2016-03-02 23:37 - 2014-07-10 20:18 - 00000000 ____D C:\Users\Jana\AppData\Local\Google
2016-02-23 17:43 - 2014-04-26 17:56 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.minecraft
2016-02-23 17:35 - 2014-04-26 17:35 - 00000000 ____D C:\Users\Jana\GSplay
2016-02-21 15:07 - 2011-10-23 10:01 - 00000000 ____D C:\Users\Jana\AppData\Local\VirtualStore
2016-02-21 15:03 - 2011-05-03 09:42 - 00000000 ____D C:\Program Files (x86)\TOSHIBA
2016-02-21 15:03 - 2011-05-03 09:37 - 00000000 ____D C:\Program Files\TOSHIBA
2016-02-21 14:58 - 2011-05-03 09:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2016-02-21 14:51 - 2014-06-15 05:46 - 00000000 ____D C:\Users\Jana\AppData\Local\ElevatedDiagnostics
2016-02-21 14:33 - 2011-10-23 10:41 - 00000000 ____D C:\Users\Jana
2016-02-21 14:32 - 2014-04-26 17:34 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-21 14:32 - 2014-04-26 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-21 14:32 - 2011-05-03 09:37 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-21 14:05 - 2015-10-09 17:19 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-02-20 22:51 - 2014-06-15 20:02 - 00000000 ____D C:\ProgramData\HappyCloud
2016-02-20 21:40 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-02-20 21:39 - 2011-05-03 10:02 - 00000000 ____D C:\Program Files\mcafee
2016-02-20 16:57 - 2011-10-23 10:30 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Adobe
2016-02-20 16:57 - 2011-05-03 09:51 - 00000000 ____D C:\ProgramData\Adobe
2016-02-20 16:56 - 2014-07-13 20:23 - 00000000 ____D C:\Users\Jana\AppData\Local\Adobe
2016-02-20 16:55 - 2015-04-18 19:17 - 00000000 ____D C:\Users\Jana\AppData\Roaming\gtyt5r8wcgT
2016-02-20 16:28 - 2014-04-27 05:57 - 00000003 _____ C:\Users\Jana\stut
2016-02-20 16:10 - 2010-11-21 03:50 - 00000000 ____D C:\Users\Administrator
2016-02-14 11:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-14 10:56 - 2009-07-14 05:45 - 00413168 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-14 10:52 - 2010-11-21 08:17 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-14 10:27 - 2013-08-15 21:52 - 00000000 ____D C:\Windows\system32\MRT
2016-02-14 10:27 - 2011-11-13 10:28 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:46 - 2014-07-10 20:18 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 18:46 - 2013-08-19 19:19 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 18:46 - 2013-08-19 19:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

Some files in TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\sqlite3.dll
C:\Users\Jana\AppData\Local\Temp\{2F443655-794C-4CD7-97E1-11E9DA5129A0}.dll
C:\Users\Jana\AppData\Local\Temp\{47390B7E-C8E9-4D3F-B65B-4C38E653629A}.dll
C:\Users\Jana\AppData\Local\Temp\{5B167D88-72EF-4153-9D50-DD592390B26F}.dll
C:\Users\Jana\AppData\Local\Temp\{5C3D0419-A914-443F-8744-C6DE06191F36}.dll
C:\Users\Jana\AppData\Local\Temp\{68057713-C635-4B05-8A53-0B7B2B6B04BD}.dll
C:\Users\Jana\AppData\Local\Temp\{8248485F-EEA1-4D42-B68A-D84AD9F473F9}.dll
C:\Users\Jana\AppData\Local\Temp\{85907482-3E73-4EE0-B1E3-5638CE3EA640}.dll
C:\Users\Jana\AppData\Local\Temp\{8FADBBC5-95B7-48C5-B8E8-8D524E9C89FE}.dll
C:\Users\Jana\AppData\Local\Temp\{B696CF9B-7456-4747-9BF7-CA54C54CCEA6}.dll
C:\Users\Jana\AppData\Local\Temp\{C3703C5A-BF34-4228-9967-F246656CDE7C}.dll
C:\Users\Jana\AppData\Local\Temp\{DD3FD0F5-E0B7-4808-82C8-60200161501F}.dll
C:\Users\Jana\AppData\Local\Temp\{ED02CA7F-F840-476B-84D6-21EEEB32A6A1}.dll
C:\Users\Jana\AppData\Local\Temp\{FD9AF4B3-980F-4702-AF48-FC51A26A4529}.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-02-21 18:31

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:91.26 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:207.28 GB) NTFS

Available physical RAM: 2306.32 MB
Total physical RAM: 4003.76 MB
Percentage of memory in use: 42%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9E82D916)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jana\Desktop" je 155 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface
"C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

jask · #6 Příspěvek od **jask** » 03 bře 2016 22:46

tady je log frst

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-03-2016
Ran by Jana (administrator) on JANA-TOSH (03-03-2016 22:42:45)
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana (Available Profiles: Jana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(forum.viry.cz) C:\Users\Jana\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-05-03] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-01-07] (Nero AG)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-20] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [Windows] => C:\Users\Public\Windows\run.vbs [76 2014-04-19] ()
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-03-02] (SUPERAntiSpyware)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-20] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2014-05-24]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk [2011-05-03]
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2016-03-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-169495403-3244652656-2952094556-1000] => http=127.0.0.1:52585;https=127.0.0.1:52585
Tcpip\Parameters: [DhcpNameServer] 10.0.0.22 77.48.100.254
Tcpip\..\Interfaces\{B8041227-3E8A-4206-9B19-CF226DF7174A}: [DhcpNameServer] 10.0.0.22 77.48.100.254
Tcpip\..\Interfaces\{E2D80CFB-D6CA-43D1-83EB-F8D159B1C896}: [DhcpNameServer] 46.252.224.18 8.8.8.8
ManualProxies: 1http=127.0.0.1:52585;https=127.0.0.1:52585

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/places?touch=4&cat=1
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.viry.cz/
URLSearchHook: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {243329F3-99E6-4845-B0B5-A670043D2F54} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {0694D8A4-5CDC-4992-9D13-815C11178B53} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {0C5F344C-7BB4-49B0-AA36-469B7ABF8E97} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {181D6206-208E-4259-A70F-65EC6874E45D} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keyw ... nkCode=ur2
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {1D80E9EA-F3DA-4B8C-A8CB-3DDFB08C02C3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {243329F3-99E6-4845-B0B5-A670043D2F54} URL =
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {32393742-6038-475F-A244-C1EE5C647CC6} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {3CD1AEDF-434C-4FAD-85EB-15DA2C96B566} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {4BB7C6C0-C5F0-44E7-8F38-2D241D662F17} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11433
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {54C6FA14-A19B-47B5-82A2-CF571BF63EB0} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {5C10703D-C2F2-48A5-A914-1359EE18BA0B} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {737AED41-FC1A-475C-8F4F-ABEC20C33644} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {914EB8B9-5590-4E3C-BE4D-E9CAFA078450} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {E72F9919-8D5F-44F3-A652-1C2DD0561478} URL = hxxp://rover.ebay.com/rover/1/710-71511-9400-6/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {F0CEABAF-0336-42C8-94CA-7AD98FA8E2C4} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-02-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-20] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-21] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (<TOSHIBA>)
Toolbar: HKLM - No Name - {C457D7A4-8720-42C1-9536-F74F4616FDAC} - No File
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/update ... .203.0.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @eximion.com/KalydoPlayer -> C:\Users\Jana\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll [2013-03-05] (Eximion B.V.)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @nsroblox.roblox.com/launcher -> C:\Users\Jana\AppData\Local\Roblox\Versions\version-3c333d16b2ee4af9\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Jana\AppData\Local\Roblox\Versions\version-3c333d16b2ee4af9\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jana\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-20]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-20]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbcwgIVwgQRxhAeFwNTA1CEwIOeQgBUxRGFwwUcVoBVAFDFQUFIk0FA1oDB0VXfV5bFElXTwhgIU1dE1wVVVp6L0w="
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Avast Online Security) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-03-02]
CHR Extension: (Skype) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-10]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-03]
CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-20] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-02-25] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3472368 2014-12-01] (INCA Internet Co., Ltd.)
S2 psrem02; C:\Windows\system32\psrem02.exe [606328 2006-05-11] (Protection Technology)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-23] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-20] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
R0 psdrv02; C:\Windows\System32\drivers\psdrv02.sys [74616 2006-09-11] (Protection Technology)
R0 pssync05; C:\Windows\System32\drivers\pssync05.sys [80768 2006-11-03] (Protection Technology)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 cpuz134; \??\C:\Users\Jana\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-03 22:42 - 2016-03-03 22:42 - 00028336 _____ C:\Users\Jana\Desktop\FRST.txt
2016-03-03 22:37 - 2016-03-03 22:37 - 00112640 _____ (forum.viry.cz) C:\Users\Jana\Downloads\FRSTLauncher (1).exe
2016-03-03 22:37 - 2016-03-03 22:37 - 00112640 _____ (forum.viry.cz) C:\Users\Jana\Desktop\FRSTLauncher.exe
2016-03-03 14:16 - 2016-03-03 14:16 - 00010914 _____ C:\Users\Jana\Desktop\Addition.rar
2016-03-03 13:06 - 2016-03-03 21:54 - 00000000 ____D C:\AdwCleaner
2016-03-03 12:54 - 2016-03-03 12:54 - 01518592 _____ C:\Users\Jana\Desktop\adwcleaner_5.037.exe
2016-03-03 01:22 - 2016-03-03 01:22 - 00093230 _____ C:\Users\Jana\Desktop\Shortcut.txt
2016-03-03 01:17 - 2016-03-03 22:42 - 00000000 ____D C:\FRST
2016-03-03 01:15 - 2016-03-03 01:15 - 02371584 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2016-03-03 00:33 - 2016-03-03 00:33 - 00007404 _____ C:\Users\Jana\Documents\cc_20160303_003348.reg
2016-03-03 00:20 - 2016-03-03 00:20 - 00002026 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2016-03-03 00:10 - 2016-03-03 00:10 - 00007434 _____ C:\Users\Jana\Documents\startup.txt
2016-03-02 23:50 - 2016-03-02 23:50 - 00013670 _____ C:\Users\Jana\Documents\cc_20160302_235027.reg
2016-02-21 15:16 - 2016-02-21 15:17 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\TOSHIBA Bulletin Board
2016-02-21 15:03 - 2016-02-21 15:03 - 00001895 _____ C:\Users\Public\Desktop\Battery Check Utility.lnk
2016-02-21 14:57 - 2016-02-21 14:57 - 00000000 ____D C:\Users\Jana\AppData\Roaming\WinBatch
2016-02-21 14:33 - 2016-02-21 14:33 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Sun
2016-02-21 14:33 - 2016-02-21 14:33 - 00000000 ____D C:\Users\Jana\.oracle_jre_usage
2016-02-21 14:31 - 2016-02-21 14:31 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\Oracle
2016-02-20 23:20 - 2016-02-20 23:20 - 00004570 _____ C:\Users\Jana\Documents\cc_20160220_232046.reg
2016-02-20 22:02 - 2016-02-20 22:02 - 00003234 _____ C:\Users\Jana\Documents\cc_20160220_220243.reg
2016-02-20 16:21 - 2016-02-20 16:13 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-20 16:18 - 2016-02-20 16:18 - 05206896 _____ (AVAST Software) C:\Users\Jana\Downloads\avast_free_antivirus_setup_online.exe
2016-02-20 16:14 - 2016-03-02 22:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-20 16:14 - 2016-02-23 17:05 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-02-20 16:14 - 2016-02-20 16:22 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-20 16:14 - 2016-02-20 16:22 - 00001929 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Users\Jana\AppData\Roaming\AVAST Software
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Program Files\Common Files\AV
2016-02-20 16:14 - 2016-02-20 16:13 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-20 16:13 - 2016-02-20 16:13 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-20 16:12 - 2016-02-20 16:12 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-20 16:12 - 2016-02-20 16:12 - 00000000 ____D C:\Program Files\AVAST Software
2016-02-20 15:31 - 2016-02-20 15:31 - 00011990 _____ C:\Users\Jana\Documents\cc_20160220_153131.reg
2016-02-13 14:40 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-13 14:40 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-13 14:18 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-13 14:18 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-13 14:18 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-13 14:18 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-13 14:18 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-13 14:18 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-13 14:18 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-13 14:18 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-13 14:18 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-13 14:18 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-13 14:18 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-13 14:18 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-13 14:18 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-13 14:18 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-13 14:17 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-13 14:17 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-13 14:17 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-13 14:17 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-13 14:17 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-13 14:17 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-13 14:17 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-13 14:17 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-13 14:17 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-13 14:17 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-13 14:17 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-13 14:17 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-13 14:17 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-13 14:17 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-13 14:17 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-13 14:17 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-13 14:17 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-13 14:17 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-13 14:17 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-13 14:17 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-13 14:17 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-13 14:17 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-13 14:17 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-13 14:17 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-13 14:17 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-13 14:17 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-13 14:17 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-13 14:17 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-13 14:17 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-13 14:17 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-13 14:17 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-13 14:17 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-13 14:17 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-13 14:17 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-13 14:17 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-13 14:17 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-13 14:17 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-13 14:17 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-13 14:17 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-13 14:17 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-13 14:17 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-13 14:17 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-13 14:17 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-13 14:17 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-13 14:17 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-13 14:17 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-13 14:17 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-13 14:16 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-13 14:16 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-13 14:16 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-13 14:16 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-13 14:16 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-13 14:16 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-13 14:16 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-13 14:16 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-13 14:16 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-13 14:16 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-13 14:14 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-13 14:14 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-13 14:14 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-13 14:14 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-13 14:14 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-13 14:14 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-13 14:14 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-13 14:14 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-13 14:14 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-13 14:14 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-13 14:14 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-13 14:14 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-13 14:14 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-13 14:14 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-13 14:14 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-13 14:14 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-13 14:14 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-13 14:14 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-13 14:14 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-13 14:14 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-13 14:14 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-13 14:14 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-13 14:14 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-13 14:14 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-13 14:14 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-13 14:14 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-13 14:14 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-13 14:14 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-13 14:14 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-13 14:14 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-13 14:14 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-13 14:14 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-13 14:14 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-13 14:14 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-13 14:14 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-13 14:14 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-13 14:13 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-13 14:13 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-13 14:13 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-13 14:13 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-13 14:13 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-13 14:13 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-03 22:05 - 2009-07-14 05:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-03 22:05 - 2009-07-14 05:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-03 22:01 - 2011-02-14 09:37 - 00631526 _____ C:\Windows\system32\perfh005.dat
2016-03-03 22:01 - 2011-02-14 09:37 - 00122148 _____ C:\Windows\system32\perfc005.dat
2016-03-03 22:01 - 2009-07-14 06:13 - 01470298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-03 22:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-03 22:00 - 2014-05-11 12:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-03 22:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-03-03 21:56 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-03 21:46 - 2014-07-10 20:18 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-03 17:27 - 2011-05-03 10:02 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-03 17:27 - 2009-07-14 06:08 - 00032564 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-03 13:46 - 2014-04-12 16:52 - 00000000 ____D C:\Users\Jana\AppData\Local\CrashDumps
2016-03-03 11:30 - 2011-05-03 10:02 - 00000000 ____D C:\ProgramData\McAfee
2016-03-03 11:28 - 2015-10-09 17:18 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1444407479
2016-03-03 11:28 - 2015-10-09 17:17 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-03 01:45 - 2011-10-23 10:22 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2016-03-03 00:22 - 2014-07-10 20:18 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-03 00:20 - 2011-05-03 09:51 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-03-03 00:05 - 2014-11-26 16:00 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-03 00:05 - 2014-07-10 20:18 - 00000000 ____D C:\Program Files\Google
2016-03-02 23:37 - 2014-07-10 20:18 - 00000000 ____D C:\Users\Jana\AppData\Local\Google
2016-02-23 17:43 - 2014-04-26 17:56 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.minecraft
2016-02-23 17:35 - 2014-04-26 17:35 - 00000000 ____D C:\Users\Jana\GSplay
2016-02-21 15:07 - 2011-10-23 10:01 - 00000000 ____D C:\Users\Jana\AppData\Local\VirtualStore
2016-02-21 15:03 - 2011-05-03 09:42 - 00000000 ____D C:\Program Files (x86)\TOSHIBA
2016-02-21 15:03 - 2011-05-03 09:37 - 00000000 ____D C:\Program Files\TOSHIBA
2016-02-21 14:58 - 2011-05-03 09:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2016-02-21 14:51 - 2014-06-15 05:46 - 00000000 ____D C:\Users\Jana\AppData\Local\ElevatedDiagnostics
2016-02-21 14:33 - 2011-10-23 10:41 - 00000000 ____D C:\Users\Jana
2016-02-21 14:32 - 2014-04-26 17:34 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-21 14:32 - 2014-04-26 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-21 14:32 - 2011-05-03 09:37 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-21 14:05 - 2015-10-09 17:19 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-02-20 22:51 - 2014-06-15 20:02 - 00000000 ____D C:\ProgramData\HappyCloud
2016-02-20 21:40 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-02-20 21:39 - 2011-05-03 10:02 - 00000000 ____D C:\Program Files\mcafee
2016-02-20 16:57 - 2011-10-23 10:30 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Adobe
2016-02-20 16:57 - 2011-05-03 09:51 - 00000000 ____D C:\ProgramData\Adobe
2016-02-20 16:56 - 2014-07-13 20:23 - 00000000 ____D C:\Users\Jana\AppData\Local\Adobe
2016-02-20 16:55 - 2015-04-18 19:17 - 00000000 ____D C:\Users\Jana\AppData\Roaming\gtyt5r8wcgT
2016-02-20 16:28 - 2014-04-27 05:57 - 00000003 _____ C:\Users\Jana\stut
2016-02-20 16:10 - 2010-11-21 03:50 - 00000000 ____D C:\Users\Administrator
2016-02-14 11:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-14 10:56 - 2009-07-14 05:45 - 00413168 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-14 10:52 - 2010-11-21 08:17 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-14 10:27 - 2013-08-15 21:52 - 00000000 ____D C:\Windows\system32\MRT
2016-02-14 10:27 - 2011-11-13 10:28 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:46 - 2014-07-10 20:18 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 18:46 - 2013-08-19 19:19 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 18:46 - 2013-08-19 19:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

Some files in TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\sqlite3.dll
C:\Users\Jana\AppData\Local\Temp\{2F443655-794C-4CD7-97E1-11E9DA5129A0}.dll
C:\Users\Jana\AppData\Local\Temp\{47390B7E-C8E9-4D3F-B65B-4C38E653629A}.dll
C:\Users\Jana\AppData\Local\Temp\{5B167D88-72EF-4153-9D50-DD592390B26F}.dll
C:\Users\Jana\AppData\Local\Temp\{5C3D0419-A914-443F-8744-C6DE06191F36}.dll
C:\Users\Jana\AppData\Local\Temp\{68057713-C635-4B05-8A53-0B7B2B6B04BD}.dll
C:\Users\Jana\AppData\Local\Temp\{8248485F-EEA1-4D42-B68A-D84AD9F473F9}.dll
C:\Users\Jana\AppData\Local\Temp\{85907482-3E73-4EE0-B1E3-5638CE3EA640}.dll
C:\Users\Jana\AppData\Local\Temp\{8FADBBC5-95B7-48C5-B8E8-8D524E9C89FE}.dll
C:\Users\Jana\AppData\Local\Temp\{B696CF9B-7456-4747-9BF7-CA54C54CCEA6}.dll
C:\Users\Jana\AppData\Local\Temp\{C3703C5A-BF34-4228-9967-F246656CDE7C}.dll
C:\Users\Jana\AppData\Local\Temp\{DD3FD0F5-E0B7-4808-82C8-60200161501F}.dll
C:\Users\Jana\AppData\Local\Temp\{ED02CA7F-F840-476B-84D6-21EEEB32A6A1}.dll
C:\Users\Jana\AppData\Local\Temp\{FD9AF4B3-980F-4702-AF48-FC51A26A4529}.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-02-21 18:31

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:91.26 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:207.28 GB) NTFS

Available physical RAM: 2306.32 MB
Total physical RAM: 4003.76 MB
Percentage of memory in use: 42%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9E82D916)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jana\Desktop" je 155 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface
"C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

jask · #7 Příspěvek od **jask** » 03 bře 2016 22:46

tady je log frst

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-03-2016
Ran by Jana (administrator) on JANA-TOSH (03-03-2016 22:42:45)
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana (Available Profiles: Jana)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosAVRC.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosOBEX.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\tosBtProc.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(forum.viry.cz) C:\Users\Jana\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566696 2011-03-02] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [973176 2010-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710040 2010-12-08] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-05-03] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-09-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248 2011-01-07] (Nero AG)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [532480 2010-11-09] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-16] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139768 2016-02-20] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [Windows] => C:\Users\Public\Windows\run.vbs [76 2014-04-19] ()
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-03-02] (SUPERAntiSpyware)
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-18\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [845176 2011-02-18] (TOSHIBA)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-20] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2014-05-24]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk [2011-05-03]
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2011-05-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2016-03-03]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-169495403-3244652656-2952094556-1000] => http=127.0.0.1:52585;https=127.0.0.1:52585
Tcpip\Parameters: [DhcpNameServer] 10.0.0.22 77.48.100.254
Tcpip\..\Interfaces\{B8041227-3E8A-4206-9B19-CF226DF7174A}: [DhcpNameServer] 10.0.0.22 77.48.100.254
Tcpip\..\Interfaces\{E2D80CFB-D6CA-43D1-83EB-F8D159B1C896}: [DhcpNameServer] 46.252.224.18 8.8.8.8
ManualProxies: 1http=127.0.0.1:52585;https=127.0.0.1:52585

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/places?touch=4&cat=1
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.viry.cz/
URLSearchHook: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {243329F3-99E6-4845-B0B5-A670043D2F54} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {0694D8A4-5CDC-4992-9D13-815C11178B53} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {0C5F344C-7BB4-49B0-AA36-469B7ABF8E97} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {181D6206-208E-4259-A70F-65EC6874E45D} URL = hxxp://www.amazon.co.uk/gp/search?ie=UTF8&keyw ... nkCode=ur2
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {1D80E9EA-F3DA-4B8C-A8CB-3DDFB08C02C3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {243329F3-99E6-4845-B0B5-A670043D2F54} URL =
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {32393742-6038-475F-A244-C1EE5C647CC6} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {3CD1AEDF-434C-4FAD-85EB-15DA2C96B566} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {4BB7C6C0-C5F0-44E7-8F38-2D241D662F17} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11433
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {54C6FA14-A19B-47B5-82A2-CF571BF63EB0} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {5C10703D-C2F2-48A5-A914-1359EE18BA0B} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {737AED41-FC1A-475C-8F4F-ABEC20C33644} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {914EB8B9-5590-4E3C-BE4D-E9CAFA078450} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {E72F9919-8D5F-44F3-A652-1C2DD0561478} URL = hxxp://rover.ebay.com/rover/1/710-71511-9400-6/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {F0CEABAF-0336-42C8-94CA-7AD98FA8E2C4} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-02-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-20] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-21] (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-12-05] (<TOSHIBA>)
Toolbar: HKLM - No Name - {C457D7A4-8720-42C1-9536-F74F4616FDAC} - No File
DPF: HKLM-x32 {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/update ... .203.0.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-25] (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @eximion.com/KalydoPlayer -> C:\Users\Jana\AppData\Roaming\Kalydo\KalydoPlayer\bin2\npkalydo.dll [2013-03-05] (Eximion B.V.)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @nsroblox.roblox.com/launcher -> C:\Users\Jana\AppData\Local\Roblox\Versions\version-3c333d16b2ee4af9\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @nsroblox.roblox.com/launcher64 -> C:\Users\Jana\AppData\Local\Roblox\Versions\version-3c333d16b2ee4af9\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jana\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-20]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-02-20]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR HomePage: Default -> hxxp://seznam.cz/
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbcwgIVwgQRxhAeFwNTA1CEwIOeQgBUxRGFwwUcVoBVAFDFQUFIk0FA1oDB0VXfV5bFElXTwhgIU1dE1wVVVp6L0w="
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Vyhledávání Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Avast Online Security) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-03-02]
CHR Extension: (Skype) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-10]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-03]
CHR HKLM-x32\...\Chrome\Extension: [dkmjljdbbgogihjcapfhgkonfmccbffp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-20] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-02-25] (McAfee, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3472368 2014-12-01] (INCA Internet Co., Ltd.)
S2 psrem02; C:\Windows\system32\psrem02.exe [606328 2006-05-11] (Protection Technology)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-02-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1065720 2016-02-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-23] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-20] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
R0 psdrv02; C:\Windows\System32\drivers\psdrv02.sys [74616 2006-09-11] (Protection Technology)
R0 pssync05; C:\Windows\System32\drivers\pssync05.sys [80768 2006-11-03] (Protection Technology)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 cpuz134; \??\C:\Users\Jana\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-03 22:42 - 2016-03-03 22:42 - 00028336 _____ C:\Users\Jana\Desktop\FRST.txt
2016-03-03 22:37 - 2016-03-03 22:37 - 00112640 _____ (forum.viry.cz) C:\Users\Jana\Downloads\FRSTLauncher (1).exe
2016-03-03 22:37 - 2016-03-03 22:37 - 00112640 _____ (forum.viry.cz) C:\Users\Jana\Desktop\FRSTLauncher.exe
2016-03-03 14:16 - 2016-03-03 14:16 - 00010914 _____ C:\Users\Jana\Desktop\Addition.rar
2016-03-03 13:06 - 2016-03-03 21:54 - 00000000 ____D C:\AdwCleaner
2016-03-03 12:54 - 2016-03-03 12:54 - 01518592 _____ C:\Users\Jana\Desktop\adwcleaner_5.037.exe
2016-03-03 01:22 - 2016-03-03 01:22 - 00093230 _____ C:\Users\Jana\Desktop\Shortcut.txt
2016-03-03 01:17 - 2016-03-03 22:42 - 00000000 ____D C:\FRST
2016-03-03 01:15 - 2016-03-03 01:15 - 02371584 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2016-03-03 00:33 - 2016-03-03 00:33 - 00007404 _____ C:\Users\Jana\Documents\cc_20160303_003348.reg
2016-03-03 00:20 - 2016-03-03 00:20 - 00002026 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2016-03-03 00:10 - 2016-03-03 00:10 - 00007434 _____ C:\Users\Jana\Documents\startup.txt
2016-03-02 23:50 - 2016-03-02 23:50 - 00013670 _____ C:\Users\Jana\Documents\cc_20160302_235027.reg
2016-02-21 15:16 - 2016-02-21 15:17 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\TOSHIBA Bulletin Board
2016-02-21 15:03 - 2016-02-21 15:03 - 00001895 _____ C:\Users\Public\Desktop\Battery Check Utility.lnk
2016-02-21 14:57 - 2016-02-21 14:57 - 00000000 ____D C:\Users\Jana\AppData\Roaming\WinBatch
2016-02-21 14:33 - 2016-02-21 14:33 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Sun
2016-02-21 14:33 - 2016-02-21 14:33 - 00000000 ____D C:\Users\Jana\.oracle_jre_usage
2016-02-21 14:31 - 2016-02-21 14:31 - 00000000 ____D C:\Users\Jana\AppData\LocalLow\Oracle
2016-02-20 23:20 - 2016-02-20 23:20 - 00004570 _____ C:\Users\Jana\Documents\cc_20160220_232046.reg
2016-02-20 22:02 - 2016-02-20 22:02 - 00003234 _____ C:\Users\Jana\Documents\cc_20160220_220243.reg
2016-02-20 16:21 - 2016-02-20 16:13 - 00398152 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-02-20 16:18 - 2016-02-20 16:18 - 05206896 _____ (AVAST Software) C:\Users\Jana\Downloads\avast_free_antivirus_setup_online.exe
2016-02-20 16:14 - 2016-03-02 22:02 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-02-20 16:14 - 2016-02-23 17:05 - 00463744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-02-20 16:14 - 2016-02-20 16:22 - 00287016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-02-20 16:14 - 2016-02-20 16:22 - 00001929 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Users\Jana\AppData\Roaming\AVAST Software
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-02-20 16:14 - 2016-02-20 16:14 - 00000000 ____D C:\Program Files\Common Files\AV
2016-02-20 16:14 - 2016-02-20 16:13 - 01065720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00165344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00107792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-02-20 16:14 - 2016-02-20 16:13 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-02-20 16:13 - 2016-02-20 16:13 - 00052184 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-02-20 16:12 - 2016-02-20 16:12 - 00000000 ____D C:\ProgramData\AVAST Software
2016-02-20 16:12 - 2016-02-20 16:12 - 00000000 ____D C:\Program Files\AVAST Software
2016-02-20 15:31 - 2016-02-20 15:31 - 00011990 _____ C:\Users\Jana\Documents\cc_20160220_153131.reg
2016-02-13 14:40 - 2016-01-16 20:01 - 02085888 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-13 14:40 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-02-13 14:18 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-13 14:18 - 2016-02-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-13 14:18 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-13 14:18 - 2016-02-06 11:11 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-13 14:18 - 2016-02-06 11:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-13 14:18 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-13 14:18 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-02-13 14:18 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-13 14:18 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-02-13 14:18 - 2016-02-06 10:37 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-02-13 14:18 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-13 14:18 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-13 14:18 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-13 14:18 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-13 14:17 - 2016-01-22 21:31 - 00387784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-13 14:17 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-13 14:17 - 2016-01-22 07:56 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-13 14:17 - 2016-01-22 07:41 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-13 14:17 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-13 14:17 - 2016-01-22 07:40 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-13 14:17 - 2016-01-22 07:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-13 14:17 - 2016-01-22 07:32 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-13 14:17 - 2016-01-22 07:27 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-13 14:17 - 2016-01-22 07:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-13 14:17 - 2016-01-22 07:17 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-13 14:17 - 2016-01-22 07:09 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-13 14:17 - 2016-01-22 07:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-13 14:17 - 2016-01-22 07:04 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-13 14:17 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-13 14:17 - 2016-01-22 07:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-13 14:17 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-02-13 14:17 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-02-13 14:17 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-02-13 14:17 - 2016-01-22 07:00 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-13 14:17 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-02-13 14:17 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-02-13 14:17 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-02-13 14:17 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-13 14:17 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-02-13 14:17 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-13 14:17 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-13 14:17 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-13 14:17 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-02-13 14:17 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-02-13 14:17 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-02-13 14:17 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-02-13 14:17 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-13 14:17 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-02-13 14:17 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-02-13 14:17 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-02-13 14:17 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-13 14:17 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-13 14:17 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-13 14:17 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-02-13 14:17 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-13 14:17 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-13 14:17 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-13 14:17 - 2016-01-07 18:42 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-13 14:17 - 2016-01-06 20:02 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-13 14:17 - 2016-01-06 20:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-13 14:17 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2016-02-13 14:16 - 2016-01-22 07:40 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-13 14:16 - 2016-01-22 07:40 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-13 14:16 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-13 14:16 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-13 14:16 - 2016-01-22 07:27 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-13 14:16 - 2016-01-22 07:05 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-13 14:16 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-13 14:16 - 2016-01-22 06:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-13 14:16 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-13 14:16 - 2016-01-07 18:53 - 03211776 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-13 14:14 - 2016-01-22 07:27 - 05573056 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-13 14:14 - 2016-01-22 07:27 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-13 14:14 - 2016-01-22 07:27 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-13 14:14 - 2016-01-22 07:24 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-13 14:14 - 2016-01-22 07:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-02-13 14:14 - 2016-01-22 07:19 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-13 14:14 - 2016-01-22 07:19 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-13 14:14 - 2016-01-22 07:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-13 14:14 - 2016-01-22 07:18 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-13 14:14 - 2016-01-22 07:18 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-13 14:14 - 2016-01-22 07:18 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-02-13 14:14 - 2016-01-22 07:17 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-13 14:14 - 2016-01-22 07:17 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-13 14:14 - 2016-01-22 07:17 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-13 14:14 - 2016-01-22 07:16 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-13 14:14 - 2016-01-22 07:15 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-13 14:14 - 2016-01-22 07:15 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-13 14:14 - 2016-01-22 07:15 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-13 14:14 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-02-13 14:14 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-02-13 14:14 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-13 14:14 - 2016-01-22 07:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-13 14:14 - 2016-01-22 07:13 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 07:09 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-02-13 14:14 - 2016-01-22 07:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-02-13 14:14 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-02-13 14:14 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-02-13 14:14 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-13 14:14 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-13 14:14 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-02-13 14:14 - 2016-01-22 06:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-13 14:14 - 2016-01-22 06:07 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-13 14:14 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-02-13 14:14 - 2016-01-22 06:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-13 14:14 - 2016-01-22 05:59 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-13 14:14 - 2016-01-22 05:58 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-13 14:14 - 2016-01-22 05:58 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-13 14:14 - 2016-01-22 05:57 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-13 14:14 - 2016-01-22 05:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-13 14:14 - 2016-01-22 05:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-02-13 14:14 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-02-13 14:13 - 2016-01-22 07:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-13 14:13 - 2016-01-22 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-02-13 14:13 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:53 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-02-13 14:13 - 2016-01-22 05:53 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-02-13 14:13 - 2016-01-22 05:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-02-13 14:13 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-02-13 14:13 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-03 22:05 - 2009-07-14 05:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-03 22:05 - 2009-07-14 05:45 - 00025120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-03 22:01 - 2011-02-14 09:37 - 00631526 _____ C:\Windows\system32\perfh005.dat
2016-03-03 22:01 - 2011-02-14 09:37 - 00122148 _____ C:\Windows\system32\perfc005.dat
2016-03-03 22:01 - 2009-07-14 06:13 - 01470298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-03 22:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-03-03 22:00 - 2014-05-11 12:38 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-03 22:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2016-03-03 21:56 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-03 21:46 - 2014-07-10 20:18 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-03 17:27 - 2011-05-03 10:02 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-03 17:27 - 2009-07-14 06:08 - 00032564 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-03 13:46 - 2014-04-12 16:52 - 00000000 ____D C:\Users\Jana\AppData\Local\CrashDumps
2016-03-03 11:30 - 2011-05-03 10:02 - 00000000 ____D C:\ProgramData\McAfee
2016-03-03 11:28 - 2015-10-09 17:18 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1444407479
2016-03-03 11:28 - 2015-10-09 17:17 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-03 01:45 - 2011-10-23 10:22 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Skype
2016-03-03 00:22 - 2014-07-10 20:18 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-03 00:20 - 2011-05-03 09:51 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2016-03-03 00:05 - 2014-11-26 16:00 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-03 00:05 - 2014-07-10 20:18 - 00000000 ____D C:\Program Files\Google
2016-03-02 23:37 - 2014-07-10 20:18 - 00000000 ____D C:\Users\Jana\AppData\Local\Google
2016-02-23 17:43 - 2014-04-26 17:56 - 00000000 ____D C:\Users\Jana\AppData\Roaming\.minecraft
2016-02-23 17:35 - 2014-04-26 17:35 - 00000000 ____D C:\Users\Jana\GSplay
2016-02-21 15:07 - 2011-10-23 10:01 - 00000000 ____D C:\Users\Jana\AppData\Local\VirtualStore
2016-02-21 15:03 - 2011-05-03 09:42 - 00000000 ____D C:\Program Files (x86)\TOSHIBA
2016-02-21 15:03 - 2011-05-03 09:37 - 00000000 ____D C:\Program Files\TOSHIBA
2016-02-21 14:58 - 2011-05-03 09:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2016-02-21 14:51 - 2014-06-15 05:46 - 00000000 ____D C:\Users\Jana\AppData\Local\ElevatedDiagnostics
2016-02-21 14:33 - 2011-10-23 10:41 - 00000000 ____D C:\Users\Jana
2016-02-21 14:32 - 2014-04-26 17:34 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-21 14:32 - 2014-04-26 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-21 14:32 - 2011-05-03 09:37 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-21 14:05 - 2015-10-09 17:19 - 00000000 ____D C:\Program Files (x86)\7-Zip
2016-02-20 22:51 - 2014-06-15 20:02 - 00000000 ____D C:\ProgramData\HappyCloud
2016-02-20 21:40 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-02-20 21:39 - 2011-05-03 10:02 - 00000000 ____D C:\Program Files\mcafee
2016-02-20 16:57 - 2011-10-23 10:30 - 00000000 ____D C:\Users\Jana\AppData\Roaming\Adobe
2016-02-20 16:57 - 2011-05-03 09:51 - 00000000 ____D C:\ProgramData\Adobe
2016-02-20 16:56 - 2014-07-13 20:23 - 00000000 ____D C:\Users\Jana\AppData\Local\Adobe
2016-02-20 16:55 - 2015-04-18 19:17 - 00000000 ____D C:\Users\Jana\AppData\Roaming\gtyt5r8wcgT
2016-02-20 16:28 - 2014-04-27 05:57 - 00000003 _____ C:\Users\Jana\stut
2016-02-20 16:10 - 2010-11-21 03:50 - 00000000 ____D C:\Users\Administrator
2016-02-14 11:57 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-02-14 10:56 - 2009-07-14 05:45 - 00413168 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-14 10:52 - 2010-11-21 08:17 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-14 10:27 - 2013-08-15 21:52 - 00000000 ____D C:\Windows\system32\MRT
2016-02-14 10:27 - 2011-11-13 10:28 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-10 18:46 - 2014-07-10 20:18 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 18:46 - 2013-08-19 19:19 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 18:46 - 2013-08-19 19:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

Some files in TEMP:
====================
C:\Users\Jana\AppData\Local\Temp\sqlite3.dll
C:\Users\Jana\AppData\Local\Temp\{2F443655-794C-4CD7-97E1-11E9DA5129A0}.dll
C:\Users\Jana\AppData\Local\Temp\{47390B7E-C8E9-4D3F-B65B-4C38E653629A}.dll
C:\Users\Jana\AppData\Local\Temp\{5B167D88-72EF-4153-9D50-DD592390B26F}.dll
C:\Users\Jana\AppData\Local\Temp\{5C3D0419-A914-443F-8744-C6DE06191F36}.dll
C:\Users\Jana\AppData\Local\Temp\{68057713-C635-4B05-8A53-0B7B2B6B04BD}.dll
C:\Users\Jana\AppData\Local\Temp\{8248485F-EEA1-4D42-B68A-D84AD9F473F9}.dll
C:\Users\Jana\AppData\Local\Temp\{85907482-3E73-4EE0-B1E3-5638CE3EA640}.dll
C:\Users\Jana\AppData\Local\Temp\{8FADBBC5-95B7-48C5-B8E8-8D524E9C89FE}.dll
C:\Users\Jana\AppData\Local\Temp\{B696CF9B-7456-4747-9BF7-CA54C54CCEA6}.dll
C:\Users\Jana\AppData\Local\Temp\{C3703C5A-BF34-4228-9967-F246656CDE7C}.dll
C:\Users\Jana\AppData\Local\Temp\{DD3FD0F5-E0B7-4808-82C8-60200161501F}.dll
C:\Users\Jana\AppData\Local\Temp\{ED02CA7F-F840-476B-84D6-21EEEB32A6A1}.dll
C:\Users\Jana\AppData\Local\Temp\{FD9AF4B3-980F-4702-AF48-FC51A26A4529}.dll

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-02-21 18:31

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:91.26 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:207.28 GB) NTFS

Available physical RAM: 2306.32 MB
Total physical RAM: 4003.76 MB
Percentage of memory in use: 42%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9E82D916)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jana\Desktop" je 155 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Akamai NetSession Interface
"C:\Users\Jana\AppData\Local\Akamai\netsession_win.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce
"C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#8 Příspěvek od **Rudy** » 04 bře 2016 18:59

Postačí ho dát jednou.

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {243329F3-99E6-4845-B0B5-A670043D2F54} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {3CD1AEDF-434C-4FAD-85EB-15DA2C96B566} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Toolbar: HKLM - No Name - {C457D7A4-8720-42C1-9536-F74F4616FDAC} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jana\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
C:\Users\Jana\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

jask · #9 Příspěvek od **jask** » 04 bře 2016 21:01

tady je fixlog
Fix result of Farbar Recovery Scan Tool (x64) Version:04-03-2016
Ran by Jana (2016-03-04 20:55:29) Run:1
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana (Available Profiles: Jana)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {243329F3-99E6-4845-B0B5-A670043D2F54} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-169495403-3244652656-2952094556-1000 -> {3CD1AEDF-434C-4FAD-85EB-15DA2C96B566} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
C:\Program Files (x86)\Skype\Toolbars
Toolbar: HKLM - No Name - {C457D7A4-8720-42C1-9536-F74F4616FDAC} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-169495403-3244652656-2952094556-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jana\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
C:\Users\Jana\AppData\Local\Temp
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch" => key removed successfully
HKCR\CLSID\OldSearch => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{243329F3-99E6-4845-B0B5-A670043D2F54}" => key removed successfully
HKCR\Wow6432Node\CLSID\{243329F3-99E6-4845-B0B5-A670043D2F54} => key not found.
"HKU\S-1-5-21-169495403-3244652656-2952094556-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3CD1AEDF-434C-4FAD-85EB-15DA2C96B566}" => key removed successfully
HKCR\CLSID\{3CD1AEDF-434C-4FAD-85EB-15DA2C96B566} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
C:\Program Files (x86)\Skype\Toolbars => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{C457D7A4-8720-42C1-9536-F74F4616FDAC} => value removed successfully
HKCR\CLSID\{C457D7A4-8720-42C1-9536-F74F4616FDAC} => key not found.
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKU\S-1-5-21-169495403-3244652656-2952094556-1000\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0" => key removed successfully
C:\Users\Jana\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => not found.
Chrome RestoreOnStartup => removed successfully
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => service removed successfully

"C:\Users\Jana\AppData\Local\Temp" folder move:

Could not move "C:\Users\Jana\AppData\Local\Temp" => Scheduled to move on reboot.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-04 20:57:33)

C:\Users\Jana\AppData\Local\Temp => moved successfully

==== End of Fixlog 20:57:33 ====

#10 Příspěvek od **Rudy** » 04 bře 2016 22:00

Smazáno. Nastala nějaká změna?

jask · #11 Příspěvek od **jask** » 04 bře 2016 22:20

myslím, že je to v pořádku, děkuji za pomoc.

#12 Příspěvek od **Rudy** » 04 bře 2016 22:31

Nemáte zač!

VIRY.CZ

Trojan.Agent-Gen-Kazy, Dropper

Trojan.Agent-Gen-Kazy, Dropper

Re: Trojan.Agent-Gen-Kazy, Dropper

Re: Trojan.Agent-Gen-Kazy, Dropper

Re: Trojan.Agent-Gen-Kazy, Dropper

Re: Trojan.Agent-Gen-Kazy, Dropper

Re: Trojan.Agent-Gen-Kazy, Dropper

Re: Trojan.Agent-Gen-Kazy, Dropper

Re: Trojan.Agent-Gen-Kazy, Dropper

Re: Trojan.Agent-Gen-Kazy, Dropper

Re: Trojan.Agent-Gen-Kazy, Dropper

Re: Trojan.Agent-Gen-Kazy, Dropper

Re: Trojan.Agent-Gen-Kazy, Dropper