Stahoval jsem rozšíření pro jeden program, a ač odkaz byl na oficiálních stránkách, vedl na stránku, kde jsem si nevšiml napoprvé zaškrtávátka říkajícího že se stáhne i secure balík.
Stáhl se free Norton sken + jedna nepříjemnost, objevuje se pravidelně okénko vybízející k registraci do hry Imperia Online.
Nemohu najít co konkrétně to spouští.
AdwCleaner nepomohl.
Logfile of random's system information tool 1.10 (written by random/random)
Run by xx at 2016-04-17 10:33:30
Microsoft Windows 10 Home
System drive C: has 79 GB (11%) free of 707 GB
Total RAM: 3579 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:33:40, on 17.4.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)
Boot mode: Normal
Running processes:
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
C:\Users\xx\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\WINDOWS\system32\svchost.exe
C:\Portable\ProcessExplorer\procexp.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Opera\36.0.2130.65\opera.exe
C:\Program Files\Opera\36.0.2130.65\opera_crashreporter.exe
C:\Program Files\Opera\36.0.2130.65\opera.exe
C:\Program Files\Opera\36.0.2130.65\opera.exe
C:\Program Files\Opera\36.0.2130.65\opera.exe
C:\Program Files\Opera\36.0.2130.65\opera.exe
C:\Program Files\Opera\36.0.2130.65\opera.exe
C:\Program Files\Opera\36.0.2130.65\opera.exe
C:\Program Files\Opera\36.0.2130.65\opera.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Portable\RSIT.exe
C:\Program Files\trend micro\xx.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\xx\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe
O23 - Service: Služba Kaspersky Anti-Virus 16.0.0 (AVP16.0.0) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
O23 - Service: Služba Google Update (gupdate1caeab72b9785e1) (gupdate1caeab72b9785e1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
--
End of file - 7372 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe -check pepperplugin
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\lynva8w7.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3, {6F0976E6-26F3-4AFE-BBEC-9E99E27E4DF3}:1.4.14, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, wrc@avast.com:20110101, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15"
"light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.213 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nullsoft.com/winampDetector;version=1]
"Description"=Winamp Detector
"Path"=C:\Program Files\Winamp Detect\npwachk.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
npyaxmpb.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\lynva8w7.default\searchplugins\
bing-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-22 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06 584664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-22 172968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22 194504]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06 584664]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-12-25 8129056]
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [2015-11-04 748744]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe []
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe /autoRun []
"HydraVisionDesktopManager"=C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [2010-02-02 385024]
"OneDrive"=C:\Users\xx\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-07 382144]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-08-09 113024]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=28
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"msacm.siren"=sirenacm.dll
"VIDC.FMVC"=fmcodec.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-04-13 10:51:52 ----D---- C:\WINDOWS\PCHEALTH
2016-04-13 10:39:52 ----A---- C:\WINDOWS\system32\atmfd.dll
2016-04-13 10:39:51 ----A---- C:\WINDOWS\system32\wininetlui.dll
2016-04-13 10:39:51 ----A---- C:\WINDOWS\system32\win32kbase.sys
2016-04-13 10:39:51 ----A---- C:\WINDOWS\system32\urlmon.dll
2016-04-13 10:39:51 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 10:39:50 ----A---- C:\WINDOWS\system32\win32kfull.sys
2016-04-13 10:39:50 ----A---- C:\WINDOWS\system32\storewuauth.dll
2016-04-13 10:39:50 ----A---- C:\WINDOWS\system32\SRH.dll
2016-04-13 10:39:50 ----A---- C:\WINDOWS\system32\kerberos.dll
2016-04-13 10:39:50 ----A---- C:\WINDOWS\system32\ieframe.dll
2016-04-13 10:39:49 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 10:39:48 ----A---- C:\WINDOWS\system32\wuaueng.dll
2016-04-13 10:39:48 ----A---- C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 10:39:48 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 10:39:47 ----A---- C:\WINDOWS\system32\mshtml.dll
2016-04-13 10:39:47 ----A---- C:\WINDOWS\system32\lsasrv.dll
2016-04-13 10:39:47 ----A---- C:\WINDOWS\system32\jsproxy.dll
2016-04-13 10:39:44 ----A---- C:\WINDOWS\system32\wininet.dll
2016-04-13 10:39:43 ----A---- C:\WINDOWS\system32\edgehtml.dll
2016-04-13 10:39:36 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 10:39:33 ----A---- C:\WINDOWS\system32\twinui.dll
2016-04-13 10:39:33 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2016-04-13 10:39:32 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 10:39:32 ----A---- C:\WINDOWS\system32\InputService.dll
2016-04-13 10:39:31 ----A---- C:\WINDOWS\system32\Chakra.dll
2016-04-13 10:39:30 ----A---- C:\WINDOWS\system32\wwansvc.dll
2016-04-13 10:39:30 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 10:39:29 ----A---- C:\WINDOWS\system32\BingMaps.dll
2016-04-13 10:39:28 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 10:39:28 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 10:39:26 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 10:39:26 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 10:39:25 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 10:39:25 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 10:39:25 ----A---- C:\WINDOWS\system32\dwmcore.dll
2016-04-13 10:39:25 ----A---- C:\WINDOWS\system32\dosvc.dll
2016-04-13 10:39:25 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 10:39:24 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 10:39:24 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 10:39:24 ----A---- C:\WINDOWS\system32\esent.dll
2016-04-13 10:39:24 ----A---- C:\WINDOWS\system32\audiosrv.dll
2016-04-13 10:39:23 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 10:39:23 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 10:39:23 ----A---- C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 10:39:23 ----A---- C:\WINDOWS\system32\MapsStore.dll
2016-04-13 10:39:23 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 10:39:23 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 10:39:23 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 10:39:22 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 10:39:22 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 10:39:22 ----A---- C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 10:39:21 ----A---- C:\WINDOWS\system32\winload.exe
2016-04-13 10:39:21 ----A---- C:\WINDOWS\system32\fontsub.dll
2016-04-13 10:39:21 ----A---- C:\WINDOWS\system32\atmlib.dll
2016-04-13 10:39:20 ----A---- C:\WINDOWS\system32\winresume.exe
2016-04-13 10:39:20 ----A---- C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 10:39:20 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 10:39:20 ----A---- C:\WINDOWS\system32\fveapi.dll
2016-04-13 10:39:20 ----A---- C:\WINDOWS\system32\bisrv.dll
2016-04-13 10:39:19 ----A---- C:\WINDOWS\system32\StorSvc.dll
2016-04-13 10:39:19 ----A---- C:\WINDOWS\system32\SensorService.dll
2016-04-13 10:39:19 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 10:39:19 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 10:39:19 ----A---- C:\WINDOWS\system32\audiodg.exe
2016-04-13 10:39:19 ----A---- C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 10:39:18 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 10:39:18 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 10:39:18 ----A---- C:\WINDOWS\system32\RDXService.dll
2016-04-13 10:39:18 ----A---- C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 10:39:18 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 10:39:18 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 10:39:17 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 10:39:17 ----A---- C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 10:39:17 ----A---- C:\WINDOWS\system32\msv1_0.dll
2016-04-13 10:39:16 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 10:39:16 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 10:39:13 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 10:39:13 ----A---- C:\WINDOWS\system32\msxml3.dll
2016-04-13 10:39:13 ----A---- C:\WINDOWS\system32\msi.dll
2016-04-13 10:39:13 ----A---- C:\WINDOWS\system32\moshostcore.dll
2016-04-13 10:39:13 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 10:39:12 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 10:39:12 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 10:39:12 ----A---- C:\WINDOWS\system32\policymanager.dll
2016-04-13 10:39:12 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 10:39:12 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2016-04-13 10:39:12 ----A---- C:\WINDOWS\system32\drivers\http.sys
2016-04-13 10:39:11 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 10:39:11 ----A---- C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 10:39:11 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 10:39:11 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 10:39:11 ----A---- C:\WINDOWS\system32\dnsapi.dll
2016-04-13 10:39:11 ----A---- C:\WINDOWS\system32\bdesvc.dll
2016-04-13 10:39:10 ----A---- C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 10:39:10 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 10:39:10 ----A---- C:\WINDOWS\system32\samsrv.dll
2016-04-13 10:39:10 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 10:39:10 ----A---- C:\WINDOWS\system32\msorcl32.dll
2016-04-13 10:39:10 ----A---- C:\WINDOWS\system32\MosStorage.dll
2016-04-13 10:39:10 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2016-04-13 10:39:10 ----A---- C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 10:39:09 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 10:39:07 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 10:39:07 ----A---- C:\WINDOWS\system32\profsvc.dll
2016-04-13 10:39:07 ----A---- C:\WINDOWS\system32\ncbservice.dll
2016-04-13 10:39:07 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2016-04-13 10:39:07 ----A---- C:\WINDOWS\system32\drivers\dfsc.sys
2016-04-13 10:39:06 ----A---- C:\WINDOWS\system32\srvcli.dll
2016-04-13 10:39:06 ----A---- C:\WINDOWS\system32\omadmapi.dll
2016-04-13 10:39:06 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2016-04-13 10:39:06 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 10:39:05 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 10:39:05 ----A---- C:\WINDOWS\system32\netapi32.dll
2016-04-13 10:39:05 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 10:39:04 ----A---- C:\WINDOWS\system32\wuapi.dll
2016-04-13 10:39:04 ----A---- C:\WINDOWS\system32\wkscli.dll
2016-04-13 10:39:04 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 10:39:04 ----A---- C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 10:39:04 ----A---- C:\WINDOWS\system32\easinvoker.exe
2016-04-13 10:39:04 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2016-04-13 10:39:03 ----A---- C:\WINDOWS\system32\WSDApi.dll
2016-04-13 10:39:03 ----A---- C:\WINDOWS\system32\iuilp.dll
2016-04-13 10:39:03 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2016-04-13 10:39:03 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2016-04-13 10:39:03 ----A---- C:\WINDOWS\system32\BFE.DLL
2016-04-13 10:39:02 ----A---- C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 10:39:02 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 10:39:02 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 10:39:02 ----A---- C:\WINDOWS\system32\oleacc.dll
2016-04-13 10:39:02 ----A---- C:\WINDOWS\system32\fveui.dll
2016-04-13 10:39:02 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2016-04-13 10:39:02 ----A---- C:\WINDOWS\system32\dmcsps.dll
2016-04-13 10:39:02 ----A---- C:\WINDOWS\system32\dafBth.dll
2016-04-13 10:39:01 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 10:39:01 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 10:39:01 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 10:39:00 ----A---- C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 10:39:00 ----A---- C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 10:39:00 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2016-04-13 10:39:00 ----A---- C:\WINDOWS\system32\browserbroker.dll
2016-04-13 10:39:00 ----A---- C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 10:38:59 ----A---- C:\WINDOWS\system32\ieproxy.dll
2016-04-13 10:38:59 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 10:38:59 ----A---- C:\WINDOWS\system32\credprovhost.dll
2016-04-13 10:38:58 ----A---- C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 10:38:58 ----A---- C:\WINDOWS\system32\win32spl.dll
2016-04-13 10:38:58 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 10:38:58 ----A---- C:\WINDOWS\system32\SyncController.dll
2016-04-13 10:38:58 ----A---- C:\WINDOWS\system32\browcli.dll
2016-04-13 10:38:58 ----A---- C:\WINDOWS\system32\basesrv.dll
2016-04-13 10:38:57 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 10:38:57 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 10:38:57 ----A---- C:\WINDOWS\system32\fvewiz.dll
2016-04-13 10:38:57 ----A---- C:\WINDOWS\system32\FontProvider.dll
2016-04-13 10:38:57 ----A---- C:\WINDOWS\system32\easwrt.dll
2016-04-13 10:38:57 ----A---- C:\WINDOWS\system32\browser.dll
2016-04-13 10:38:56 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 10:38:56 ----A---- C:\WINDOWS\system32\fvecpl.dll
2016-04-13 10:38:56 ----A---- C:\WINDOWS\system32\drivers\serial.sys
2016-04-13 10:38:55 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 10:38:55 ----A---- C:\WINDOWS\system32\tbauth.dll
2016-04-13 10:38:55 ----A---- C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 10:38:55 ----A---- C:\WINDOWS\system32\moshost.dll
2016-04-13 10:38:55 ----A---- C:\WINDOWS\system32\mos.dll
2016-04-13 10:38:55 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2016-04-13 10:38:55 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 10:38:54 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 10:38:54 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 10:38:54 ----A---- C:\WINDOWS\system32\samlib.dll
2016-04-13 10:38:54 ----A---- C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 10:38:54 ----A---- C:\WINDOWS\system32\NMAA.dll
2016-04-13 10:38:54 ----A---- C:\WINDOWS\system32\mtxoci.dll
2016-04-13 10:38:54 ----A---- C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 10:38:54 ----A---- C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 10:38:54 ----A---- C:\WINDOWS\system32\fveapibase.dll
2016-04-13 10:38:54 ----A---- C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 10:38:54 ----A---- C:\WINDOWS\system32\actxprxy.dll
2016-04-13 10:38:53 ----A---- C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 10:38:53 ----A---- C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 10:38:52 ----A---- C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 10:38:51 ----A---- C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 10:38:51 ----A---- C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 10:38:51 ----A---- C:\WINDOWS\system32\AppCapture.dll
2016-04-13 10:38:49 ----A---- C:\WINDOWS\system32\MTF.dll
2016-04-12 09:54:04 ----D---- C:\Program Files\Mozilla Firefox
2016-04-05 01:08:44 ----D---- C:\Program Files\Common Files\Symantec Shared
2016-04-05 01:06:13 ----D---- C:\ProgramData\Norton
2016-04-05 01:06:11 ----D---- C:\ProgramData\NortonInstaller
2016-04-05 01:05:14 ----D---- C:\Users\xx\AppData\Roaming\ImperiaOnline
2016-03-29 14:52:00 ----AD---- C:\Program Files\Common Files\Skype
2016-03-23 14:43:11 ----AH---- C:\WINDOWS\system32\drivers\PROCMON23.SYS
======List of files/folders modified in the last 1 month======
2016-04-17 10:33:37 ----D---- C:\WINDOWS\Prefetch
2016-04-17 10:33:34 ----D---- C:\Program Files\trend micro
2016-04-17 10:33:15 ----D---- C:\Portable
2016-04-17 10:30:11 ----D---- C:\ProgramData\Kaspersky Lab
2016-04-17 10:15:11 ----D---- C:\WINDOWS\Temp
2016-04-17 10:14:00 ----D---- C:\Program Files\SpeedFan
2016-04-16 21:45:48 ----D---- C:\Users\xx\AppData\Roaming\Skype
2016-04-16 19:02:03 ----D---- C:\WINDOWS\Microsoft.NET
2016-04-16 10:56:27 ----RD---- C:\WINDOWS\assembly
2016-04-16 10:43:09 ----D---- C:\WINDOWS\AppReadiness
2016-04-16 10:43:04 ----HD---- C:\Program Files\WindowsApps
2016-04-16 01:10:15 ----D---- C:\WINDOWS\system32\Tasks
2016-04-15 10:43:00 ----D---- C:\WINDOWS\system32\sru
2016-04-15 09:48:00 ----D---- C:\WINDOWS\system32\config
2016-04-15 09:45:43 ----D---- C:\WINDOWS\System32
2016-04-15 09:45:43 ----D---- C:\WINDOWS\INF
2016-04-15 09:45:43 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-15 09:39:45 ----D---- C:\WINDOWS\WinSxS
2016-04-15 09:39:42 ----SHD---- C:\Boot
2016-04-15 09:39:12 ----SHD---- C:\System Volume Information
2016-04-15 09:38:43 ----D---- C:\WINDOWS\system32\drivers
2016-04-15 09:38:43 ----D---- C:\Program Files\Mozilla Maintenance Service
2016-04-15 01:26:10 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2016-04-15 01:26:09 ----D---- C:\WINDOWS\system32\cs-CZ
2016-04-15 01:26:09 ----D---- C:\WINDOWS\system32\Boot
2016-04-15 01:26:09 ----D---- C:\WINDOWS\system32\appraiser
2016-04-15 01:26:05 ----D---- C:\WINDOWS\PolicyDefinitions
2016-04-15 01:26:03 ----D---- C:\WINDOWS\bcastdvr
2016-04-15 01:26:03 ----D---- C:\WINDOWS\apppatch
2016-04-15 01:25:57 ----D---- C:\WINDOWS\system32\DriverStore
2016-04-14 11:03:57 ----AD---- C:\Program Files\Opera
2016-04-13 10:52:39 ----SHD---- C:\WINDOWS\Installer
2016-04-13 10:52:37 ----D---- C:\ProgramData\Microsoft Help
2016-04-13 10:51:52 ----D---- C:\Windows
2016-04-13 10:51:16 ----D---- C:\WINDOWS\CbsTemp
2016-04-13 10:49:51 ----D---- C:\WINDOWS\system32\MRT
2016-04-13 10:42:38 ----A---- C:\WINDOWS\system32\MRT.exe
2016-04-13 10:30:05 ----D---- C:\WINDOWS\system32\catroot2
2016-04-12 11:49:18 ----RD---- C:\Program Files
2016-04-06 20:32:08 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2016-04-05 01:34:27 ----D---- C:\AdwCleaner
2016-04-05 01:20:34 ----D---- C:\WINDOWS\Tasks
2016-04-05 01:08:44 ----D---- C:\Program Files\Common Files
2016-04-05 01:06:13 ----HD---- C:\ProgramData
2016-04-04 19:15:50 ----AD---- C:\Program Files\Malwarebytes Anti-Malware
2016-03-29 14:52:00 ----RD---- C:\Program Files\Skype
2016-03-29 14:51:56 ----D---- C:\ProgramData\Skype
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x86 (Weak); C:\WINDOWS\system32\DRIVERS\cm_km.sys [2015-07-06 201912]
R0 kl1;kl1; C:\WINDOWS\system32\DRIVERS\kl1.sys [2015-06-22 153784]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [2015-06-06 46776]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-10-30 76288]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 7680]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\WINDOWS\system32\DRIVERS\klbackupflt.sys [2015-06-27 57712]
R1 klhk;Kaspersky Lab service driver; C:\WINDOWS\system32\DRIVERS\klhk.sys [2015-12-06 44216]
R1 KLIF;Kaspersky Lab Driver; C:\WINDOWS\system32\DRIVERS\klif.sys [2016-03-07 755608]
R1 KLIM6;@oem16.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\WINDOWS\system32\DRIVERS\klim6.sys [2015-06-11 34480]
R1 klpd;Kaspersky Lab format recognizer driver; C:\WINDOWS\system32\DRIVERS\klpd.sys [2015-12-06 39304]
R1 klwfp;klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [2015-12-06 76168]
R1 Klwtp;Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [2015-06-16 87736]
R1 kneps;kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [2015-06-23 156856]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-08-09 12880]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [2011-08-09 67664]
R2 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R2 kldisk;kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [2016-03-07 66976]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-10-30 36864]
R2 speedfan;speedfan; \??\C:\Windows\system32\speedfan.sys [2012-12-29 24184]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-10-30 62464]
R3 Afc;PPdus ASPI Shell; C:\WINDOWS\system32\drivers\Afc.sys [2006-11-10 18688]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-12-16 19525104]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-12-16 542192]
R3 AtiHDAudioService;@oem36.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT3.sys [2015-05-28 82432]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHDA.sys [2009-12-25 2981024]
R3 klflt;Kaspersky Lab Kernel DLL; C:\WINDOWS\system32\DRIVERS\klflt.sys [2015-12-06 147336]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [2015-06-06 37048]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [2015-06-07 37560]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2016-03-07 130560]
R3 rt640x86;@rt640x86.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x86.sys [2015-10-30 494080]
S0 klelam;klelam; C:\WINDOWS\system32\DRIVERS\klelam.sys [2015-06-24 25208]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 88928]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 83288]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 51040]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 51552]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 27992]
S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 8192]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 26624]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2016-03-07 96768]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2015-10-30 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 38240]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 66048]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2015-10-30 61936]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-10-30 23040]
S3 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2007-11-06 34064]
S3 PSI;PSI; C:\WINDOWS\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-10-30 45056]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 33792]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-10-30 32768]
S3 Ufx01000;USB Function Class Extension; C:\WINDOWS\system32\drivers\ufx01000.sys [2016-03-29 203104]
S3 UfxChipidea;@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller; C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 74080]
S3 ufxsynopsys;@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller; C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 104800]
S3 UrsCx01000;USB Role-Switch Support Library; C:\WINDOWS\system32\drivers\urscx01000.sys [2015-10-30 42840]
S3 UrsChipidea;@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 21856]
S3 UrsSynopsys;@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver; C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 21856]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-10-18 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-12-16 223216]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 AVP16.0.0;Služba Kaspersky Anti-Virus 16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [2015-12-06 194000]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2016-03-07 25088]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
R2 OneSyncSvc_caa47fc;Hostitel synchronizace_caa47fc; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
R3 PimIndexMaintenanceSvc_caa47fc;Data kontaktů_caa47fc; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
R3 UnistoreSvc_caa47fc;Úložiště uživatelských dat_caa47fc; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S2 gupdate1caeab72b9785e1;Služba Google Update (gupdate1caeab72b9785e1); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-14 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-10-30 135848]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-01-29 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07 269504]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 26112]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-14 144200]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-22 194032]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MessagingService_caa47fc;Služba zasílání zpráv_caa47fc; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2016-04-12 146888]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\system32\GameMon.des [2015-10-26 3557640]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2007-11-06 92792]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 900096]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2015-10-30 256512]
S3 UnistoreSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-10-30 37256]
S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-10-30 45752]
S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-10-30 37256]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Menší nevirový problém + preventivka
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Menší nevirový problém + preventivka
Albert Einstein: Jen dvě věci jsou nekonečné - vesmír a lidská hloupost. Tím prvním si ovšem nejsem tak jist.
Re: Menší nevirový problém + preventivka
Ahoj,
vypada to na hijacknute zastupce. Vloz logy FRST.txt a Addition.txt z FRST http://www.bleepingcomputer.com/downloa ... scan-tool/
vypada to na hijacknute zastupce. Vloz logy FRST.txt a Addition.txt z FRST http://www.bleepingcomputer.com/downloa ... scan-tool/
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Menší nevirový problém + preventivka
FRST 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-04-2016 01
Ran by xx (administrator) on XX-PC (17-04-2016 10:52:20)
Running from C:\Users\xx\Desktop
Loaded Profiles: xx (Available Profiles: xx & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sysinternals - www.sysinternals.com) C:\Portable\ProcessExplorer\procexp.exe
(Almico Software (almico.com)) C:\Program Files\SpeedFan\speedfan.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera.exe
(forum.viry.cz) C:\Users\xx\Desktop\FRSTLauncher.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8129056 2009-12-25] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2503734218-1681691102-840008259-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-2503734218-1681691102-840008259-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [385024 2010-02-02] (AMD)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-08-09] (SuperAdBlocker.com)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0ef55749-aff7-4c6d-ba64-006c3a26098b}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2503734218-1681691102-840008259-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2503734218-1681691102-840008259-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2503734218-1681691102-840008259-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-22] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-22] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\lynva8w7.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll [2013-07-24] (Nullsoft, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll [2007-03-10] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-2503734218-1681691102-840008259-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\xx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll [2007-03-10] (Yahoo! Inc.)
FF SearchPlugin: C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\lynva8w7.default\searchplugins\bing-avast.xml [2014-05-31]
FF Extension: Greasemonkey - C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\lynva8w7.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-02-21]
FF Extension: Kaspersky Protection - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-03-07]
FF Extension: Adblock Plus - C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\lynva8w7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (npFFApi) - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\xx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Last.fm free music player) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbncpldmanoknoahidbgmkgobgmhnafh [2016-03-11]
CHR Extension: (YouTube) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-14]
CHR Extension: (Vyhledávání Google) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-11]
CHR Extension: (Ochrana Kaspersky) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-03-11]
CHR Extension: (AdBlock) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-11]
CHR Extension: (Last.fm Scrobbler) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2016-03-11]
CHR Extension: (scroblr) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mflbcmpjneookibbaeopkfcnegknkgog [2016-03-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-16]
CHR Extension: (Gmail) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-10-18] (SUPERAntiSpyware.com) [File not signed]
S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVP16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-06] (Kaspersky Lab ZAO)
S2 gupdate1caeab72b9785e1; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-14] (Google Inc.)
S3 npggsvc; C:\Windows\system32\GameMon.des [3557640 2015-10-26] (INCA Internet Co., Ltd.)
S3 rpcapd; C:\Program Files\WinPcap\rpcapd.exe [92792 2007-11-06] (CACE Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [201912 2015-07-06] (Kaspersky Lab ZAO)
R2 giveio; C:\WINDOWS\system32\giveio.sys [5248 1996-04-03] () [File not signed]
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [153784 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [46776 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [57712 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [66976 2016-03-07] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [25208 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [147336 2015-12-06] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [44216 2015-12-06] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [755608 2016-03-07] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [34480 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [37048 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [37560 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [39304 2015-12-06] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [76168 2015-12-06] (Kaspersky Lab ZAO)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [87736 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [156856 2015-06-23] (Kaspersky Lab ZAO)
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [34064 2007-11-06] (CACE Technologies)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-08-09] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-08-09] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [65216 2016-03-23] (Sysinternals - www.sysinternals.com)
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-17 10:52 - 2016-04-17 10:52 - 00017827 _____ C:\Users\xx\Desktop\FRST.txt
2016-04-17 10:51 - 2016-04-17 10:52 - 00000000 ____D C:\FRST
2016-04-17 10:50 - 2016-04-17 10:51 - 00112640 _____ (forum.viry.cz) C:\Users\xx\Desktop\FRSTLauncher.exe
2016-04-17 10:50 - 2016-04-17 10:50 - 01726464 _____ (Farbar) C:\Users\xx\Desktop\FRST.exe
2016-04-13 10:51 - 2016-04-13 10:51 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-04-13 10:39 - 2016-04-02 06:17 - 00297072 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 10:39 - 2016-04-02 06:14 - 00757192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 10:39 - 2016-04-02 06:14 - 00613112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 10:39 - 2016-04-02 06:14 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 10:39 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 10:39 - 2016-04-02 05:26 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 10:39 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 10:39 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 10:39 - 2016-04-02 05:22 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 10:39 - 2016-04-02 05:20 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 10:39 - 2016-04-02 05:20 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 10:39 - 2016-04-02 05:17 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 10:39 - 2016-04-02 05:14 - 03197440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 10:39 - 2016-04-02 05:12 - 01887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 10:39 - 2016-04-02 05:11 - 01524736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 10:39 - 2016-04-02 05:10 - 02871296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 10:39 - 2016-04-02 05:05 - 01074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 10:39 - 2016-03-29 11:41 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 10:39 - 2016-03-29 11:41 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 10:39 - 2016-03-29 11:41 - 00228696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 10:39 - 2016-03-29 11:38 - 05797216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 10:39 - 2016-03-29 11:38 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 10:39 - 2016-03-29 11:38 - 00927072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 10:39 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 10:39 - 2016-03-29 11:36 - 01820512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 10:39 - 2016-03-29 11:33 - 00084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 10:39 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 10:39 - 2016-03-29 11:21 - 00922456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 10:39 - 2016-03-29 11:20 - 00856928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 10:39 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 10:39 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 10:39 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 10:39 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 10:39 - 2016-03-29 10:41 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 10:39 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 10:39 - 2016-03-29 10:34 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 10:39 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 10:39 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 10:39 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 10:39 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 10:39 - 2016-03-29 10:24 - 00063008 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 10:39 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 10:39 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 10:39 - 2016-03-29 09:46 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 10:39 - 2016-03-29 09:46 - 00771424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 10:39 - 2016-03-29 09:42 - 00287072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 10:39 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msorcl32.dll
2016-04-13 10:39 - 2016-03-29 09:28 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 10:39 - 2016-03-29 09:20 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 10:39 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 10:39 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 10:39 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 10:39 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 10:39 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 10:39 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 10:39 - 2016-03-29 09:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 10:39 - 2016-03-29 09:05 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 10:39 - 2016-03-29 09:05 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 10:39 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 10:39 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 10:39 - 2016-03-29 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 10:39 - 2016-03-29 08:59 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 10:39 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 10:39 - 2016-03-29 08:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 10:39 - 2016-03-29 08:54 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 10:39 - 2016-03-29 08:53 - 00424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 10:39 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 10:39 - 2016-03-29 08:53 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 10:39 - 2016-03-29 08:52 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 10:39 - 2016-03-29 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 10:39 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 10:39 - 2016-03-29 08:47 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 10:39 - 2016-03-29 08:46 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 10:39 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 10:39 - 2016-03-29 08:44 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 10:39 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 10:39 - 2016-03-29 08:43 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 10:39 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 10:39 - 2016-03-29 08:41 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 10:39 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 10:39 - 2016-03-29 08:40 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 10:39 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 10:39 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 10:39 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 10:39 - 2016-03-29 08:38 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 10:39 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 10:39 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 10:39 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 10:39 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 10:39 - 2016-03-29 08:36 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 10:39 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 10:39 - 2016-03-29 08:34 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 10:39 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 10:39 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 10:39 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 10:39 - 2016-03-29 08:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 10:39 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 10:39 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 10:39 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 10:39 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 10:39 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 10:39 - 2016-03-29 08:29 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 10:39 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 10:39 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 10:39 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 10:39 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 10:39 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 10:39 - 2016-03-29 08:25 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 10:39 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 10:39 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 10:39 - 2016-03-29 08:18 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 10:39 - 2016-03-29 08:14 - 02975232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 10:39 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 10:39 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 10:39 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 10:39 - 2016-03-29 08:07 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 10:39 - 2016-03-29 08:06 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 10:39 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 10:39 - 2016-03-29 08:06 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 10:39 - 2016-03-29 08:06 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 10:39 - 2016-03-29 08:05 - 01894912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 10:39 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 10:39 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 10:39 - 2016-03-29 08:04 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 10:39 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 10:39 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 10:39 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 10:39 - 2016-03-29 07:55 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 10:39 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 10:39 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 10:39 - 2016-03-29 07:49 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 10:39 - 2016-03-29 07:46 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 10:39 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 10:39 - 2016-03-29 07:42 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 10:39 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 10:39 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 10:39 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 10:39 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 10:39 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 10:39 - 2016-03-29 07:36 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 10:39 - 2016-03-29 07:32 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 10:39 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 10:39 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 10:39 - 2016-03-29 07:25 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 10:38 - 2016-04-02 05:30 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 10:38 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 10:38 - 2016-03-29 09:30 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 10:38 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 10:38 - 2016-03-29 09:20 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 10:38 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 10:38 - 2016-03-29 09:14 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 10:38 - 2016-03-29 09:14 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 10:38 - 2016-03-29 09:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 10:38 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 10:38 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 10:38 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 10:38 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 10:38 - 2016-03-29 09:09 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 10:38 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 10:38 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 10:38 - 2016-03-29 09:08 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 10:38 - 2016-03-29 09:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 10:38 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 10:38 - 2016-03-29 09:05 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 10:38 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 10:38 - 2016-03-29 09:05 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 10:38 - 2016-03-29 09:05 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 10:38 - 2016-03-29 09:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 10:38 - 2016-03-29 09:02 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 10:38 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 10:38 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 10:38 - 2016-03-29 08:52 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 10:38 - 2016-03-29 08:52 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 10:38 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 10:38 - 2016-03-29 08:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 10:38 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 10:38 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 10:38 - 2016-03-29 08:32 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 10:38 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 10:38 - 2016-03-29 08:26 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 10:38 - 2016-03-29 08:26 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 10:38 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 10:38 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 10:38 - 2016-03-29 07:30 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 10:38 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 10:38 - 2016-03-29 07:24 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 10:38 - 2016-03-29 07:21 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-12 09:54 - 2016-04-15 09:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-08 14:21 - 2016-04-08 14:21 - 00002358 _____ C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2016-04-08 14:21 - 2016-04-08 14:21 - 00002350 _____ C:\Users\xx\Desktop\Vivaldi.lnk
2016-04-08 14:21 - 2016-04-08 14:21 - 00000000 ____D C:\Users\xx\AppData\Local\Vivaldi
2016-04-05 01:08 - 2016-04-05 01:24 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-04-05 01:06 - 2016-04-05 01:20 - 00000000 ____D C:\ProgramData\Norton
2016-04-05 01:06 - 2016-04-05 01:06 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-04-05 01:05 - 2016-04-05 01:05 - 00000000 ____D C:\Users\xx\AppData\Roaming\ImperiaOnline
2016-04-04 16:44 - 2016-04-04 16:44 - 00001022 _____ C:\Users\Public\Desktop\SpaceEngine 0.974.lnk
2016-03-29 14:52 - 2016-03-29 14:52 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-03-25 17:29 - 2016-03-25 17:29 - 00000000 ____D C:\Users\xx\AppData\Local\AMD
2016-03-23 14:43 - 2016-03-23 14:43 - 00065216 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON23.SYS
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-17 10:42 - 2015-05-18 10:41 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-17 10:33 - 2015-05-22 14:05 - 00000000 ____D C:\Program Files\trend micro
2016-04-17 10:33 - 2010-10-06 19:05 - 00000000 ____D C:\Portable
2016-04-17 10:30 - 2015-01-09 18:08 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-04-17 10:14 - 2010-10-07 12:53 - 00000000 ____D C:\Program Files\SpeedFan
2016-04-17 10:12 - 2015-05-18 10:41 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-16 23:32 - 2016-03-07 18:31 - 00000000 ____D C:\Users\xx
2016-04-16 23:20 - 2015-07-14 23:35 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-16 23:11 - 2014-08-08 12:09 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-16 23:02 - 2015-10-04 09:16 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-16 21:45 - 2010-10-14 13:37 - 00000000 ____D C:\Users\xx\AppData\Roaming\Skype
2016-04-16 10:43 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-16 10:43 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-15 09:45 - 2016-03-07 18:30 - 01996112 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-15 09:45 - 2015-10-30 17:08 - 00829308 _____ C:\WINDOWS\system32\perfh005.dat
2016-04-15 09:45 - 2015-10-30 17:08 - 00185116 _____ C:\WINDOWS\system32\perfc005.dat
2016-04-15 09:45 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-04-15 09:39 - 2016-03-07 18:46 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-15 09:38 - 2016-03-07 18:25 - 00344264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-15 09:38 - 2012-05-09 21:21 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-15 01:27 - 2015-10-30 07:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-04-15 01:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-15 01:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-15 01:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-15 01:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-14 11:03 - 2016-03-17 11:54 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 36.lnk
2016-04-14 11:03 - 2010-10-14 12:31 - 00000000 ____D C:\Program Files\Opera
2016-04-13 10:51 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 10:49 - 2013-08-16 02:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 10:42 - 2010-10-01 13:16 - 132539272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 09:11 - 2016-03-07 18:50 - 00000000 ____D C:\Users\xx\AppData\Local\Packages
2016-04-10 21:42 - 2010-10-06 17:35 - 00000000 ____D C:\Users\xx\AppData\Local\ElevatedDiagnostics
2016-04-09 11:36 - 2011-03-13 21:39 - 00000000 ____D C:\Users\xx\.FBReader
2016-04-09 00:44 - 2010-05-03 13:53 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-06 20:32 - 2015-10-30 07:49 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 07:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-04-05 01:34 - 2015-06-27 12:04 - 00000000 ____D C:\AdwCleaner
2016-04-04 19:15 - 2014-08-08 12:08 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-04-04 16:44 - 2016-03-02 00:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpaceEngine
2016-03-29 14:52 - 2010-10-14 13:36 - 00000000 ___RD C:\Program Files\Skype
2016-03-29 14:51 - 2010-10-14 13:36 - 00000000 ____D C:\ProgramData\Skype
2016-03-29 12:07 - 2010-05-03 14:19 - 00400302 __RSH C:\bootmgr
2016-03-24 19:05 - 2012-11-15 13:44 - 00001384 _____ C:\Users\xx\Desktop\Důležité znaky.txt
==================== Files in the root of some directories =======
2012-10-28 20:09 - 2012-10-28 20:18 - 0003584 _____ () C:\Users\xx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-06 17:43 - 2016-03-08 17:13 - 0007597 _____ () C:\Users\xx\AppData\Local\Resmon.ResmonCfg
2014-09-26 20:31 - 2014-09-26 20:31 - 0000198 _____ () C:\ProgramData\defraggler_list.txt
Some files in TEMP:
====================
C:\Users\xx\AppData\Local\Temp\libeay32.dll
C:\Users\xx\AppData\Local\Temp\msvcr120.dll
C:\Users\xx\AppData\Local\Temp\Quarantine.exe
C:\Users\xx\AppData\Local\Temp\sfamcc00001.dll
C:\Users\xx\AppData\Local\Temp\sfareca00001.dll
C:\Users\xx\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
Task: {66938583-B5B1-4CCE-AB7E-8859E2DE62B3} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files\Google\Chrome\Application\chrome.exe\" --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1440,900"
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\xx\Desktop" je 5 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-04-2016 01
Ran by xx (administrator) on XX-PC (17-04-2016 10:52:20)
Running from C:\Users\xx\Desktop
Loaded Profiles: xx (Available Profiles: xx & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
() C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sysinternals - www.sysinternals.com) C:\Portable\ProcessExplorer\procexp.exe
(Almico Software (almico.com)) C:\Program Files\SpeedFan\speedfan.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera.exe
(forum.viry.cz) C:\Users\xx\Desktop\FRSTLauncher.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.65\opera.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8129056 2009-12-25] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe
HKLM\...\Run: [ArcSoft Connection Service] => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2503734218-1681691102-840008259-1000\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
HKU\S-1-5-21-2503734218-1681691102-840008259-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [385024 2010-02-02] (AMD)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [113024 2011-08-09] (SuperAdBlocker.com)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0ef55749-aff7-4c6d-ba64-006c3a26098b}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2503734218-1681691102-840008259-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2503734218-1681691102-840008259-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2503734218-1681691102-840008259-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-22] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-22] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-12-06] (AO Kaspersky Lab)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\lynva8w7.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll [2013-07-24] (Nullsoft, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll [2007-03-10] (Yahoo! Inc.)
FF Plugin HKU\S-1-5-21-2503734218-1681691102-840008259-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\xx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll [2007-03-10] (Yahoo! Inc.)
FF SearchPlugin: C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\lynva8w7.default\searchplugins\bing-avast.xml [2014-05-31]
FF Extension: Greasemonkey - C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\lynva8w7.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-02-21]
FF Extension: Kaspersky Protection - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-03-07]
FF Extension: Adblock Plus - C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\lynva8w7.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\pdf.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\49.0.2623.112\gcswf32.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll => No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (npFFApi) - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll => No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Unity Player) - C:\Users\xx\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll => No File
CHR Profile: C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Last.fm free music player) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbncpldmanoknoahidbgmkgobgmhnafh [2016-03-11]
CHR Extension: (YouTube) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-14]
CHR Extension: (Vyhledávání Google) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-11]
CHR Extension: (Ochrana Kaspersky) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-03-11]
CHR Extension: (AdBlock) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-11]
CHR Extension: (Last.fm Scrobbler) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2016-03-11]
CHR Extension: (scroblr) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\mflbcmpjneookibbaeopkfcnegknkgog [2016-03-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-16]
CHR Extension: (Gmail) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-10-18] (SUPERAntiSpyware.com) [File not signed]
S4 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AVP16.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-12-06] (Kaspersky Lab ZAO)
S2 gupdate1caeab72b9785e1; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-10-14] (Google Inc.)
S3 npggsvc; C:\Windows\system32\GameMon.des [3557640 2015-10-26] (INCA Internet Co., Ltd.)
S3 rpcapd; C:\Program Files\WinPcap\rpcapd.exe [92792 2007-11-06] (CACE Technologies)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [201912 2015-07-06] (Kaspersky Lab ZAO)
R2 giveio; C:\WINDOWS\system32\giveio.sys [5248 1996-04-03] () [File not signed]
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [153784 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [46776 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [57712 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [66976 2016-03-07] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [25208 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [147336 2015-12-06] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [44216 2015-12-06] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [755608 2016-03-07] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [34480 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [37048 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [37560 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [39304 2015-12-06] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [76168 2015-12-06] (Kaspersky Lab ZAO)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [87736 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [156856 2015-06-23] (Kaspersky Lab ZAO)
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 NPF; C:\WINDOWS\System32\drivers\npf.sys [34064 2007-11-06] (CACE Technologies)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [494080 2015-10-30] (Realtek )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-08-09] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-08-09] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
U3 idsvc; no ImagePath
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [65216 2016-03-23] (Sysinternals - www.sysinternals.com)
U3 wpcsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-17 10:52 - 2016-04-17 10:52 - 00017827 _____ C:\Users\xx\Desktop\FRST.txt
2016-04-17 10:51 - 2016-04-17 10:52 - 00000000 ____D C:\FRST
2016-04-17 10:50 - 2016-04-17 10:51 - 00112640 _____ (forum.viry.cz) C:\Users\xx\Desktop\FRSTLauncher.exe
2016-04-17 10:50 - 2016-04-17 10:50 - 01726464 _____ (Farbar) C:\Users\xx\Desktop\FRST.exe
2016-04-13 10:51 - 2016-04-13 10:51 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-04-13 10:39 - 2016-04-02 06:17 - 00297072 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 10:39 - 2016-04-02 06:14 - 00757192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 10:39 - 2016-04-02 06:14 - 00613112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 10:39 - 2016-04-02 06:14 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 10:39 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 10:39 - 2016-04-02 05:26 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 10:39 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 10:39 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 10:39 - 2016-04-02 05:22 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 10:39 - 2016-04-02 05:20 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 10:39 - 2016-04-02 05:20 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 10:39 - 2016-04-02 05:17 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 10:39 - 2016-04-02 05:14 - 03197440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 10:39 - 2016-04-02 05:12 - 01887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 10:39 - 2016-04-02 05:11 - 01524736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 10:39 - 2016-04-02 05:10 - 02871296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 10:39 - 2016-04-02 05:05 - 01074688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 10:39 - 2016-03-29 11:41 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 10:39 - 2016-03-29 11:41 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 10:39 - 2016-03-29 11:41 - 00228696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 10:39 - 2016-03-29 11:38 - 05797216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 10:39 - 2016-03-29 11:38 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 10:39 - 2016-03-29 11:38 - 00927072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 10:39 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 10:39 - 2016-03-29 11:36 - 01820512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 10:39 - 2016-03-29 11:33 - 00084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 10:39 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 10:39 - 2016-03-29 11:21 - 00922456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 10:39 - 2016-03-29 11:20 - 00856928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 10:39 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 10:39 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 10:39 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 10:39 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 10:39 - 2016-03-29 10:41 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 10:39 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 10:39 - 2016-03-29 10:34 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 10:39 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 10:39 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 10:39 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 10:39 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 10:39 - 2016-03-29 10:24 - 00063008 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 10:39 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 10:39 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 10:39 - 2016-03-29 09:46 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 10:39 - 2016-03-29 09:46 - 00771424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 10:39 - 2016-03-29 09:42 - 00287072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 10:39 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msorcl32.dll
2016-04-13 10:39 - 2016-03-29 09:28 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 10:39 - 2016-03-29 09:20 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 10:39 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 10:39 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 10:39 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 10:39 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 10:39 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 10:39 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 10:39 - 2016-03-29 09:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 10:39 - 2016-03-29 09:05 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 10:39 - 2016-03-29 09:05 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 10:39 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 10:39 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 10:39 - 2016-03-29 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 10:39 - 2016-03-29 08:59 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 10:39 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 10:39 - 2016-03-29 08:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 10:39 - 2016-03-29 08:54 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 10:39 - 2016-03-29 08:53 - 00424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 10:39 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 10:39 - 2016-03-29 08:53 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 10:39 - 2016-03-29 08:52 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 10:39 - 2016-03-29 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 10:39 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 10:39 - 2016-03-29 08:47 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 10:39 - 2016-03-29 08:46 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 10:39 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 10:39 - 2016-03-29 08:44 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 10:39 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 10:39 - 2016-03-29 08:43 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 10:39 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 10:39 - 2016-03-29 08:41 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 10:39 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 10:39 - 2016-03-29 08:40 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 10:39 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 10:39 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 10:39 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 10:39 - 2016-03-29 08:38 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 10:39 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 10:39 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 10:39 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 10:39 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 10:39 - 2016-03-29 08:36 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 10:39 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 10:39 - 2016-03-29 08:34 - 01152512 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 10:39 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 10:39 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 10:39 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 10:39 - 2016-03-29 08:32 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 10:39 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 10:39 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 10:39 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 10:39 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 10:39 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 10:39 - 2016-03-29 08:29 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 10:39 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 10:39 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 10:39 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 10:39 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 10:39 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 10:39 - 2016-03-29 08:25 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 10:39 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 10:39 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 10:39 - 2016-03-29 08:18 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 10:39 - 2016-03-29 08:14 - 02975232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 10:39 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 10:39 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 10:39 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 10:39 - 2016-03-29 08:07 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 10:39 - 2016-03-29 08:06 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 10:39 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 10:39 - 2016-03-29 08:06 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 10:39 - 2016-03-29 08:06 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 10:39 - 2016-03-29 08:05 - 01894912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 10:39 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 10:39 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 10:39 - 2016-03-29 08:04 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 10:39 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 10:39 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 10:39 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 10:39 - 2016-03-29 07:55 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 10:39 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 10:39 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 10:39 - 2016-03-29 07:49 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 10:39 - 2016-03-29 07:46 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 10:39 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 10:39 - 2016-03-29 07:42 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 10:39 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 10:39 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 10:39 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 10:39 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 10:39 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 10:39 - 2016-03-29 07:36 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 10:39 - 2016-03-29 07:32 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 10:39 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 10:39 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 10:39 - 2016-03-29 07:25 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 10:38 - 2016-04-02 05:30 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 10:38 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 10:38 - 2016-03-29 09:30 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 10:38 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 10:38 - 2016-03-29 09:20 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 10:38 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 10:38 - 2016-03-29 09:14 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 10:38 - 2016-03-29 09:14 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 10:38 - 2016-03-29 09:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 10:38 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 10:38 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 10:38 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 10:38 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 10:38 - 2016-03-29 09:09 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 10:38 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 10:38 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 10:38 - 2016-03-29 09:08 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 10:38 - 2016-03-29 09:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 10:38 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 10:38 - 2016-03-29 09:05 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 10:38 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 10:38 - 2016-03-29 09:05 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 10:38 - 2016-03-29 09:05 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 10:38 - 2016-03-29 09:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 10:38 - 2016-03-29 09:02 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 10:38 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 10:38 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 10:38 - 2016-03-29 08:52 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 10:38 - 2016-03-29 08:52 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 10:38 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 10:38 - 2016-03-29 08:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 10:38 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 10:38 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 10:38 - 2016-03-29 08:32 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 10:38 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 10:38 - 2016-03-29 08:26 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 10:38 - 2016-03-29 08:26 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 10:38 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 10:38 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 10:38 - 2016-03-29 07:30 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 10:38 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 10:38 - 2016-03-29 07:24 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 10:38 - 2016-03-29 07:21 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-12 09:54 - 2016-04-15 09:38 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-04-08 14:21 - 2016-04-08 14:21 - 00002358 _____ C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2016-04-08 14:21 - 2016-04-08 14:21 - 00002350 _____ C:\Users\xx\Desktop\Vivaldi.lnk
2016-04-08 14:21 - 2016-04-08 14:21 - 00000000 ____D C:\Users\xx\AppData\Local\Vivaldi
2016-04-05 01:08 - 2016-04-05 01:24 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-04-05 01:06 - 2016-04-05 01:20 - 00000000 ____D C:\ProgramData\Norton
2016-04-05 01:06 - 2016-04-05 01:06 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-04-05 01:05 - 2016-04-05 01:05 - 00000000 ____D C:\Users\xx\AppData\Roaming\ImperiaOnline
2016-04-04 16:44 - 2016-04-04 16:44 - 00001022 _____ C:\Users\Public\Desktop\SpaceEngine 0.974.lnk
2016-03-29 14:52 - 2016-03-29 14:52 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-03-25 17:29 - 2016-03-25 17:29 - 00000000 ____D C:\Users\xx\AppData\Local\AMD
2016-03-23 14:43 - 2016-03-23 14:43 - 00065216 ____H (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCMON23.SYS
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-17 10:42 - 2015-05-18 10:41 - 00000940 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-17 10:33 - 2015-05-22 14:05 - 00000000 ____D C:\Program Files\trend micro
2016-04-17 10:33 - 2010-10-06 19:05 - 00000000 ____D C:\Portable
2016-04-17 10:30 - 2015-01-09 18:08 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-04-17 10:14 - 2010-10-07 12:53 - 00000000 ____D C:\Program Files\SpeedFan
2016-04-17 10:12 - 2015-05-18 10:41 - 00000936 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-16 23:32 - 2016-03-07 18:31 - 00000000 ____D C:\Users\xx
2016-04-16 23:20 - 2015-07-14 23:35 - 00000958 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-04-16 23:11 - 2014-08-08 12:09 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-16 23:02 - 2015-10-04 09:16 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-16 21:45 - 2010-10-14 13:37 - 00000000 ____D C:\Users\xx\AppData\Roaming\Skype
2016-04-16 10:43 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-16 10:43 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-15 09:45 - 2016-03-07 18:30 - 01996112 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-15 09:45 - 2015-10-30 17:08 - 00829308 _____ C:\WINDOWS\system32\perfh005.dat
2016-04-15 09:45 - 2015-10-30 17:08 - 00185116 _____ C:\WINDOWS\system32\perfc005.dat
2016-04-15 09:45 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-04-15 09:39 - 2016-03-07 18:46 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-15 09:38 - 2016-03-07 18:25 - 00344264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-15 09:38 - 2012-05-09 21:21 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-04-15 01:27 - 2015-10-30 07:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-04-15 01:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-15 01:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-15 01:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-15 01:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-14 11:03 - 2016-03-17 11:54 - 00001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 36.lnk
2016-04-14 11:03 - 2010-10-14 12:31 - 00000000 ____D C:\Program Files\Opera
2016-04-13 10:51 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 10:49 - 2013-08-16 02:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 10:42 - 2010-10-01 13:16 - 132539272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-13 09:11 - 2016-03-07 18:50 - 00000000 ____D C:\Users\xx\AppData\Local\Packages
2016-04-10 21:42 - 2010-10-06 17:35 - 00000000 ____D C:\Users\xx\AppData\Local\ElevatedDiagnostics
2016-04-09 11:36 - 2011-03-13 21:39 - 00000000 ____D C:\Users\xx\.FBReader
2016-04-09 00:44 - 2010-05-03 13:53 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-06 20:32 - 2015-10-30 07:49 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 07:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-04-05 01:34 - 2015-06-27 12:04 - 00000000 ____D C:\AdwCleaner
2016-04-04 19:15 - 2014-08-08 12:08 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-04-04 16:44 - 2016-03-02 00:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpaceEngine
2016-03-29 14:52 - 2010-10-14 13:36 - 00000000 ___RD C:\Program Files\Skype
2016-03-29 14:51 - 2010-10-14 13:36 - 00000000 ____D C:\ProgramData\Skype
2016-03-29 12:07 - 2010-05-03 14:19 - 00400302 __RSH C:\bootmgr
2016-03-24 19:05 - 2012-11-15 13:44 - 00001384 _____ C:\Users\xx\Desktop\Důležité znaky.txt
==================== Files in the root of some directories =======
2012-10-28 20:09 - 2012-10-28 20:18 - 0003584 _____ () C:\Users\xx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-10-06 17:43 - 2016-03-08 17:13 - 0007597 _____ () C:\Users\xx\AppData\Local\Resmon.ResmonCfg
2014-09-26 20:31 - 2014-09-26 20:31 - 0000198 _____ () C:\ProgramData\defraggler_list.txt
Some files in TEMP:
====================
C:\Users\xx\AppData\Local\Temp\libeay32.dll
C:\Users\xx\AppData\Local\Temp\msvcr120.dll
C:\Users\xx\AppData\Local\Temp\Quarantine.exe
C:\Users\xx\AppData\Local\Temp\sfamcc00001.dll
C:\Users\xx\AppData\Local\Temp\sfareca00001.dll
C:\Users\xx\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
Task: {66938583-B5B1-4CCE-AB7E-8859E2DE62B3} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files\Google\Chrome\Application\chrome.exe\" --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1440,900"
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\xx\Desktop" je 5 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
Albert Einstein: Jen dvě věci jsou nekonečné - vesmír a lidská hloupost. Tím prvním si ovšem nejsem tak jist.
Re: Menší nevirový problém + preventivka
Addition
Additional scan result of Farbar Recovery Scan Tool (x86) Version:16-04-2016 01
Ran by xx (2016-04-17 10:53:06)
Running from C:\Users\xx\Desktop
Microsoft Windows 10 Home Version 1511 (X86) (2016-03-07 16:50:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2503734218-1681691102-840008259-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2503734218-1681691102-840008259-503 - Limited - Disabled)
Guest (S-1-5-21-2503734218-1681691102-840008259-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2503734218-1681691102-840008259-1169 - Limited - Enabled)
xx (S-1-5-21-2503734218-1681691102-840008259-1000 - Administrator - Enabled) => C:\Users\xx
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
50 FREE MP3s +1 Free Audiobook! (HKLM\...\eMusic Promotion) (Version: 1.0.0.1 - eMusic.com Inc)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{C2796CF4-6517-00C1-9F70-6A9C50680D29}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ArcSoft MediaImpression (HKLM\...\{18472E28-FCA0-421F-BDAC-AC65012E29F2}) (Version: 1.2.19.456 - ArcSoft)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Assassin's Creed (HKLM\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
ATI AVIVO Codecs (Version: 10.12.0.00202 - ATI Technologies Inc.) Hidden
aTube Catcher (HKLM\...\aTube Catcher) (Version: 2.5.645 - DsNET Corp)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
calibre (HKLM\...\{5AD205E9-E80E-4F4B-88A5-C6B5CC12BBE4}) (Version: 2.48.0 - Kovid Goyal)
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version: - Canon Inc.)
CBR Reader (HKLM\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2631 - CDBurnerXP)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
cdrLabel 7.1 (HKLM\...\{279FC9F9-1872-4927-AB0E-A93154F7D339}) (Version: 7.1.584.0 - ZipLabel.com)
Celestia 1.6.1 (HKLM\...\Celestia_is1) (Version: - Shatters Software)
CrystalDiskInfo 6.1.9a (HKLM\...\CrystalDiskInfo_is1) (Version: 6.1.9a - Crystal Dew World)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Drakensang Online (HKLM\...\Drakensang Online) (Version: - )
DU Meter (HKLM\...\dumeter3_is1) (Version: - Hagel Technologies)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
FBReader for Windows (HKLM\...\FBReader for Windows) (Version: - )
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
HeavyLoad V3.0 (HKLM\...\HeavyLoad_is1) (Version: 3.0 - JAM Software)
HydraVision (Version: 4.2.142.0 - ATI Technologies Inc.) Hidden
iTraffic Monitor v1.0 (HKLM\...\itrafficmonitor_is1) (Version: 1.0 - )
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MediaInfo 0.7.36 (HKLM\...\MediaInfo) (Version: 0.7.36 - MediaArea.net)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 45.0.2 (x86 cs)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 cs) (HKLM\...\Mozilla Thunderbird 31.7.0 (x86 cs)) (Version: 31.7.0 - Mozilla)
MPC-HC 1.7.8 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.8 - MPC-HC Team)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 36.0.2130.65 (HKLM\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Raptr (HKLM\...\Raptr) (Version: - )
RarmaRadio 2.68.3 (HKLM\...\RarmaRadio_is1) (Version: - RaimerSoft)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6013 - Realtek Semiconductor Corp.)
Secunia PSI (2.0.0.3003) (HKLM\...\Secunia PSI) (Version: - )
Sigil 0.6.0 (HKLM\...\Sigil_is1) (Version: - John Schember)
Skype™ 7.21 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SpaceEngine verze 0.9.7.2 (HKLM\...\{E65FD500-9218-44EC-9586-D39FAB4DFDAF}_is1) (Version: 0.9.7.2 - SpaceEngine)
SpaceEngine verze 0.9.7.4 (HKLM\...\{6E7A40FA-86CE-4844-A7DC-F8769F21A62F}_is1) (Version: 0.9.7.4 - SpaceEngine)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Stellarium 0.13.3 (HKLM\...\Stellarium_is1) (Version: 0.13.3 - Stellarium team)
Streamripper (Remove only) (HKLM\...\Streamripper) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.44.1000 - SUPERAntiSpyware.com)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - )
Unity Web Player (HKU\S-1-5-21-2503734218-1681691102-840008259-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VGA USB Camera (HKLM\...\{F0B2D11F-E4D9-4C17-A195-B8BADEAE9C40}) (Version: 1.2.0.0 - )
Vivaldi (HKU\S-1-5-21-2503734218-1681691102-840008259-1000\...\Vivaldi) (Version: 1.0.435.42 - Vivaldi)
Warcraft III (HKLM\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2503734218-1681691102-840008259-1000\...\Warcraft III) (Version: - )
Winamp (HKLM\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-2503734218-1681691102-840008259-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.0.2 (HKLM\...\WinPcapInst) (Version: 4.0.0.1040 - CACE Technologies)
Worms World Party (HKLM\...\InstallShield_{0F6E17CB-0565-44A7-8C36-941EA56B215E}) (Version: 1.00.000 - Název společnosti:)
Worms World Party (Version: 1.00.000 - Název společnosti:) Hidden
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version: - )
Yahoo! Widgets (HKLM\...\Yahoo! Widget Engine) (Version: 4.5.2.0 - Yahoo! Inc.)
Zoner Photo Studio 12 (HKLM\...\ZonerPhotoStudio12_CZ_is1) (Version: 12.0.1.2 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Skype Extras\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov)
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Skype Extras\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\xx\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7FEBAF7C-18CF-11D2-993F-00A0C91F3880}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 12\Program\SHELLEXT.DLL (ZONER software)
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F46316E4-FB1B-46EB-AEDF-9520BFBB916A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> no filepath
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {13E56FD8-A48E-49E1-8AD6-0B5BBFEAAA08} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16625FC2-7B52-4A2C-AD2C-6A1E5378B1AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1663D21E-766E-4C91-919A-8A4F85DE62D3} - System32\Tasks\{87BBAE62-840E-4118-958B-051FE8A33B73} => C:\Portable\Release\Powder-RScience-2.2.1.exe
Task: {17544326-9DC5-4F02-A29F-FE4CA7685C20} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1A927B23-7B4A-4D8E-9F86-D8DE9D876426} - System32\Tasks\{356FEEBF-2A95-4005-B2F6-9743BBA025DF} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {1D1C3F62-7414-4076-B14D-B873937B9C9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {217EBF93-4CAC-4F7E-AE31-9AC721610553} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {2C78A0CE-4714-4AD0-BCE1-746AB48F9A9E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {2E995737-2594-444D-87E8-2E14114CC102} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {31F2AA0C-7C01-46B5-AFDC-CEAB91B7418F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {367BABCC-46BB-4736-8C54-55908D696946} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {38124E6C-3D1C-4348-B914-94FF2138511A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {438A0207-9FCC-4A58-B39A-F640509E2485} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {44A37813-1324-4235-BC78-E833802FA553} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {46011DE4-625D-4064-B1F7-EE8F2656BDC4} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4FDB0F13-E4F8-4CE6-A3FD-C4B7135C1ED0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-14] (Google Inc.)
Task: {5D16B43E-9609-46C7-B730-E3C8E5F4A3C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5E423790-5941-49C8-9D73-3FB7DED078B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-14] (Google Inc.)
Task: {66938583-B5B1-4CCE-AB7E-8859E2DE62B3} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files\Google\Chrome\Application\chrome.exe\" --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1440,900"
Task: {6BF85A80-3A1C-4407-8B5A-104F09E1A42D} - System32\Tasks\{D541E083-9470-4923-9B6A-E3EAAC5F8E90} => C:\Hry\Worms\wwp.exe [2010-06-11] (Levo)
Task: {71C5B493-4498-4815-8BFB-1AA88D917254} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7ACB32B5-1B1E-4D3F-BE38-347A681A712E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8BD34E84-89B3-435D-AD32-6F92C2287D4D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8E71FDB8-C94C-4AC5-B878-C23B8DA4D078} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8E812183-5805-49E0-B219-FAFCE3CE5533} - System32\Tasks\{CE2A823C-DB83-4B14-977A-D2BFDBFD6874} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {8F76F9A4-0B8D-467D-BE88-1AEC50F9EA1E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {96378E4D-17CF-4F90-B7EC-73222D709A42} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9A2FBE1D-86A8-4214-9288-6480DB446A9D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9A575640-73CA-4B95-A883-3B7D58E250EB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9D52591D-91EC-4CC5-827F-2050B3255BD4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F193BC5-3D44-4E84-9789-2C5C967D0876} - System32\Tasks\{E3575629-4125-4966-A9C3-6E09915A1EC4} => c:\program files\opera\opera.exe [2014-04-22] (Opera Software)
Task: {A0511C19-76AF-487B-B148-9011082BA441} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {A46E2748-320B-431C-A44B-BE863E06D768} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A5F8B6C9-0965-499C-9ED2-77C030087DD6} - System32\Tasks\{67EF6F39-AF00-433E-943F-AFB796E318F6} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {A6E04EDF-46BA-4073-9BC6-680BB4C8B5E2} - System32\Tasks\{47C17335-E635-4C06-80AF-FB22FB10E36B} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {B939D65F-973B-4337-B596-17858927158C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BACD6C52-2A0E-4A5F-BD8F-D2654D2A100E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BEFE23EF-9CA4-4BDD-93DC-BF0F545D215B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C71A1190-4F58-4340-9410-396EB5EC4099} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CDA33687-AD72-440D-98C0-C9DF441521AD} - System32\Tasks\{5658BACF-A16F-4A23-871A-072F2675FF55} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {CF8B88B6-87CC-4644-A38A-D866ADDD73CF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D54B1F38-417E-4AF8-89FE-FBE1053F0A0E} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {D8E33655-D3EC-4301-9875-4D72B8893F23} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {D92320EC-6F5E-49C1-A2FA-1540D971C827} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {D94DD1F9-F2FA-491D-86F1-2743ADF462A6} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {DB4D379F-B946-4365-97B5-4E14A04B295F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DCFEA571-FC79-4D04-A506-5607E87C755E} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E00A7D60-2387-4A96-93CE-7AE6AA8AC833} - System32\Tasks\{CAD2C50C-3AA9-4B6E-BC81-5D9B30CFFF8E} => C:\Program Files\Skype\Phone\Skype.exe [2016-03-01] (Skype Technologies S.A.)
Task: {E86DA395-DFC6-4DB5-AA4F-6A1F5EF4F594} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EBC512AC-268A-4970-972B-561FC9975557} - System32\Tasks\{92BDCCB4-B035-4D9D-B6BD-6A5F7ADDA4AA} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {ED69E0FA-D625-4B70-BAE6-9C6062B210C9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {F175E682-A41B-427E-BA36-409B13D5CEEC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {F1B6A8C1-980A-47DF-A6B1-8C95567926C1} - System32\Tasks\{5C86F17E-2A33-4253-AF3A-CEA4495BBC11} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {F36C6A0C-34BD-46F8-AC4F-E5C9617B6A97} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F43B48BD-41CE-49B0-AC7E-2122FE1F5E1B} - System32\Tasks\Opera scheduled Autoupdate 1421265847 => C:\Program Files\Opera\launcher.exe [2016-04-11] (Opera Software)
Task: {FF79A925-BDE7-4DA2-A8E3-DB0C28A18412} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
A příště už nic nestahuju po půlnoci :p
Additional scan result of Farbar Recovery Scan Tool (x86) Version:16-04-2016 01
Ran by xx (2016-04-17 10:53:06)
Running from C:\Users\xx\Desktop
Microsoft Windows 10 Home Version 1511 (X86) (2016-03-07 16:50:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2503734218-1681691102-840008259-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2503734218-1681691102-840008259-503 - Limited - Disabled)
Guest (S-1-5-21-2503734218-1681691102-840008259-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2503734218-1681691102-840008259-1169 - Limited - Enabled)
xx (S-1-5-21-2503734218-1681691102-840008259-1000 - Administrator - Enabled) => C:\Users\xx
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
50 FREE MP3s +1 Free Audiobook! (HKLM\...\eMusic Promotion) (Version: 1.0.0.1 - eMusic.com Inc)
7-Zip 9.22beta (HKLM\...\7-Zip) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{C2796CF4-6517-00C1-9F70-6A9C50680D29}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ArcSoft MediaImpression (HKLM\...\{18472E28-FCA0-421F-BDAC-AC65012E29F2}) (Version: 1.2.19.456 - ArcSoft)
Ashampoo Burning Studio 6 FREE v.6.80 (HKLM\...\Ashampoo Burning Studio 6 FREE_is1) (Version: 6.8.0 - ashampoo GmbH & Co. KG)
Assassin's Creed (HKLM\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
ATI AVIVO Codecs (Version: 10.12.0.00202 - ATI Technologies Inc.) Hidden
aTube Catcher (HKLM\...\aTube Catcher) (Version: 2.5.645 - DsNET Corp)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
calibre (HKLM\...\{5AD205E9-E80E-4F4B-88A5-C6B5CC12BBE4}) (Version: 2.48.0 - Kovid Goyal)
Canon iP3600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3600_series) (Version: - Canon Inc.)
CBR Reader (HKLM\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version: - cbrreader.com)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.8.2631 - CDBurnerXP)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.)
cdrLabel 7.1 (HKLM\...\{279FC9F9-1872-4927-AB0E-A93154F7D339}) (Version: 7.1.584.0 - ZipLabel.com)
Celestia 1.6.1 (HKLM\...\Celestia_is1) (Version: - Shatters Software)
CrystalDiskInfo 6.1.9a (HKLM\...\CrystalDiskInfo_is1) (Version: 6.1.9a - Crystal Dew World)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Drakensang Online (HKLM\...\Drakensang Online) (Version: - )
DU Meter (HKLM\...\dumeter3_is1) (Version: - Hagel Technologies)
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink)
FBReader for Windows (HKLM\...\FBReader for Windows) (Version: - )
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
HeavyLoad V3.0 (HKLM\...\HeavyLoad_is1) (Version: 3.0 - JAM Software)
HydraVision (Version: 4.2.142.0 - ATI Technologies Inc.) Hidden
iTraffic Monitor v1.0 (HKLM\...\itrafficmonitor_is1) (Version: 1.0 - )
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes Anti-Malware verze 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MediaInfo 0.7.36 (HKLM\...\MediaInfo) (Version: 0.7.36 - MediaArea.net)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 cs) (HKLM\...\Mozilla Firefox 45.0.2 (x86 cs)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 cs) (HKLM\...\Mozilla Thunderbird 31.7.0 (x86 cs)) (Version: 31.7.0 - Mozilla)
MPC-HC 1.7.8 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.8 - MPC-HC Team)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 36.0.2130.65 (HKLM\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Raptr (HKLM\...\Raptr) (Version: - )
RarmaRadio 2.68.3 (HKLM\...\RarmaRadio_is1) (Version: - RaimerSoft)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6013 - Realtek Semiconductor Corp.)
Secunia PSI (2.0.0.3003) (HKLM\...\Secunia PSI) (Version: - )
Sigil 0.6.0 (HKLM\...\Sigil_is1) (Version: - John Schember)
Skype™ 7.21 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SpaceEngine verze 0.9.7.2 (HKLM\...\{E65FD500-9218-44EC-9586-D39FAB4DFDAF}_is1) (Version: 0.9.7.2 - SpaceEngine)
SpaceEngine verze 0.9.7.4 (HKLM\...\{6E7A40FA-86CE-4844-A7DC-F8769F21A62F}_is1) (Version: 0.9.7.4 - SpaceEngine)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - )
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Stellarium 0.13.3 (HKLM\...\Stellarium_is1) (Version: 0.13.3 - Stellarium team)
Streamripper (Remove only) (HKLM\...\Streamripper) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.44.1000 - SUPERAntiSpyware.com)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - )
Unity Web Player (HKU\S-1-5-21-2503734218-1681691102-840008259-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VC 9.0 Runtime (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VGA USB Camera (HKLM\...\{F0B2D11F-E4D9-4C17-A195-B8BADEAE9C40}) (Version: 1.2.0.0 - )
Vivaldi (HKU\S-1-5-21-2503734218-1681691102-840008259-1000\...\Vivaldi) (Version: 1.0.435.42 - Vivaldi)
Warcraft III (HKLM\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-2503734218-1681691102-840008259-1000\...\Warcraft III) (Version: - )
Winamp (HKLM\...\Winamp) (Version: 5.65 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-2503734218-1681691102-840008259-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.0.2 (HKLM\...\WinPcapInst) (Version: 4.0.0.1040 - CACE Technologies)
Worms World Party (HKLM\...\InstallShield_{0F6E17CB-0565-44A7-8C36-941EA56B215E}) (Version: 1.00.000 - Název společnosti:)
Worms World Party (Version: 1.00.000 - Název společnosti:) Hidden
Yahoo! Install Manager (HKLM\...\YInstHelper) (Version: - )
Yahoo! Widgets (HKLM\...\Yahoo! Widget Engine) (Version: 4.5.2.0 - Yahoo! Inc.)
Zoner Photo Studio 12 (HKLM\...\ZonerPhotoStudio12_CZ_is1) (Version: 12.0.1.2 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\ProgramData\Skype Extras\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}\InprocServer32 -> C:\Program Files\7-Zip\7-zip.dll (Igor Pavlov)
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\ProgramData\Skype Extras\ezPMUtils.dll (EasyBits Media)
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\xx\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7FEBAF7C-18CF-11D2-993F-00A0C91F3880}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 12\Program\SHELLEXT.DLL (ZONER software)
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F46316E4-FB1B-46EB-AEDF-9520BFBB916A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> no filepath
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {13E56FD8-A48E-49E1-8AD6-0B5BBFEAAA08} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {16625FC2-7B52-4A2C-AD2C-6A1E5378B1AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1663D21E-766E-4C91-919A-8A4F85DE62D3} - System32\Tasks\{87BBAE62-840E-4118-958B-051FE8A33B73} => C:\Portable\Release\Powder-RScience-2.2.1.exe
Task: {17544326-9DC5-4F02-A29F-FE4CA7685C20} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {1A927B23-7B4A-4D8E-9F86-D8DE9D876426} - System32\Tasks\{356FEEBF-2A95-4005-B2F6-9743BBA025DF} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {1D1C3F62-7414-4076-B14D-B873937B9C9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {217EBF93-4CAC-4F7E-AE31-9AC721610553} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {2C78A0CE-4714-4AD0-BCE1-746AB48F9A9E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {2E995737-2594-444D-87E8-2E14114CC102} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {31F2AA0C-7C01-46B5-AFDC-CEAB91B7418F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {367BABCC-46BB-4736-8C54-55908D696946} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {38124E6C-3D1C-4348-B914-94FF2138511A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {438A0207-9FCC-4A58-B39A-F640509E2485} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {44A37813-1324-4235-BC78-E833802FA553} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {46011DE4-625D-4064-B1F7-EE8F2656BDC4} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4FDB0F13-E4F8-4CE6-A3FD-C4B7135C1ED0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-14] (Google Inc.)
Task: {5D16B43E-9609-46C7-B730-E3C8E5F4A3C4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5E423790-5941-49C8-9D73-3FB7DED078B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-14] (Google Inc.)
Task: {66938583-B5B1-4CCE-AB7E-8859E2DE62B3} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files\Google\Chrome\Application\chrome.exe\" --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1440,900"
Task: {6BF85A80-3A1C-4407-8B5A-104F09E1A42D} - System32\Tasks\{D541E083-9470-4923-9B6A-E3EAAC5F8E90} => C:\Hry\Worms\wwp.exe [2010-06-11] (Levo)
Task: {71C5B493-4498-4815-8BFB-1AA88D917254} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7ACB32B5-1B1E-4D3F-BE38-347A681A712E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8BD34E84-89B3-435D-AD32-6F92C2287D4D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8E71FDB8-C94C-4AC5-B878-C23B8DA4D078} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8E812183-5805-49E0-B219-FAFCE3CE5533} - System32\Tasks\{CE2A823C-DB83-4B14-977A-D2BFDBFD6874} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {8F76F9A4-0B8D-467D-BE88-1AEC50F9EA1E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {96378E4D-17CF-4F90-B7EC-73222D709A42} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9A2FBE1D-86A8-4214-9288-6480DB446A9D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9A575640-73CA-4B95-A883-3B7D58E250EB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {9D52591D-91EC-4CC5-827F-2050B3255BD4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F193BC5-3D44-4E84-9789-2C5C967D0876} - System32\Tasks\{E3575629-4125-4966-A9C3-6E09915A1EC4} => c:\program files\opera\opera.exe [2014-04-22] (Opera Software)
Task: {A0511C19-76AF-487B-B148-9011082BA441} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {A46E2748-320B-431C-A44B-BE863E06D768} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A5F8B6C9-0965-499C-9ED2-77C030087DD6} - System32\Tasks\{67EF6F39-AF00-433E-943F-AFB796E318F6} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {A6E04EDF-46BA-4073-9BC6-680BB4C8B5E2} - System32\Tasks\{47C17335-E635-4C06-80AF-FB22FB10E36B} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {B939D65F-973B-4337-B596-17858927158C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BACD6C52-2A0E-4A5F-BD8F-D2654D2A100E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BEFE23EF-9CA4-4BDD-93DC-BF0F545D215B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {C71A1190-4F58-4340-9410-396EB5EC4099} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CDA33687-AD72-440D-98C0-C9DF441521AD} - System32\Tasks\{5658BACF-A16F-4A23-871A-072F2675FF55} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {CF8B88B6-87CC-4644-A38A-D866ADDD73CF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D54B1F38-417E-4AF8-89FE-FBE1053F0A0E} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {D8E33655-D3EC-4301-9875-4D72B8893F23} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {D92320EC-6F5E-49C1-A2FA-1540D971C827} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {D94DD1F9-F2FA-491D-86F1-2743ADF462A6} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {DB4D379F-B946-4365-97B5-4E14A04B295F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DCFEA571-FC79-4D04-A506-5607E87C755E} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E00A7D60-2387-4A96-93CE-7AE6AA8AC833} - System32\Tasks\{CAD2C50C-3AA9-4B6E-BC81-5D9B30CFFF8E} => C:\Program Files\Skype\Phone\Skype.exe [2016-03-01] (Skype Technologies S.A.)
Task: {E86DA395-DFC6-4DB5-AA4F-6A1F5EF4F594} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EBC512AC-268A-4970-972B-561FC9975557} - System32\Tasks\{92BDCCB4-B035-4D9D-B6BD-6A5F7ADDA4AA} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {ED69E0FA-D625-4B70-BAE6-9C6062B210C9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {F175E682-A41B-427E-BA36-409B13D5CEEC} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {F1B6A8C1-980A-47DF-A6B1-8C95567926C1} - System32\Tasks\{5C86F17E-2A33-4253-AF3A-CEA4495BBC11} => c:\program files\opera\launcher.exe [2016-04-11] (Opera Software)
Task: {F36C6A0C-34BD-46F8-AC4F-E5C9617B6A97} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {F43B48BD-41CE-49B0-AC7E-2122FE1F5E1B} - System32\Tasks\Opera scheduled Autoupdate 1421265847 => C:\Program Files\Opera\launcher.exe [2016-04-11] (Opera Software)
Task: {FF79A925-BDE7-4DA2-A8E3-DB0C28A18412} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_21_0_0_213_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
A příště už nic nestahuju po půlnoci :p
Albert Einstein: Jen dvě věci jsou nekonečné - vesmír a lidská hloupost. Tím prvním si ovšem nejsem tak jist.
Re: Menší nevirový problém + preventivka
Jdi na java.com/verify a aktualizuj javu na aktualni verzi 8 Update 77 (pozor na adwary od amazonu).
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi
Kód: Vybrat vše
Start CreateRestorePoint: CloseProcesses: HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-2503734218-1681691102-840008259-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = U3 idsvc; no ImagePath U3 wpcsvc; no ImagePath 2016-04-17 10:52 - 2016-04-17 10:52 - 00017827 _____ C:\Users\xx\Desktop\FRST.txt 2016-04-05 01:05 - 2016-04-05 01:05 - 00000000 ____D C:\Users\xx\AppData\Roaming\ImperiaOnline 2016-04-17 10:33 - 2015-05-22 14:05 - 00000000 ____D C:\Program Files\trend micro Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7FEBAF7C-18CF-11D2-993F-00A0C91F3880}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F46316E4-FB1B-46EB-AEDF-9520BFBB916A}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> no filepath Task: {16625FC2-7B52-4A2C-AD2C-6A1E5378B1AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {17544326-9DC5-4F02-A29F-FE4CA7685C20} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {217EBF93-4CAC-4F7E-AE31-9AC721610553} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {438A0207-9FCC-4A58-B39A-F640509E2485} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {66938583-B5B1-4CCE-AB7E-8859E2DE62B3} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files\Google\Chrome\Application\chrome.exe\" --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1440,900" Task: {7ACB32B5-1B1E-4D3F-BE38-347A681A712E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {8BD34E84-89B3-435D-AD32-6F92C2287D4D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {8F76F9A4-0B8D-467D-BE88-1AEC50F9EA1E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {96378E4D-17CF-4F90-B7EC-73222D709A42} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {9A2FBE1D-86A8-4214-9288-6480DB446A9D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {9A575640-73CA-4B95-A883-3B7D58E250EB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {D54B1F38-417E-4AF8-89FE-FBE1053F0A0E} - \CCleanerSkipUAC -> No File <==== ATTENTION Task: {E86DA395-DFC6-4DB5-AA4F-6A1F5EF4F594} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {F36C6A0C-34BD-46F8-AC4F-E5C9617B6A97} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Menší nevirový problém + preventivka
Fixlog
Fix result of Farbar Recovery Scan Tool (x86) Version:16-04-2016 01
Ran by xx (2016-04-17 11:08:44) Run:1
Running from C:\Users\xx\Desktop
Loaded Profiles: xx (Available Profiles: xx & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2503734218-1681691102-840008259-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
2016-04-17 10:52 - 2016-04-17 10:52 - 00017827 _____ C:\Users\xx\Desktop\FRST.txt
2016-04-05 01:05 - 2016-04-05 01:05 - 00000000 ____D C:\Users\xx\AppData\Roaming\ImperiaOnline
2016-04-17 10:33 - 2015-05-22 14:05 - 00000000 ____D C:\Program Files\trend micro
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7FEBAF7C-18CF-11D2-993F-00A0C91F3880}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F46316E4-FB1B-46EB-AEDF-9520BFBB916A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> no filepath
Task: {16625FC2-7B52-4A2C-AD2C-6A1E5378B1AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {17544326-9DC5-4F02-A29F-FE4CA7685C20} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {217EBF93-4CAC-4F7E-AE31-9AC721610553} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {438A0207-9FCC-4A58-B39A-F640509E2485} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {66938583-B5B1-4CCE-AB7E-8859E2DE62B3} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files\Google\Chrome\Application\chrome.exe\" --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1440,900"
Task: {7ACB32B5-1B1E-4D3F-BE38-347A681A712E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8BD34E84-89B3-435D-AD32-6F92C2287D4D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8F76F9A4-0B8D-467D-BE88-1AEC50F9EA1E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {96378E4D-17CF-4F90-B7EC-73222D709A42} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9A2FBE1D-86A8-4214-9288-6480DB446A9D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9A575640-73CA-4B95-A883-3B7D58E250EB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {D54B1F38-417E-4AF8-89FE-FBE1053F0A0E} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {E86DA395-DFC6-4DB5-AA4F-6A1F5EF4F594} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F36C6A0C-34BD-46F8-AC4F-E5C9617B6A97} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
End
*****************
Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
idsvc => service removed successfully.
wpcsvc => service removed successfully.
"C:\Users\xx\Desktop\FRST.txt" => not found.
C:\Users\xx\AppData\Roaming\ImperiaOnline => moved successfully
C:\Program Files\trend micro => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7FEBAF7C-18CF-11D2-993F-00A0C91F3880}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F46316E4-FB1B-46EB-AEDF-9520BFBB916A}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16625FC2-7B52-4A2C-AD2C-6A1E5378B1AE}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16625FC2-7B52-4A2C-AD2C-6A1E5378B1AE}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17544326-9DC5-4F02-A29F-FE4CA7685C20}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17544326-9DC5-4F02-A29F-FE4CA7685C20}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{217EBF93-4CAC-4F7E-AE31-9AC721610553}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{217EBF93-4CAC-4F7E-AE31-9AC721610553}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{438A0207-9FCC-4A58-B39A-F640509E2485}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{438A0207-9FCC-4A58-B39A-F640509E2485}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66938583-B5B1-4CCE-AB7E-8859E2DE62B3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66938583-B5B1-4CCE-AB7E-8859E2DE62B3}" => key removed successfully.
C:\Windows\System32\Tasks\Imperia Online W4 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Imperia Online W4" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7ACB32B5-1B1E-4D3F-BE38-347A681A712E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7ACB32B5-1B1E-4D3F-BE38-347A681A712E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BD34E84-89B3-435D-AD32-6F92C2287D4D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BD34E84-89B3-435D-AD32-6F92C2287D4D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F76F9A4-0B8D-467D-BE88-1AEC50F9EA1E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F76F9A4-0B8D-467D-BE88-1AEC50F9EA1E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96378E4D-17CF-4F90-B7EC-73222D709A42}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96378E4D-17CF-4F90-B7EC-73222D709A42}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A2FBE1D-86A8-4214-9288-6480DB446A9D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A2FBE1D-86A8-4214-9288-6480DB446A9D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A575640-73CA-4B95-A883-3B7D58E250EB}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A575640-73CA-4B95-A883-3B7D58E250EB}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D54B1F38-417E-4AF8-89FE-FBE1053F0A0E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D54B1F38-417E-4AF8-89FE-FBE1053F0A0E}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E86DA395-DFC6-4DB5-AA4F-6A1F5EF4F594}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E86DA395-DFC6-4DB5-AA4F-6A1F5EF4F594}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F36C6A0C-34BD-46F8-AC4F-E5C9617B6A97}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F36C6A0C-34BD-46F8-AC4F-E5C9617B6A97}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully.
The system needed a reboot.
==== End of Fixlog 11:09:16 ====
Fix result of Farbar Recovery Scan Tool (x86) Version:16-04-2016 01
Ran by xx (2016-04-17 11:08:44) Run:1
Running from C:\Users\xx\Desktop
Loaded Profiles: xx (Available Profiles: xx & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-2503734218-1681691102-840008259-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath
2016-04-17 10:52 - 2016-04-17 10:52 - 00017827 _____ C:\Users\xx\Desktop\FRST.txt
2016-04-05 01:05 - 2016-04-05 01:05 - 00000000 ____D C:\Users\xx\AppData\Roaming\ImperiaOnline
2016-04-17 10:33 - 2015-05-22 14:05 - 00000000 ____D C:\Program Files\trend micro
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7FEBAF7C-18CF-11D2-993F-00A0C91F3880}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F46316E4-FB1B-46EB-AEDF-9520BFBB916A}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}\InprocServer32 -> no filepath
Task: {16625FC2-7B52-4A2C-AD2C-6A1E5378B1AE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {17544326-9DC5-4F02-A29F-FE4CA7685C20} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {217EBF93-4CAC-4F7E-AE31-9AC721610553} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {438A0207-9FCC-4A58-B39A-F640509E2485} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {66938583-B5B1-4CCE-AB7E-8859E2DE62B3} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files\Google\Chrome\Application\chrome.exe\" --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1440,900"
Task: {7ACB32B5-1B1E-4D3F-BE38-347A681A712E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {8BD34E84-89B3-435D-AD32-6F92C2287D4D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {8F76F9A4-0B8D-467D-BE88-1AEC50F9EA1E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {96378E4D-17CF-4F90-B7EC-73222D709A42} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {9A2FBE1D-86A8-4214-9288-6480DB446A9D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {9A575640-73CA-4B95-A883-3B7D58E250EB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {D54B1F38-417E-4AF8-89FE-FBE1053F0A0E} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {E86DA395-DFC6-4DB5-AA4F-6A1F5EF4F594} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F36C6A0C-34BD-46F8-AC4F-E5C9617B6A97} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
End
*****************
Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
idsvc => service removed successfully.
wpcsvc => service removed successfully.
"C:\Users\xx\Desktop\FRST.txt" => not found.
C:\Users\xx\AppData\Roaming\ImperiaOnline => moved successfully
C:\Program Files\trend micro => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00BB2763-6A77-11D0-A535-00C04FD7D062}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{00EEBF57-477D-4084-9921-7AB3C2C9459D}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{03C036F1-A186-11D0-824A-00AA005B4383}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{06EEE834-461C-42C2-8DCF-1502B527B1F9}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{078759D3-423B-48AD-AB6A-5638C2884DBE}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0AF10CEC-2ECD-4B92-9581-34F6AE0637F3}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0B91A74B-AD7C-4A9D-B563-29EEF9167172}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0C15D503-D017-47CE-9016-7B3F978721CC}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{0E5AAE11-A475-4C5B-AB00-C66DE400274E}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{104846AB-42B1-4E38-A80D-136F78C3F258}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{18907F3B-9AFB-4F87-B764-F9A4E16A21B8}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{217FC9C0-3AEA-1069-A2DB-08002B30309D}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{35786D3C-B075-49B9-88DD-029876E11C01}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{3AD05575-8857-4850-9277-11B85BDB8E09}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{40DD6E20-7C17-11CE-A804-00AA003CA9F6}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{42042206-2D85-11D3-8CFF-005004838597}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{49F371E1-8C5C-4D9C-9A3B-54A6827F513C}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{50EF4544-AC9F-4A8E-B21B-8A26180DB13F}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{53BD6B4E-3780-4693-AFC3-7161C2F3EE9C}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{603D3800-BD81-11D0-A3A5-00C04FD706EC}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{6311429E-2F1A-4777-880F-C7289FD10169}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{640167B4-59B0-47A6-B335-A6B3C0695AEA}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{71F96385-DDD6-48D3-A0C1-AE06E8B055FB}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{725F645B-EAED-4FC5-B1C5-D9AD0ACCBA5E}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{72EB61E0-8672-4303-9175-F2E4C68B2E7C}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76765B11-3F95-4AF2-AC9D-EA55D8994F1A}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{76D0CB12-7604-4048-B83C-1005C7DDC503}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7EFC002A-071F-4CE7-B265-F4B4263D2FD2}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{7FEBAF7C-18CF-11D2-993F-00A0C91F3880}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{807C1E6C-1D00-453F-B920-B61BB7CDD997}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{82C588E7-E54B-408C-9F8C-6AF9ADF6F1E9}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{934D4698-6A59-48F8-9F29-9FB30670320E}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{942BC614-676C-464E-B384-D3202AAA02DA}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{989D1DC0-B162-11D1-B6EC-D27DDCF9A923}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{9CFC2DF3-6BA3-46EF-A836-E519E81F0EC4}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{A4A1A128-768F-41E0-BF75-E4FDDD701CBA}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{AE054212-3535-4430-83ED-D501AA6680E6}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B056521A-9B10-425E-B616-1FCD828DB3B1}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B155BDF8-02F0-451E-9A26-AE317CFD7779}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3741-5B07-11cf-A4B0-00AA004A55E8}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B54F3743-5B07-11cf-A4B0-00AA004A55E8}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{B8967F85-58AE-4F46-9FB2-5D7904798F4B}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{CACAF262-9370-4615-A13B-9F5539DA4C0A}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D58960BA-2EF3-4910-9E34-C911B1710180}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{DFFACDC5-679F-4156-8947-C5C76BC0B67F}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{EDB5F444-CB8D-445A-A523-EC5AB6EA33C7}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F46316E4-FB1B-46EB-AEDF-9520BFBB916A}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F562A2C8-E850-4F05-8E7A-E7192E4E6C23}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{F8383852-FCD3-11D1-A6B9-006097DF5BD4}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FE841493-835C-4FA3-B6CC-B4B2D4719848}" => key removed successfully.
"HKU\S-1-5-21-2503734218-1681691102-840008259-1000_Classes\CLSID\{FFE2A43C-56B9-4BF5-9A79-CC6D4285608A}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{16625FC2-7B52-4A2C-AD2C-6A1E5378B1AE}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16625FC2-7B52-4A2C-AD2C-6A1E5378B1AE}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17544326-9DC5-4F02-A29F-FE4CA7685C20}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17544326-9DC5-4F02-A29F-FE4CA7685C20}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{217EBF93-4CAC-4F7E-AE31-9AC721610553}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{217EBF93-4CAC-4F7E-AE31-9AC721610553}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{438A0207-9FCC-4A58-B39A-F640509E2485}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{438A0207-9FCC-4A58-B39A-F640509E2485}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66938583-B5B1-4CCE-AB7E-8859E2DE62B3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66938583-B5B1-4CCE-AB7E-8859E2DE62B3}" => key removed successfully.
C:\Windows\System32\Tasks\Imperia Online W4 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Imperia Online W4" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7ACB32B5-1B1E-4D3F-BE38-347A681A712E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7ACB32B5-1B1E-4D3F-BE38-347A681A712E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8BD34E84-89B3-435D-AD32-6F92C2287D4D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BD34E84-89B3-435D-AD32-6F92C2287D4D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8F76F9A4-0B8D-467D-BE88-1AEC50F9EA1E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F76F9A4-0B8D-467D-BE88-1AEC50F9EA1E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96378E4D-17CF-4F90-B7EC-73222D709A42}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96378E4D-17CF-4F90-B7EC-73222D709A42}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9A2FBE1D-86A8-4214-9288-6480DB446A9D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A2FBE1D-86A8-4214-9288-6480DB446A9D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A575640-73CA-4B95-A883-3B7D58E250EB}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A575640-73CA-4B95-A883-3B7D58E250EB}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D54B1F38-417E-4AF8-89FE-FBE1053F0A0E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D54B1F38-417E-4AF8-89FE-FBE1053F0A0E}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E86DA395-DFC6-4DB5-AA4F-6A1F5EF4F594}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E86DA395-DFC6-4DB5-AA4F-6A1F5EF4F594}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F36C6A0C-34BD-46F8-AC4F-E5C9617B6A97}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F36C6A0C-34BD-46F8-AC4F-E5C9617B6A97}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully.
The system needed a reboot.
==== End of Fixlog 11:09:16 ====
Albert Einstein: Jen dvě věci jsou nekonečné - vesmír a lidská hloupost. Tím prvním si ovšem nejsem tak jist.
Re: Menší nevirový problém + preventivka
Stale se okno spousti?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Menší nevirový problém + preventivka
Já nevím, musím počkat do jedný po půlnoci
Holt i mistr tesař se utne, v první řadě mi mělo dojít, že na pouhej samorozbalovací archiv je to velký, samotnej plugin je mrňka.
Jdu na tu javu. S Amazonem si snad poradím
Holt i mistr tesař se utne, v první řadě mi mělo dojít, že na pouhej samorozbalovací archiv je to velký, samotnej plugin je mrňka.
Jdu na tu javu. S Amazonem si snad poradím
Albert Einstein: Jen dvě věci jsou nekonečné - vesmír a lidská hloupost. Tím prvním si ovšem nejsem tak jist.
Re: Menší nevirový problém + preventivka
Javu jsem musel z ovládacích panelů, v Opeře to nějak nešlo, ve Firefoxu jí mám zakázanou
Albert Einstein: Jen dvě věci jsou nekonečné - vesmír a lidská hloupost. Tím prvním si ovšem nejsem tak jist.
Re: Menší nevirový problém + preventivka
To je dobre... Java je potencialni zranitelnost
Jen pro info... problem byl v naplanovanych ulohach, kdy se pravidelne spoustelo okno Chromu s nezadoucim webem. Ted by melo byt po vsem.
Jen pro info... problem byl v naplanovanych ulohach, kdy se pravidelne spoustelo okno Chromu s nezadoucim webem. Ted by melo byt po vsem.
fixlog píše:Task: {66938583-B5B1-4CCE-AB7E-8859E2DE62B3} - System32\Tasks\Imperia Online W4 => Chrome.exe \C:\Program Files\Google\Chrome\Application\chrome.exe\" --app=hxxp://www.imperiaonline.org/?ref_ad=src123 --app-window-size=1440,900"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66938583-B5B1-4CCE-AB7E-8859E2DE62B3}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66938583-B5B1-4CCE-AB7E-8859E2DE62B3}" => key removed successfully.
C:\Windows\System32\Tasks\Imperia Online W4 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Imperia Online W4" => key removed successfully.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Menší nevirový problém + preventivka
Jasný díky.
Nejradši bych všude zakázal i flash, jenže flashový hry mám rád. A bohužel i ty který nejsou ve flashi mají nějakou flashovou část
Jinak čisto? Dělal jsem i sken MBAM takže nejspíš ano, ale člověk nikdy neví
díky.Nejradši bych všude zakázal i flash, jenže flashový hry mám rád. A bohužel i ty který nejsou ve flashi mají nějakou flashovou část
Jinak čisto? Dělal jsem i sken MBAM takže nejspíš ano, ale člověk nikdy neví
Albert Einstein: Jen dvě věci jsou nekonečné - vesmír a lidská hloupost. Tím prvním si ovšem nejsem tak jist.
Re: Menší nevirový problém + preventivka
Jestli je cisto nemuzes nikdy vedet, ale ja uz dalsi malware nevidim
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Menší nevirový problém + preventivka
Provedeno.
MBAM nic neviděl, Kašperskej jede, a počkám jestli se problém náhodou nevrátí ale neměl by.
Akorát mi nejde microsoftí Solitaire, to je nějakej trabl co má víc userů desítek a nikde jsem k tomu pořádně nic neviděl, tak spíš na okraj jestli o tom tady někdo něco neví.
MBAM nic neviděl, Kašperskej jede, a počkám jestli se problém náhodou nevrátí
ale neměl by.Akorát mi nejde microsoftí Solitaire, to je nějakej trabl co má víc userů desítek a nikde jsem k tomu pořádně nic neviděl, tak spíš na okraj jestli o tom tady někdo něco neví.
Albert Einstein: Jen dvě věci jsou nekonečné - vesmír a lidská hloupost. Tím prvním si ovšem nejsem tak jist.
Přispějete na provoz fóra?