Dobrý den,
dnes ráno mi antivir nahlásil trojan v souboru C:/Windows/server.exe, pomocí antiviru jsem ho přesunul do karantény. Prosím, podívejte se mi na to.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by Jirka (administrator) on C02-519B (13-05-2016 07:00:41)
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka (Available Profiles: Jirka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-x64-V5.36-delta.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM\...\Run: [MouseDriver] => C:\windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011824 2013-01-29] (Synaptics Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-01-31] ()
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184704 2012-03-16] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672 2016-04-22] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-810802290-4177850383-1836218489-1002\...\MountPoints2: {68a5c9e6-cf77-11e3-9556-b4b52f751fa0} - D:\AutoRun.exe
Startup: C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk [2015-09-16]
ShortcutTarget: ctfmon.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{54BB81C7-76BC-42C3-9E16-2E976C8CC0D3}: [DhcpNameServer] 147.229.191.143 147.229.190.143
Tcpip\..\Interfaces\{880D933B-8DBE-4A5B-A18C-0D8BCF1B0FC2}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-810802290-4177850383-1836218489-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-01-19] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\jr2rwh1z.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-13] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-810802290-4177850383-1836218489-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-10-26] (Ubisoft)
FF Extension: Adblock Plus - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\jr2rwh1z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [File not signed]
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2013-12-28] (Dassault Systèmes) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-02-03] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2016-02-23] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-10] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.)
S3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [30592 2012-11-10] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2016-02-23] ()
R1 MpKslfc86f3e5; C:\windows\system32\MpEngineStore\MpKslfc86f3e5.sys [44928 2016-05-13] (Microsoft Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-11-10] (Duplex Secure Ltd.)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
U3 ai6bk41m; C:\Windows\System32\Drivers\ai6bk41m.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 cpuz135; \??\C:\windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-13 07:00 - 2016-05-13 07:03 - 00017904 _____ C:\Users\Jirka\Desktop\FRST.txt
2016-05-13 06:57 - 2016-05-13 06:57 - 00000000 ____D C:\windows\system32\MpEngineStore
2016-05-13 06:52 - 2016-05-13 06:52 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher.exe
2016-05-13 06:51 - 2016-05-13 06:52 - 02381312 _____ (Farbar) C:\Users\Jirka\Desktop\FRST64.exe
2016-05-08 20:44 - 2016-05-08 20:44 - 00001252 _____ C:\Users\Public\Desktop\Arkham Asylum.lnk
2016-05-08 20:44 - 2016-05-08 20:44 - 00001252 _____ C:\ProgramData\Desktop\Arkham Asylum.lnk
2016-05-08 20:44 - 2016-05-08 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square-Enix
2016-05-08 20:35 - 2016-05-08 20:35 - 00000000 ____D C:\Program Files (x86)\Square-Enix
2016-05-06 18:29 - 2016-05-06 23:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-23 17:28 - 2016-04-23 17:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-04-23 17:28 - 2016-04-23 17:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-04-13 18:09 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-04-13 18:09 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-04-13 18:09 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-04-13 18:09 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-04-13 18:09 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-04-13 18:09 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-04-13 18:09 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-04-13 18:09 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-04-13 18:09 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-04-13 18:09 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-04-13 18:09 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-04-13 18:09 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-04-13 18:09 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-04-13 18:09 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-04-13 18:09 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-04-13 18:09 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-04-13 18:09 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-04-13 18:09 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-04-13 18:09 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-04-13 18:09 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-04-13 18:09 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-04-13 18:09 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-04-13 18:09 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-04-13 18:09 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-04-13 18:09 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-04-13 18:09 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-04-13 18:09 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-13 18:09 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-04-13 18:09 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-04-13 18:09 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-04-13 18:09 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-04-13 18:09 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-04-13 18:09 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-04-13 18:09 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-04-13 18:09 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-04-13 18:09 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-04-13 18:09 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-04-13 18:09 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-04-13 18:09 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-04-13 18:09 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-04-13 18:09 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-04-13 18:09 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-04-13 18:09 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-04-13 18:09 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-04-13 18:09 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-04-13 18:09 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-04-13 18:09 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-04-13 18:09 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-04-13 18:09 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-04-13 18:09 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-04-13 18:09 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-04-13 18:09 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-04-13 18:09 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-04-13 18:09 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-04-13 18:09 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-04-13 18:09 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 18:09 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 18:09 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-04-13 18:09 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-04-13 18:09 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-04-13 18:09 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-04-13 18:09 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-04-13 18:09 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-04-13 18:09 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-04-13 18:09 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-04-13 18:09 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-04-13 18:09 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-04-13 18:09 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-04-13 18:09 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-04-13 18:09 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-04-13 18:09 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-04-13 18:09 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-04-13 18:09 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-04-13 18:09 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-04-13 18:09 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 18:09 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 18:09 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 18:09 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 18:09 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-04-13 18:09 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-04-13 18:09 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-04-13 18:09 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-04-13 18:09 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-13 18:09 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-13 18:09 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-13 18:09 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-13 18:09 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-04-13 18:09 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-13 18:09 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-04-13 18:09 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2016-04-13 18:09 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2016-04-13 18:09 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2016-04-13 18:09 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-04-13 18:09 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-04-13 18:09 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-04-13 18:08 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-04-13 18:08 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-04-13 18:08 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-04-13 18:08 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-04-13 18:08 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-04-13 18:08 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-04-13 18:08 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-04-13 18:08 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-04-13 18:08 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-04-13 18:08 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-04-13 18:08 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-04-13 18:08 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-04-13 18:08 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-04-13 18:08 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-04-13 18:08 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-04-13 18:08 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-04-13 18:08 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-04-13 18:08 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-04-13 18:08 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-04-13 18:08 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-04-13 18:08 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-04-13 18:08 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-04-13 18:08 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-04-13 18:08 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 18:08 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-04-13 18:08 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-04-13 18:08 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-04-13 18:08 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-04-13 18:08 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-04-13 18:08 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-04-13 18:08 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-04-13 18:08 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-04-13 18:08 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-04-13 18:08 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-04-13 18:08 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-04-13 18:08 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-04-13 18:08 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-04-13 18:08 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-04-13 18:08 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-04-13 18:08 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-04-13 18:08 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-04-13 18:08 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-04-13 18:08 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-04-13 18:08 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-04-13 18:08 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-04-13 18:08 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-04-13 18:08 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-04-13 18:08 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-04-13 18:08 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-13 18:08 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-04-13 18:08 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-04-13 18:08 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-04-13 18:08 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-04-13 18:08 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-04-13 18:08 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-04-13 18:08 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-04-13 18:08 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-04-13 18:08 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-04-13 18:08 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-04-13 18:08 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-04-13 18:08 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-04-13 18:08 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-04-13 18:08 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-04-13 18:08 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-04-13 18:08 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-04-13 18:08 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-04-13 18:08 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-04-13 18:08 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-04-13 18:08 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
2016-04-13 18:08 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-04-13 18:08 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-13 07:00 - 2015-07-30 19:00 - 00000000 ____D C:\FRST
2016-05-13 06:46 - 2013-07-16 00:21 - 00000000 ____D C:\windows\system32\MRT
2016-05-13 06:46 - 2012-11-16 13:51 - 139319312 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-05-11 21:04 - 2012-11-06 16:16 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-10 21:00 - 2012-11-21 20:30 - 00000000 ____D C:\Games
2016-05-10 18:27 - 2012-04-17 06:18 - 00669164 _____ C:\windows\system32\perfh005.dat
2016-05-10 18:27 - 2012-04-17 06:18 - 00141790 _____ C:\windows\system32\perfc005.dat
2016-05-10 18:27 - 2009-07-14 07:13 - 01584756 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-10 18:27 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-05-10 17:13 - 2009-07-14 06:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-10 17:13 - 2009-07-14 06:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-10 17:09 - 2015-11-04 18:24 - 00000558 _____ C:\windows\Tasks\Adobe Acrobat Update Task.job
2016-05-10 17:07 - 2015-06-02 12:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-09 23:02 - 2014-08-14 11:37 - 00000000 ____D C:\filmy
2016-05-08 21:32 - 2015-05-02 14:52 - 00000000 ____D C:\Users\Jirka\Documents\Square Enix
2016-05-07 11:33 - 2012-12-04 19:36 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\uTorrent
2016-05-07 11:33 - 2012-11-04 23:27 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\vlc
2016-05-07 10:53 - 2015-06-05 09:32 - 01005056 ___SH C:\Users\Jirka\Desktop\Thumbs.db
2016-05-07 10:45 - 2015-02-19 18:57 - 00000000 __SHD C:\Users\Jirka\AppData\LocalLow\EmieBrowserModeList
2016-05-07 10:45 - 2014-12-16 22:43 - 00000000 __SHD C:\Users\Jirka\AppData\Local\EmieBrowserModeList
2016-05-07 10:45 - 2014-05-13 17:18 - 00000000 __SHD C:\Users\Jirka\AppData\LocalLow\EmieUserList
2016-05-07 10:45 - 2014-05-07 22:14 - 00000000 __SHD C:\Users\Jirka\AppData\Local\EmieUserList
2016-05-07 10:45 - 2014-05-07 22:14 - 00000000 __SHD C:\Users\Jirka\AppData\Local\EmieSiteList
2016-05-07 10:45 - 2013-02-11 20:35 - 00000000 ____D C:\Users\Jirka\AppData\Local\CrashDumps
2016-05-07 09:49 - 2015-04-05 12:19 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-07 09:49 - 2015-04-05 12:19 - 00000000 ___SD C:\windows\system32\GWX
2016-05-06 05:46 - 2014-12-11 11:30 - 00000000 ____D C:\windows\system32\appraiser
2016-04-29 17:40 - 2013-10-09 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-04-28 22:09 - 2014-05-26 21:39 - 00000000 ____D C:\Program Files (x86)\GOG.com
2016-04-23 17:28 - 2012-11-07 02:42 - 00000000 ____D C:\Users\Jirka\Documents\My Games
2016-04-23 17:01 - 2012-12-04 19:37 - 00000949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-04-23 17:01 - 2012-12-04 19:37 - 00000000 ____D C:\Program Files (x86)\uTorrent
2016-04-18 08:12 - 2012-04-17 07:24 - 01560406 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-04-16 14:14 - 2009-07-14 06:45 - 00407560 _____ C:\windows\system32\FNTCACHE.DAT
2016-04-13 19:09 - 2015-10-03 09:16 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-04-13 19:09 - 2014-08-14 18:32 - 00000000 ____D C:\Users\Jirka\AppData\Local\Adobe
2016-04-13 19:09 - 2012-11-12 22:01 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-13 19:09 - 2012-11-12 22:01 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2012-11-07 15:52 - 2012-11-07 15:52 - 0000522 _____ () C:\Users\Jirka\AppData\Roaming\GPU Monitor_GPU0_Settings.ini
2012-11-06 20:13 - 2012-11-07 15:37 - 0000522 _____ () C:\Users\Jirka\AppData\Roaming\GPU Monitor_GPU1_Settings.ini
2012-11-06 19:45 - 2015-08-22 09:47 - 0007606 _____ () C:\Users\Jirka\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Jirka\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\HPCeeScheduleForJirka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jirka\Desktop" je 2 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
server.exe
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: server.exe
Zdravím!
Server.exe je opravdu trojan. Spusťte tuto utilitu:
Server.exe je opravdu trojan. Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: server.exe
Po restartu mi vyskočil nástroj pro odstranění škodlivého softwaru a odstranil Backdoor: MSIL/Bladabindi, mohlo by mě to nějak poškodit?
# AdwCleaner v5.116 - Log soubor vytvořen 13/05/2016 o 22:26:48
# Aktualizováno 09/05/2016 by Xplode
# Databáze : 2016-05-13.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Jméno uživatele : Jirka - C02-519B
# Spuštěno z : C:\Users\Jirka\Desktop\adwcleaner_5.116.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
[-] Klávesa smazáno : HKCU\Software\16164a1e5cc9ddab242c8f4ba1b55858
[-] Klávesa smazáno : HKLM\SOFTWARE\Lavasoft\Web Companion
***** [ Webové prohlížeče ] *****
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [925 bytes] - [13/05/2016 22:26:48]
C:\AdwCleaner\AdwCleaner[S1].txt - [960 bytes] - [13/05/2016 22:25:22]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1069 bytes] ##########
# AdwCleaner v5.116 - Log soubor vytvořen 13/05/2016 o 22:26:48
# Aktualizováno 09/05/2016 by Xplode
# Databáze : 2016-05-13.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Jméno uživatele : Jirka - C02-519B
# Spuštěno z : C:\Users\Jirka\Desktop\adwcleaner_5.116.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum
***** [ Služby ] *****
***** [ Složky ] *****
***** [ Soubory ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Zástupci ] *****
***** [ Naplánované úkoly ] *****
***** [ Registr ] *****
[-] Klávesa smazáno : HKCU\Software\16164a1e5cc9ddab242c8f4ba1b55858
[-] Klávesa smazáno : HKLM\SOFTWARE\Lavasoft\Web Companion
***** [ Webové prohlížeče ] *****
*************************
:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [925 bytes] - [13/05/2016 22:26:48]
C:\AdwCleaner\AdwCleaner[S1].txt - [960 bytes] - [13/05/2016 22:25:22]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1069 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: server.exe
Dejte nový log FRST:
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: server.exe
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
Ran by Jirka (administrator) on C02-519B (13-05-2016 22:54:05)
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka (Available Profiles: Jirka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM\...\Run: [MouseDriver] => C:\windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011824 2013-01-29] (Synaptics Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-01-31] ()
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184704 2012-03-16] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672 2016-04-22] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-810802290-4177850383-1836218489-1002\...\MountPoints2: {68a5c9e6-cf77-11e3-9556-b4b52f751fa0} - D:\AutoRun.exe
Startup: C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk [2015-09-16]
ShortcutTarget: ctfmon.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{54BB81C7-76BC-42C3-9E16-2E976C8CC0D3}: [DhcpNameServer] 147.229.191.143 147.229.190.143
Tcpip\..\Interfaces\{880D933B-8DBE-4A5B-A18C-0D8BCF1B0FC2}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-810802290-4177850383-1836218489-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-01-19] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\jr2rwh1z.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-13] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-810802290-4177850383-1836218489-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-10-26] (Ubisoft)
FF Extension: Adblock Plus - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\jr2rwh1z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [File not signed]
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2013-12-28] (Dassault Systèmes) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-02-03] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2016-02-23] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-10] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.)
S3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [30592 2012-11-10] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2016-02-23] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-11-10] (Duplex Secure Ltd.)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
U3 aakrj56a; C:\Windows\System32\Drivers\aakrj56a.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 cpuz135; \??\C:\windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-13 22:25 - 2016-05-13 22:26 - 00000000 ____D C:\AdwCleaner
2016-05-13 21:55 - 2016-05-13 21:55 - 03640384 _____ C:\Users\Jirka\Desktop\adwcleaner_5.116.exe
2016-05-13 07:00 - 2016-05-13 22:55 - 00017134 _____ C:\Users\Jirka\Desktop\FRST.txt
2016-05-13 06:52 - 2016-05-13 06:52 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher.exe
2016-05-13 06:51 - 2016-05-13 06:52 - 02381312 _____ (Farbar) C:\Users\Jirka\Desktop\FRST64.exe
2016-05-11 22:02 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-05-11 22:02 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-05-11 22:02 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-05-11 22:02 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-05-11 22:02 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-05-11 22:02 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-05-11 22:02 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-05-11 22:02 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-05-11 22:02 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-05-11 22:02 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-05-11 22:02 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-05-11 22:02 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-05-11 22:02 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-05-11 22:02 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-05-11 22:02 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-05-11 22:02 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-05-11 22:02 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-05-11 22:02 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-05-11 22:02 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-05-11 22:02 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-05-11 22:02 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-05-11 22:02 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 22:02 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-05-11 22:02 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-05-11 22:02 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-05-11 22:02 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-05-11 22:02 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-05-11 22:02 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-05-11 22:02 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-05-11 22:02 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-05-11 22:02 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-05-11 22:02 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-05-11 22:02 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-05-11 22:02 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-05-11 22:02 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-05-11 22:02 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-05-11 22:02 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-05-11 22:02 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-05-11 22:02 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-05-11 22:02 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-05-11 22:02 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-05-11 22:02 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-05-11 22:02 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-05-11 22:02 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-05-11 22:02 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-05-11 22:02 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-05-11 22:02 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-05-11 22:02 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-05-11 22:02 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-05-11 22:02 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 22:02 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-05-11 22:02 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-05-11 22:02 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-05-11 22:02 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-05-11 22:02 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-05-11 22:02 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-05-11 22:02 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-05-11 22:02 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-05-11 22:02 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-05-11 22:02 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-05-11 22:02 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-05-11 22:02 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-05-11 22:02 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-05-11 22:02 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-05-11 22:02 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-05-11 22:02 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-05-11 22:02 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-05-11 22:02 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-05-11 22:02 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-05-11 22:02 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-05-11 22:02 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-05-11 22:02 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-05-11 22:02 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-05-11 22:02 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-05-11 22:02 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-05-11 22:02 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-05-11 22:02 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-05-11 22:02 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-05-11 22:02 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2016-05-11 22:01 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-05-11 22:01 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-05-11 22:01 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-05-11 22:01 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-05-11 22:01 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-05-11 22:01 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-05-11 22:01 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-05-11 22:01 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-05-11 22:01 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-05-11 22:01 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-05-11 22:01 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-05-11 22:01 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-05-11 22:01 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-05-11 22:01 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-05-11 22:01 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-05-11 22:01 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-05-11 22:01 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-05-11 22:01 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-05-11 22:01 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-05-11 22:01 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-05-11 22:01 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-05-11 22:01 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-05-11 22:01 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-05-11 22:01 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-05-11 22:01 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 22:00 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-05-11 22:00 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-05-08 20:44 - 2016-05-08 20:44 - 00001252 _____ C:\Users\Public\Desktop\Arkham Asylum.lnk
2016-05-08 20:44 - 2016-05-08 20:44 - 00001252 _____ C:\ProgramData\Desktop\Arkham Asylum.lnk
2016-05-08 20:44 - 2016-05-08 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square-Enix
2016-05-08 20:35 - 2016-05-08 20:35 - 00000000 ____D C:\Program Files (x86)\Square-Enix
2016-05-06 18:29 - 2016-05-06 23:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-23 17:28 - 2016-04-23 17:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-04-23 17:28 - 2016-04-23 17:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-04-13 18:09 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-04-13 18:09 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-04-13 18:09 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-04-13 18:09 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-04-13 18:09 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-13 18:09 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-04-13 18:09 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-04-13 18:09 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-04-13 18:09 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-04-13 18:09 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-04-13 18:09 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-13 18:09 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-13 18:09 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-13 18:09 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-13 18:09 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-04-13 18:09 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-13 18:09 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-04-13 18:09 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2016-04-13 18:09 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2016-04-13 18:09 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2016-04-13 18:09 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-04-13 18:09 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-04-13 18:09 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-04-13 18:08 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-04-13 18:08 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-04-13 18:08 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-13 22:54 - 2015-07-30 19:00 - 00000000 ____D C:\FRST
2016-05-13 22:39 - 2009-07-14 06:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-13 22:39 - 2009-07-14 06:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-13 22:37 - 2013-07-16 00:21 - 00000000 ____D C:\windows\system32\MRT
2016-05-13 22:33 - 2014-08-14 11:37 - 00000000 ____D C:\filmy
2016-05-13 21:55 - 2012-11-06 16:16 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-13 15:54 - 2012-04-17 06:18 - 00669164 _____ C:\windows\system32\perfh005.dat
2016-05-13 15:54 - 2012-04-17 06:18 - 00141790 _____ C:\windows\system32\perfc005.dat
2016-05-13 15:54 - 2009-07-14 07:13 - 01584756 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-13 15:54 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-05-13 07:20 - 2009-07-14 06:45 - 00407560 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-13 07:17 - 2014-12-11 11:30 - 00000000 ____D C:\windows\system32\appraiser
2016-05-13 07:17 - 2012-04-17 06:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-13 06:46 - 2012-11-16 13:51 - 139319312 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-05-10 21:00 - 2012-11-21 20:30 - 00000000 ____D C:\Games
2016-05-10 17:09 - 2015-11-04 18:24 - 00000558 _____ C:\windows\Tasks\Adobe Acrobat Update Task.job
2016-05-10 17:07 - 2015-06-02 12:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-08 21:32 - 2015-05-02 14:52 - 00000000 ____D C:\Users\Jirka\Documents\Square Enix
2016-05-07 11:33 - 2012-12-04 19:36 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\uTorrent
2016-05-07 11:33 - 2012-11-04 23:27 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\vlc
2016-05-07 10:53 - 2015-06-05 09:32 - 01005056 ___SH C:\Users\Jirka\Desktop\Thumbs.db
2016-05-07 10:45 - 2015-02-19 18:57 - 00000000 __SHD C:\Users\Jirka\AppData\LocalLow\EmieBrowserModeList
2016-05-07 10:45 - 2014-12-16 22:43 - 00000000 __SHD C:\Users\Jirka\AppData\Local\EmieBrowserModeList
2016-05-07 10:45 - 2014-05-13 17:18 - 00000000 __SHD C:\Users\Jirka\AppData\LocalLow\EmieUserList
2016-05-07 10:45 - 2014-05-07 22:14 - 00000000 __SHD C:\Users\Jirka\AppData\Local\EmieUserList
2016-05-07 10:45 - 2014-05-07 22:14 - 00000000 __SHD C:\Users\Jirka\AppData\Local\EmieSiteList
2016-05-07 10:45 - 2013-02-11 20:35 - 00000000 ____D C:\Users\Jirka\AppData\Local\CrashDumps
2016-05-07 09:49 - 2015-04-05 12:19 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-07 09:49 - 2015-04-05 12:19 - 00000000 ___SD C:\windows\system32\GWX
2016-04-29 17:40 - 2013-10-09 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-04-28 22:09 - 2014-05-26 21:39 - 00000000 ____D C:\Program Files (x86)\GOG.com
2016-04-23 17:28 - 2012-11-07 02:42 - 00000000 ____D C:\Users\Jirka\Documents\My Games
2016-04-23 17:01 - 2012-12-04 19:37 - 00000949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-04-23 17:01 - 2012-12-04 19:37 - 00000000 ____D C:\Program Files (x86)\uTorrent
2016-04-18 08:12 - 2012-04-17 07:24 - 01560406 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-04-13 19:09 - 2015-10-03 09:16 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-04-13 19:09 - 2014-08-14 18:32 - 00000000 ____D C:\Users\Jirka\AppData\Local\Adobe
2016-04-13 19:09 - 2012-11-12 22:01 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-13 19:09 - 2012-11-12 22:01 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2012-11-07 15:52 - 2012-11-07 15:52 - 0000522 _____ () C:\Users\Jirka\AppData\Roaming\GPU Monitor_GPU0_Settings.ini
2012-11-06 20:13 - 2012-11-07 15:37 - 0000522 _____ () C:\Users\Jirka\AppData\Roaming\GPU Monitor_GPU1_Settings.ini
2012-11-06 19:45 - 2015-08-22 09:47 - 0007606 _____ () C:\Users\Jirka\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Jirka\AppData\Local\Temp\avgnt.exe
C:\Users\Jirka\AppData\Local\Temp\libeay32.dll
C:\Users\Jirka\AppData\Local\Temp\msvcr120.dll
C:\Users\Jirka\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\HPCeeScheduleForJirka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jirka\Desktop" je 5 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
Ran by Jirka (administrator) on C02-519B (13-05-2016 22:54:05)
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka (Available Profiles: Jirka)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM\...\Run: [MouseDriver] => C:\windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3011824 2013-01-29] (Synaptics Incorporated)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [319360 2012-03-14] (Hewlett-Packard Company)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-01-31] ()
HKLM-x32\...\Run: [HPConnectionManager] => c:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184704 2012-03-16] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672 2016-04-22] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-810802290-4177850383-1836218489-1002\...\MountPoints2: {68a5c9e6-cf77-11e3-9556-b4b52f751fa0} - D:\AutoRun.exe
Startup: C:\Users\Jirka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk [2015-09-16]
ShortcutTarget: ctfmon.lnk -> C:\Windows\System32\ctfmon.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{54BB81C7-76BC-42C3-9E16-2E976C8CC0D3}: [DhcpNameServer] 147.229.191.143 147.229.190.143
Tcpip\..\Interfaces\{880D933B-8DBE-4A5B-A18C-0D8BCF1B0FC2}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-810802290-4177850383-1836218489-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-01-19] (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
FireFox:
========
FF ProfilePath: C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\jr2rwh1z.default
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-13] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-10-15] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-810802290-4177850383-1836218489-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2012-10-26] (Ubisoft)
FF Extension: Adblock Plus - C:\Users\Jirka\AppData\Roaming\Mozilla\Firefox\Profiles\jr2rwh1z.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-10] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [File not signed]
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2013-12-28] (Dassault Systèmes) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [365440 2012-03-14] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165144 2012-03-28] (Intel Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-02-03] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2016-02-23] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-10] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.)
S3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [30592 2012-11-10] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2016-02-23] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-11-10] (Duplex Secure Ltd.)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
U3 aakrj56a; C:\Windows\System32\Drivers\aakrj56a.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 cpuz135; \??\C:\windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 Huawei; system32\DRIVERS\ewdcsc.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-13 22:25 - 2016-05-13 22:26 - 00000000 ____D C:\AdwCleaner
2016-05-13 21:55 - 2016-05-13 21:55 - 03640384 _____ C:\Users\Jirka\Desktop\adwcleaner_5.116.exe
2016-05-13 07:00 - 2016-05-13 22:55 - 00017134 _____ C:\Users\Jirka\Desktop\FRST.txt
2016-05-13 06:52 - 2016-05-13 06:52 - 00112640 _____ (forum.viry.cz) C:\Users\Jirka\Desktop\FRSTLauncher.exe
2016-05-13 06:51 - 2016-05-13 06:52 - 02381312 _____ (Farbar) C:\Users\Jirka\Desktop\FRST64.exe
2016-05-11 22:02 - 2016-04-23 19:08 - 00394960 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2016-05-11 22:02 - 2016-04-23 18:24 - 00346312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2016-05-11 22:02 - 2016-04-23 07:25 - 25816064 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2016-05-11 22:02 - 2016-04-23 07:16 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2016-05-11 22:02 - 2016-04-23 07:16 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2016-05-11 22:02 - 2016-04-23 07:01 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2016-05-11 22:02 - 2016-04-23 07:00 - 02893312 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2016-05-11 22:02 - 2016-04-23 07:00 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2016-05-11 22:02 - 2016-04-23 07:00 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2016-05-11 22:02 - 2016-04-23 07:00 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2016-05-11 22:02 - 2016-04-23 07:00 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2016-05-11 22:02 - 2016-04-23 06:52 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2016-05-11 22:02 - 2016-04-23 06:51 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2016-05-11 22:02 - 2016-04-23 06:48 - 00615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2016-05-11 22:02 - 2016-04-23 06:47 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2016-05-11 22:02 - 2016-04-23 06:47 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2016-05-11 22:02 - 2016-04-23 06:47 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2016-05-11 22:02 - 2016-04-23 06:47 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2016-05-11 22:02 - 2016-04-23 06:46 - 06052352 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2016-05-11 22:02 - 2016-04-23 06:40 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2016-05-11 22:02 - 2016-04-23 06:36 - 00489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2016-05-11 22:02 - 2016-04-23 06:29 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2016-05-11 22:02 - 2016-04-23 06:27 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2016-05-11 22:02 - 2016-04-23 06:25 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2016-05-11 22:02 - 2016-04-23 06:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2016-05-11 22:02 - 2016-04-23 06:21 - 00315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2016-05-11 22:02 - 2016-04-23 06:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2016-05-11 22:02 - 2016-04-23 06:20 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2016-05-11 22:02 - 2016-04-23 06:11 - 20350464 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2016-05-11 22:02 - 2016-04-23 06:09 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2016-05-11 22:02 - 2016-04-23 06:08 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2016-05-11 22:02 - 2016-04-23 06:08 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2016-05-11 22:02 - 2016-04-23 06:08 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2016-05-11 22:02 - 2016-04-23 06:07 - 00725504 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2016-05-11 22:02 - 2016-04-23 06:07 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2016-05-11 22:02 - 2016-04-23 06:07 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2016-05-11 22:02 - 2016-04-23 06:06 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2016-05-11 22:02 - 2016-04-23 06:06 - 00806400 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2016-05-11 22:02 - 2016-04-23 06:05 - 02131968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2016-05-11 22:02 - 2016-04-23 06:04 - 02285568 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2016-05-11 22:02 - 2016-04-23 06:02 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2016-05-11 22:02 - 2016-04-23 06:01 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2016-05-11 22:02 - 2016-04-23 06:00 - 15415808 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2016-05-11 22:02 - 2016-04-23 05:59 - 00476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2016-05-11 22:02 - 2016-04-23 05:58 - 00663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2016-05-11 22:02 - 2016-04-23 05:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2016-05-11 22:02 - 2016-04-23 05:58 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2016-05-11 22:02 - 2016-04-23 05:51 - 02596864 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2016-05-11 22:02 - 2016-04-23 05:50 - 00416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2016-05-11 22:02 - 2016-04-23 05:45 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-05-11 22:02 - 2016-04-23 05:44 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2016-05-11 22:02 - 2016-04-23 05:43 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2016-05-11 22:02 - 2016-04-23 05:41 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2016-05-11 22:02 - 2016-04-23 05:40 - 00279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2016-05-11 22:02 - 2016-04-23 05:39 - 01547776 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2016-05-11 22:02 - 2016-04-23 05:39 - 00130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2016-05-11 22:02 - 2016-04-23 05:36 - 04611072 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2016-05-11 22:02 - 2016-04-23 05:33 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2016-05-11 22:02 - 2016-04-23 05:31 - 00693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2016-05-11 22:02 - 2016-04-23 05:30 - 02056192 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2016-05-11 22:02 - 2016-04-23 05:30 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2016-05-11 22:02 - 2016-04-23 05:28 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2016-05-11 22:02 - 2016-04-23 05:26 - 13811200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2016-05-11 22:02 - 2016-04-23 05:12 - 02121216 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2016-05-11 22:02 - 2016-04-23 05:09 - 01312256 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2016-05-11 22:02 - 2016-04-23 05:07 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2016-05-11 22:02 - 2016-04-14 15:49 - 00603648 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10level9.dll
2016-05-11 22:02 - 2016-04-14 15:21 - 00647680 _____ (Microsoft Corporation) C:\windows\system32\d3d10level9.dll
2016-05-11 22:02 - 2016-04-09 09:01 - 00986344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2016-05-11 22:02 - 2016-04-09 09:01 - 00264936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
2016-05-11 22:02 - 2016-04-09 08:58 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-05-11 22:02 - 2016-04-09 08:57 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2016-05-11 22:02 - 2016-04-09 08:57 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2016-05-11 22:02 - 2016-04-09 08:54 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2016-05-11 22:02 - 2016-04-09 08:54 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-05-11 22:02 - 2016-04-09 07:49 - 03217408 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-05-11 22:02 - 2016-04-06 17:27 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\jnwmon.dll
2016-05-11 22:02 - 2016-03-09 20:54 - 00275456 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2016-05-11 22:02 - 2016-03-09 20:34 - 00216064 _____ (Microsoft Corporation) C:\windows\SysWOW64\InkEd.dll
2016-05-11 22:01 - 2016-04-09 09:02 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-05-11 22:01 - 2016-04-09 09:01 - 05546216 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-05-11 22:01 - 2016-04-09 09:01 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-05-11 22:01 - 2016-04-09 09:01 - 00154344 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-05-11 22:01 - 2016-04-09 09:01 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-05-11 22:01 - 2016-04-09 08:59 - 03998952 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-05-11 22:01 - 2016-04-09 08:59 - 03943144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-05-11 22:01 - 2016-04-09 08:59 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-05-11 22:01 - 2016-04-09 08:58 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:57 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00251392 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 08:54 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 07:52 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-05-11 22:01 - 2016-04-09 07:52 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-05-11 22:01 - 2016-04-09 07:52 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-05-11 22:01 - 2016-04-09 07:51 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-05-11 22:01 - 2016-04-09 07:48 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-05-11 22:01 - 2016-04-09 07:47 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-05-11 22:01 - 2016-04-09 07:44 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-05-11 22:01 - 2016-04-09 07:44 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-05-11 22:01 - 2016-04-09 07:44 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-05-11 22:01 - 2016-04-09 07:43 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-05-11 22:01 - 2016-04-09 07:43 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-05-11 22:01 - 2016-04-09 07:42 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-05-11 22:01 - 2016-04-09 07:38 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-05-11 22:01 - 2016-04-09 07:38 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-05-11 22:01 - 2016-04-09 07:38 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-05-11 22:01 - 2016-04-09 07:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-05-11 22:01 - 2016-04-09 07:37 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-05-11 22:01 - 2016-04-09 07:37 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 07:37 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 07:37 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-05-11 22:01 - 2016-04-09 07:37 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-05-11 22:00 - 2016-04-09 06:20 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2016-05-11 22:00 - 2016-04-09 05:52 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2016-05-08 20:44 - 2016-05-08 20:44 - 00001252 _____ C:\Users\Public\Desktop\Arkham Asylum.lnk
2016-05-08 20:44 - 2016-05-08 20:44 - 00001252 _____ C:\ProgramData\Desktop\Arkham Asylum.lnk
2016-05-08 20:44 - 2016-05-08 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Square-Enix
2016-05-08 20:35 - 2016-05-08 20:35 - 00000000 ____D C:\Program Files (x86)\Square-Enix
2016-05-06 18:29 - 2016-05-06 23:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-23 17:28 - 2016-04-23 17:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-04-23 17:28 - 2016-04-23 17:28 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-04-13 18:09 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2016-04-13 18:09 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2016-04-13 18:09 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2016-04-13 18:09 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2016-04-13 18:09 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-04-13 18:09 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-04-13 18:09 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2016-04-13 18:09 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2016-04-13 18:09 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2016-04-13 18:09 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2016-04-13 18:09 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\windows\system32\mtxoci.dll
2016-04-13 18:09 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
2016-04-13 18:09 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxoci.dll
2016-04-13 18:09 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2016-04-13 18:09 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2016-04-13 18:09 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2016-04-13 18:09 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2016-04-13 18:09 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\windows\system32\tbs.dll
2016-04-13 18:09 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\fveapibase.dll
2016-04-13 18:09 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\tbs.dll
2016-04-13 18:09 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2016-04-13 18:09 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\disk.sys
2016-04-13 18:09 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
2016-04-13 18:08 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
2016-04-13 18:08 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\windows\system32\samlib.dll
2016-04-13 18:08 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\samlib.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-13 22:54 - 2015-07-30 19:00 - 00000000 ____D C:\FRST
2016-05-13 22:39 - 2009-07-14 06:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-13 22:39 - 2009-07-14 06:45 - 00028576 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-13 22:37 - 2013-07-16 00:21 - 00000000 ____D C:\windows\system32\MRT
2016-05-13 22:33 - 2014-08-14 11:37 - 00000000 ____D C:\filmy
2016-05-13 21:55 - 2012-11-06 16:16 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-13 15:54 - 2012-04-17 06:18 - 00669164 _____ C:\windows\system32\perfh005.dat
2016-05-13 15:54 - 2012-04-17 06:18 - 00141790 _____ C:\windows\system32\perfc005.dat
2016-05-13 15:54 - 2009-07-14 07:13 - 01584756 _____ C:\windows\system32\PerfStringBackup.INI
2016-05-13 15:54 - 2009-07-14 05:20 - 00000000 ____D C:\windows\inf
2016-05-13 07:20 - 2009-07-14 06:45 - 00407560 _____ C:\windows\system32\FNTCACHE.DAT
2016-05-13 07:17 - 2014-12-11 11:30 - 00000000 ____D C:\windows\system32\appraiser
2016-05-13 07:17 - 2012-04-17 06:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-13 06:46 - 2012-11-16 13:51 - 139319312 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-05-10 21:00 - 2012-11-21 20:30 - 00000000 ____D C:\Games
2016-05-10 17:09 - 2015-11-04 18:24 - 00000558 _____ C:\windows\Tasks\Adobe Acrobat Update Task.job
2016-05-10 17:07 - 2015-06-02 12:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-08 21:32 - 2015-05-02 14:52 - 00000000 ____D C:\Users\Jirka\Documents\Square Enix
2016-05-07 11:33 - 2012-12-04 19:36 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\uTorrent
2016-05-07 11:33 - 2012-11-04 23:27 - 00000000 ____D C:\Users\Jirka\AppData\Roaming\vlc
2016-05-07 10:53 - 2015-06-05 09:32 - 01005056 ___SH C:\Users\Jirka\Desktop\Thumbs.db
2016-05-07 10:45 - 2015-02-19 18:57 - 00000000 __SHD C:\Users\Jirka\AppData\LocalLow\EmieBrowserModeList
2016-05-07 10:45 - 2014-12-16 22:43 - 00000000 __SHD C:\Users\Jirka\AppData\Local\EmieBrowserModeList
2016-05-07 10:45 - 2014-05-13 17:18 - 00000000 __SHD C:\Users\Jirka\AppData\LocalLow\EmieUserList
2016-05-07 10:45 - 2014-05-07 22:14 - 00000000 __SHD C:\Users\Jirka\AppData\Local\EmieUserList
2016-05-07 10:45 - 2014-05-07 22:14 - 00000000 __SHD C:\Users\Jirka\AppData\Local\EmieSiteList
2016-05-07 10:45 - 2013-02-11 20:35 - 00000000 ____D C:\Users\Jirka\AppData\Local\CrashDumps
2016-05-07 09:49 - 2015-04-05 12:19 - 00000000 ___SD C:\windows\SysWOW64\GWX
2016-05-07 09:49 - 2015-04-05 12:19 - 00000000 ___SD C:\windows\system32\GWX
2016-04-29 17:40 - 2013-10-09 21:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-04-28 22:09 - 2014-05-26 21:39 - 00000000 ____D C:\Program Files (x86)\GOG.com
2016-04-23 17:28 - 2012-11-07 02:42 - 00000000 ____D C:\Users\Jirka\Documents\My Games
2016-04-23 17:01 - 2012-12-04 19:37 - 00000949 _____ C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-04-23 17:01 - 2012-12-04 19:37 - 00000000 ____D C:\Program Files (x86)\uTorrent
2016-04-18 08:12 - 2012-04-17 07:24 - 01560406 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2016-04-13 19:09 - 2015-10-03 09:16 - 00000914 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-04-13 19:09 - 2014-08-14 18:32 - 00000000 ____D C:\Users\Jirka\AppData\Local\Adobe
2016-04-13 19:09 - 2012-11-12 22:01 - 00797376 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-04-13 19:09 - 2012-11-12 22:01 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2012-11-07 15:52 - 2012-11-07 15:52 - 0000522 _____ () C:\Users\Jirka\AppData\Roaming\GPU Monitor_GPU0_Settings.ini
2012-11-06 20:13 - 2012-11-07 15:37 - 0000522 _____ () C:\Users\Jirka\AppData\Roaming\GPU Monitor_GPU1_Settings.ini
2012-11-06 19:45 - 2015-08-22 09:47 - 0007606 _____ () C:\Users\Jirka\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Jirka\AppData\Local\Temp\avgnt.exe
C:\Users\Jirka\AppData\Local\Temp\libeay32.dll
C:\Users\Jirka\AppData\Local\Temp\msvcr120.dll
C:\Users\Jirka\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Acrobat Update Task.job => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\HPCeeScheduleForJirka.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jirka\Desktop" je 5 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DTRun
c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [x]
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000001
==================== End Of Log ==============================
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: server.exe
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
U3 aakrj56a; C:\Windows\System32\Drivers\aakrj56a.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
C:\Users\Jirka\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: server.exe
Fix result of Farbar Recovery Scan Tool (x64) Version:09-05-2016
Ran by Jirka (2016-05-14 12:14:09) Run:1
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka (Available Profiles: Jirka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
U3 aakrj56a; C:\Windows\System32\Drivers\aakrj56a.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
C:\Users\Jirka\AppData\Local\Temp
End
*****************
aakrj56a => service removed successfully
"C:\Users\Jirka\AppData\Local\Temp" folder move:
Could not move "C:\Users\Jirka\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-05-14 12:16:10)
C:\Users\Jirka\AppData\Local\Temp => moved successfully
==== End of Fixlog 12:16:13 ====
Ran by Jirka (2016-05-14 12:14:09) Run:1
Running from C:\Users\Jirka\Desktop
Loaded Profiles: Jirka (Available Profiles: Jirka)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
U3 aakrj56a; C:\Windows\System32\Drivers\aakrj56a.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
C:\Users\Jirka\AppData\Local\Temp
End
*****************
aakrj56a => service removed successfully
"C:\Users\Jirka\AppData\Local\Temp" folder move:
Could not move "C:\Users\Jirka\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-05-14 12:16:10)
C:\Users\Jirka\AppData\Local\Temp => moved successfully
==== End of Fixlog 12:16:13 ====
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: server.exe
Smazáno. Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: server.exe
Děkuji mnohokrát, zas se někdy zastavím 
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: server.exe
Nemáte zač. Jsme tu stále.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?