Dobry den,
znovu podobny problem ako pred casom...
Vyrazne spomalenie, znovu otvarajuce sa okna (stavkove spolocnosti, zlavnene zajazdy a podobny bullshit..)
V prilohe zasielam log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by H2H at 2016-07-01 10:12:53
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 48 GB (16%) free of 293 GB
Total RAM: 3838 MB (46% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:13:45, on 1. 7. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18347)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe
C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
C:\Windows\PLFSetI.exe
C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\H2H.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.sk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://un-stop.biz/wpad.dat?5be9e6cc2d1 ... f5d8780167
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: ScriptInjectionPluginBrowserHelperObject - {C66D064F-82FE-4E1A-B06A-B2490BA48B18} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [WheelMouse] C:\Program Files (x86)\A4Tech\Mouse\Amoumain.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {4C3CEE0B-4F2F-44C3-9586-4368F3200143} (ICApki Class) - https://moja.tatrabanka.sk/ibanking/ICApki.dll
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicrosoftoffice.com/tri ... /wrc32.ocx
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus 16.0.0 (AVP16.0.0) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vssbrigde64 - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 12420 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe" -r
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"
"C:\Program Files (x86)\Acer\Registration\GregHSRW.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2204
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe" -hidden
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\PLFSetI.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe"
"C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe" uTorrent_3996_00B07248_1984785216 µTorrent4823DF041B09 uTorrent
"C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe" uTorrent_3996_00B07378_1724986343 µTorrent4823DF041B09 uTorrent
"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
"C:\Users\H2H\Desktop\RSITx64(4).exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
prefs.js - "browser.startup.homepage" - "about:home"
prefs.js - "extensions.enabledItems" - "{B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1, onair_FM@marek.chrenko.net:3.5.1, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, linkfilter@kaspersky.ru:11.0.1.400, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.192 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.192 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\extensions\
{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
nppdf32.SKY
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23 162528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-23 800216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23 162528]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-29 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23 140512]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C66D064F-82FE-4E1A-B06A-B2490BA48B18}]
Kaspersky Protection plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-23 584664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-29 172640]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23 140512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23 162528]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-23 800216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23 140512]
{3507FA00-ADA2-4A02-99B9-51AD26CA9120} - Kaspersky Protection toolbar - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-23 584664]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"=C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [2009-09-11 349480]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-08-06 8060960]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-09-18 1842472]
"PLFSetI"=C:\Windows\PLFSetI.exe [2009-11-21 200704]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-03 320512]
"Acer ePower Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2009-10-01 823840]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07 508128]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"=C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe [2016-05-14 2133504]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056]
"BackupManagerTray"=C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [2009-09-25 261888]
"EgisTecLiveUpdate"=C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04 199464]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-09-09 98304]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2009-11-02 1094736]
"ArcadeDeluxeAgent"=C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [2009-10-07 419112]
"PlayMovie"=C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [2009-10-06 181480]
"WheelMouse"=C:\Program Files (x86)\A4Tech\Mouse\Amoumain.exe [2005-12-14 176128]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2016-04-23 3498720]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
wlnotify.dll []
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutoRun"=28
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"VIDC.ACDV"=ACDV.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2016-07-01 10:12:53 ----D---- C:\rsit
2016-06-20 18:40:20 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-06-20 18:40:20 ----A---- C:\Windows\system32\tzres.dll
2016-06-20 18:40:08 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-06-20 18:40:08 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-06-20 18:40:08 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-06-20 18:40:08 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2016-06-20 18:40:08 ----A---- C:\Windows\system32\wdigest.dll
2016-06-20 18:40:08 ----A---- C:\Windows\system32\rpcrt4.dll
2016-06-20 18:40:08 ----A---- C:\Windows\system32\ncrypt.dll
2016-06-20 18:40:08 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-06-20 18:40:08 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-06-20 18:40:08 ----A---- C:\Windows\system32\drivers\srv.sys
2016-06-20 18:40:08 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-06-20 18:40:08 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-06-20 18:40:08 ----A---- C:\Windows\system32\drivers\cng.sys
2016-06-20 18:40:08 ----A---- C:\Windows\system32\certcli.dll
2016-06-20 18:40:08 ----A---- C:\Windows\system32\bcryptprimitives.dll
2016-06-20 18:40:07 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-06-20 18:40:07 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-06-20 18:40:07 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-06-20 18:40:07 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-06-20 18:40:07 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-06-20 18:40:07 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-06-20 18:40:07 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-06-20 18:40:07 ----A---- C:\Windows\system32\TSpkg.dll
2016-06-20 18:40:07 ----A---- C:\Windows\system32\sspisrv.dll
2016-06-20 18:40:07 ----A---- C:\Windows\system32\sspicli.dll
2016-06-20 18:40:07 ----A---- C:\Windows\system32\schannel.dll
2016-06-20 18:40:07 ----A---- C:\Windows\system32\secur32.dll
2016-06-20 18:40:07 ----A---- C:\Windows\system32\rpchttp.dll
2016-06-20 18:40:07 ----A---- C:\Windows\system32\msv1_0.dll
2016-06-20 18:40:07 ----A---- C:\Windows\system32\lsasrv.dll
2016-06-20 18:40:07 ----A---- C:\Windows\system32\kerberos.dll
2016-06-20 18:40:07 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-06-20 18:40:07 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-06-20 18:40:07 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-06-20 18:40:07 ----A---- C:\Windows\system32\cryptbase.dll
2016-06-20 18:40:06 ----A---- C:\Windows\system32\lsass.exe
2016-06-20 18:40:06 ----A---- C:\Windows\system32\credssp.dll
2016-06-20 18:40:05 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-06-20 18:40:05 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-06-20 18:40:05 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-06-20 18:40:04 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-06-20 18:40:04 ----A---- C:\Windows\system32\auditpol.exe
2016-06-20 18:40:02 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-06-20 18:40:02 ----A---- C:\Windows\system32\msaudite.dll
2016-06-20 18:40:02 ----A---- C:\Windows\system32\adtschema.dll
2016-06-20 18:40:01 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-06-20 18:40:01 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-06-20 18:40:01 ----A---- C:\Windows\system32\msobjs.dll
2016-06-20 18:39:46 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-06-20 18:39:46 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-06-20 18:39:46 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-06-20 18:39:46 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-06-20 18:39:46 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-06-20 18:39:46 ----A---- C:\Windows\system32\iernonce.dll
2016-06-20 18:39:46 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-06-20 18:39:46 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-06-20 18:39:44 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-06-20 18:39:44 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-06-20 18:39:44 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-06-20 18:39:44 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-06-20 18:39:44 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-06-20 18:39:44 ----A---- C:\Windows\system32\inseng.dll
2016-06-20 18:39:44 ----A---- C:\Windows\system32\ie4uinit.exe
2016-06-20 18:39:43 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-06-20 18:39:43 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-06-20 18:39:43 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-06-20 18:39:43 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-20 18:39:41 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-06-20 18:39:41 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-06-20 18:39:41 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-06-20 18:39:41 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-06-20 18:39:41 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-06-20 18:39:41 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-06-20 18:39:41 ----A---- C:\Windows\system32\urlmon.dll
2016-06-20 18:39:41 ----A---- C:\Windows\system32\occache.dll
2016-06-20 18:39:41 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-06-20 18:39:41 ----A---- C:\Windows\system32\iedkcs32.dll
2016-06-20 18:39:40 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-06-20 18:39:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-06-20 18:39:40 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-06-20 18:39:40 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-20 18:39:40 ----A---- C:\Windows\system32\msfeeds.dll
2016-06-20 18:39:40 ----A---- C:\Windows\system32\dxtrans.dll
2016-06-20 18:39:39 ----A---- C:\Windows\system32\iesetup.dll
2016-06-20 18:39:39 ----A---- C:\Windows\system32\ieapfltr.dll
2016-06-20 18:39:38 ----A---- C:\Windows\system32\iertutil.dll
2016-06-20 18:39:37 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-06-20 18:39:37 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-06-20 18:39:37 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-06-20 18:39:37 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-06-20 18:39:37 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-06-20 18:39:37 ----A---- C:\Windows\system32\vbscript.dll
2016-06-20 18:39:37 ----A---- C:\Windows\system32\jsproxy.dll
2016-06-20 18:39:36 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-06-20 18:39:36 ----A---- C:\Windows\system32\ieui.dll
2016-06-20 18:39:36 ----A---- C:\Windows\system32\dxtmsft.dll
2016-06-20 18:39:35 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-06-20 18:39:35 ----A---- C:\Windows\system32\mshtmled.dll
2016-06-20 18:39:35 ----A---- C:\Windows\system32\ieframe.dll
2016-06-20 18:39:34 ----A---- C:\Windows\system32\webcheck.dll
2016-06-20 18:39:34 ----A---- C:\Windows\system32\jscript9diag.dll
2016-06-20 18:39:34 ----A---- C:\Windows\system32\jscript9.dll
2016-06-20 18:39:34 ----A---- C:\Windows\system32\jscript.dll
2016-06-20 18:39:34 ----A---- C:\Windows\system32\ieUnatt.exe
2016-06-20 18:39:33 ----A---- C:\Windows\system32\wininet.dll
2016-06-20 18:39:32 ----A---- C:\Windows\system32\msrating.dll
2016-06-20 18:39:32 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-06-20 18:39:31 ----A---- C:\Windows\system32\mshtml.dll
2016-06-20 18:38:05 ----A---- C:\Windows\system32\invagent.dll
2016-06-20 18:38:05 ----A---- C:\Windows\system32\generaltel.dll
2016-06-20 18:38:05 ----A---- C:\Windows\system32\devinv.dll
2016-06-20 18:38:05 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-06-20 18:38:05 ----A---- C:\Windows\system32\centel.dll
2016-06-20 18:38:05 ----A---- C:\Windows\system32\appraiser.dll
2016-06-20 18:38:05 ----A---- C:\Windows\system32\aeinv.dll
2016-06-20 18:38:05 ----A---- C:\Windows\system32\acmigration.dll
2016-06-20 18:37:56 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-06-20 18:37:56 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-06-20 18:37:56 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-06-20 18:37:56 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-06-20 18:37:56 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-06-20 18:37:56 ----A---- C:\Windows\system32\lpk.dll
2016-06-20 18:37:56 ----A---- C:\Windows\system32\fontsub.dll
2016-06-20 18:37:56 ----A---- C:\Windows\system32\dciman32.dll
2016-06-20 18:37:56 ----A---- C:\Windows\system32\atmlib.dll
2016-06-20 18:37:56 ----A---- C:\Windows\system32\atmfd.dll
2016-06-20 18:37:55 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2016-06-20 18:37:55 ----A---- C:\Windows\system32\win32k.sys
2016-06-20 18:37:55 ----A---- C:\Windows\system32\StructuredQuery.dll
2016-06-20 18:37:54 ----A---- C:\Windows\SYSWOW64\ws2_32.dll
2016-06-20 18:37:54 ----A---- C:\Windows\SYSWOW64\winhttp.dll
2016-06-20 18:37:54 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2016-06-20 18:37:54 ----A---- C:\Windows\SYSWOW64\mswsock.dll
2016-06-20 18:37:54 ----A---- C:\Windows\system32\ws2_32.dll
2016-06-20 18:37:54 ----A---- C:\Windows\system32\winhttp.dll
2016-06-20 18:37:54 ----A---- C:\Windows\system32\netbtugc.exe
2016-06-20 18:37:54 ----A---- C:\Windows\system32\mswsock.dll
2016-06-20 18:37:54 ----A---- C:\Windows\system32\drivers\netbt.sys
2016-06-20 18:37:51 ----A---- C:\Windows\SYSWOW64\winipsec.dll
2016-06-20 18:37:51 ----A---- C:\Windows\SYSWOW64\polstore.dll
2016-06-20 18:37:51 ----A---- C:\Windows\SYSWOW64\gpapi.dll
2016-06-20 18:37:51 ----A---- C:\Windows\SYSWOW64\FwRemoteSvr.dll
2016-06-20 18:37:51 ----A---- C:\Windows\system32\winipsec.dll
2016-06-20 18:37:51 ----A---- C:\Windows\system32\polstore.dll
2016-06-20 18:37:51 ----A---- C:\Windows\system32\IPSECSVC.DLL
2016-06-20 18:37:51 ----A---- C:\Windows\system32\gpsvc.dll
2016-06-20 18:37:51 ----A---- C:\Windows\system32\gpapi.dll
2016-06-20 18:37:51 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2016-06-20 18:37:47 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2016-06-20 18:37:47 ----A---- C:\Windows\system32\gdi32.dll
2016-06-20 18:37:46 ----A---- C:\Windows\SYSWOW64\webio.dll
2016-06-20 18:37:46 ----A---- C:\Windows\system32\webio.dll
2016-06-20 18:37:15 ----A---- C:\Windows\system32\shell32.dll
2016-06-20 18:37:14 ----A---- C:\Windows\SYSWOW64\shell32.dll
2016-06-20 18:37:14 ----A---- C:\Windows\SYSWOW64\explorer.exe
2016-06-20 18:37:14 ----A---- C:\Windows\explorer.exe
2016-06-20 18:37:13 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2016-06-20 18:37:13 ----A---- C:\Windows\system32\ExplorerFrame.dll
2016-06-20 18:37:05 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2016-06-20 18:37:05 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2016-06-20 18:37:05 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2016-06-20 18:37:05 ----A---- C:\Windows\SYSWOW64\msi.dll
2016-06-20 18:37:05 ----A---- C:\Windows\SYSWOW64\authui.dll
2016-06-20 18:37:05 ----A---- C:\Windows\system32\msimsg.dll
2016-06-20 18:37:05 ----A---- C:\Windows\system32\msihnd.dll
2016-06-20 18:37:05 ----A---- C:\Windows\system32\msiexec.exe
2016-06-20 18:37:05 ----A---- C:\Windows\system32\msi.dll
2016-06-20 18:37:05 ----A---- C:\Windows\system32\consent.exe
2016-06-20 18:37:05 ----A---- C:\Windows\system32\authui.dll
2016-06-20 18:37:05 ----A---- C:\Windows\system32\appinfo.dll
2016-06-20 10:40:27 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-06-20 09:40:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2016-06-17 09:11:24 ----SHD---- C:\Config.Msi
2016-06-02 14:04:46 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
======List of files/folders modified in the last 1 month======
2016-07-01 10:13:28 ----D---- C:\Windows\Temp
2016-07-01 10:13:28 ----D---- C:\Program Files\trend micro
2016-07-01 10:13:22 ----D---- C:\Users\H2H\AppData\Roaming\uTorrent
2016-07-01 09:18:30 ----D---- C:\ProgramData\Kaspersky Lab
2016-07-01 08:54:17 ----D---- C:\Windows\system32\DriverStore
2016-07-01 08:52:57 ----D---- C:\Windows\system32\config
2016-07-01 08:52:20 ----SHD---- C:\System Volume Information
2016-06-30 14:38:09 ----D---- C:\Users\H2H\AppData\Roaming\vlc
2016-06-29 15:43:53 ----D---- C:\Windows\System32
2016-06-29 15:43:53 ----D---- C:\Windows\inf
2016-06-29 15:43:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-06-28 15:58:42 ----D---- C:\CENKROSplusData
2016-06-23 13:12:52 ----D---- C:\Windows\winsxs
2016-06-23 12:29:21 ----D---- C:\Program Files\Microsoft Silverlight
2016-06-23 12:29:18 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 12:29:13 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-23 11:34:52 ----SHD---- C:\Windows\Installer
2016-06-21 14:04:58 ----D---- C:\Windows\rescache
2016-06-21 08:46:55 ----A---- C:\Windows\wininit.ini
2016-06-21 08:46:45 ----RD---- C:\Program Files (x86)
2016-06-21 03:39:57 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-06-21 03:39:57 ----D---- C:\Windows\SysWOW64
2016-06-21 03:39:57 ----D---- C:\Windows\system32\sk-SK
2016-06-21 03:39:55 ----D---- C:\Windows\SYSWOW64\en-US
2016-06-21 03:39:55 ----D---- C:\Windows\system32\en-US
2016-06-21 03:39:55 ----D---- C:\Windows\system32\drivers
2016-06-21 03:39:54 ----D---- C:\Windows\system32\wbem
2016-06-21 03:39:54 ----D---- C:\Windows\system32\appraiser
2016-06-21 03:39:54 ----D---- C:\Windows\AppPatch
2016-06-21 03:39:52 ----D---- C:\Windows\sk-SK
2016-06-21 03:39:52 ----D---- C:\Windows
2016-06-21 03:39:50 ----D---- C:\Program Files\Internet Explorer
2016-06-21 03:39:48 ----D---- C:\Program Files (x86)\Internet Explorer
2016-06-21 03:23:33 ----D---- C:\ProgramData\Microsoft Help
2016-06-21 03:22:18 ----D---- C:\Windows\system32\MRT
2016-06-21 03:12:38 ----A---- C:\Windows\system32\MRT.exe
2016-06-20 18:33:43 ----D---- C:\Windows\system32\catroot2
2016-06-20 18:17:03 ----D---- C:\Windows\system32\wfp
2016-06-20 18:17:02 ----SD---- C:\Windows\system32\CompatTel
2016-06-20 18:17:02 ----D---- C:\Windows\SYSWOW64\wbem
2016-06-20 18:16:56 ----SD---- C:\Windows\system32\GWX
2016-06-20 18:16:56 ----D---- C:\Windows\Tasks
2016-06-20 18:16:47 ----D---- C:\Windows\servicing
2016-06-20 18:16:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2016-06-20 18:16:45 ----D---- C:\Program Files (x86)\Microsoft Office
2016-06-20 18:15:56 ----D---- C:\Windows\registration
2016-06-20 09:40:33 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-06-20 08:26:48 ----D---- C:\Windows\Minidump
2016-06-13 19:31:06 ----N---- C:\Windows\system32\MpSigStub.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-10-02 16440]
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak); C:\Windows\system32\DRIVERS\cm_km.sys [2015-07-06 389816]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2015-06-22 478392]
R0 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2015-06-06 53432]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2015-06-27 70000]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2016-05-25 237480]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2016-05-25 943536]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2016-05-25 49240]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2015-10-23 41352]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2015-06-11 65208]
R1 Klwtp;Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [2015-06-16 103096]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2015-06-23 187056]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2016-03-01 77728]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-11 1208320]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2009-10-02 6204928]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2009-10-02 142848]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-09-21 1537024]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-10-02 120336]
R3 DKbFltr;Dritek Keyboard Filter Driver (64-bit); C:\Windows\SysWOW64\Drivers\DKbFltr.sys [2009-03-26 25608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-08-06 1974944]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-20 317480]
R3 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2015-10-23 181640]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2015-06-06 41144]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2015-06-07 41648]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2009-05-06 18432]
R3 Rockey_USB;Feitian ROCKEY4 USB Service; C:\Windows\system32\DRIVERS\Rockey4USB.sys [2012-03-14 16384]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys [2012-03-14 25600]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-09-18 292912]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2009-05-06 16896]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-10-02 6204928]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-06-10 1311232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-07-02 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-10-03 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-08-29 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-04-08 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-08-29 21160]
S3 cxbu0x64;OMNIKEY 6121; C:\Windows\system32\DRIVERS\cxbu0x64.sys [2013-03-22 186880]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-06-20 54272]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-09-02 225280]
S3 S3XXx64;SCR3xx USB SmartCardReader64; C:\Windows\system32\DRIVERS\S3XXx64.sys [2009-10-25 67840]
S3 SCR33X USB Smart Card Reader;SCR33X USB Smart Card Reader; C:\Windows\system32\DRIVERS\SCR33X2K.sys []
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-03-28 16896]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-04-05 2021592]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-10-02 202752]
R2 AVP16.0.0;Služba Kaspersky Anti-Virus 16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [2015-08-21 194000]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-10-03 873248]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2009-10-01 844320]
R2 Greg_Service;GRegService; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-08-28 1150496]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2009-09-25 62720]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-06-18 144640]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2009-07-04 240160]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-20 270016]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-05-20 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-20 146888]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [2009-09-11 305448]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-06-18 50432]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 vssbrigde64;vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe [2015-07-09 144640]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Spomaleny notebook vol.2
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Spomaleny notebook vol.2
este priklaam log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
Ran by H2H (administrator) on H-PC (01-07-2016 10:37:33)
Running from C:\Users\H2H\Desktop
Loaded Profiles: H2H (Available Profiles: H2H & TUN)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(BitTorrent Inc.) C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(BitTorrent Inc.) C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-11-21] ()
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320512 2009-04-03] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-10-01] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-07] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-06] (Acer Corp.)
HKLM-x32\...\Run: [WheelMouse] => C:\Program Files (x86)\A4Tech\Mouse\Amoumain.exe [176128 2005-12-14] (A4Tech Co., Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-04-23] (Adobe Systems Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Winlogon\Notify\ScCertProp-x32: wlnotify.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-104843041-1053051366-136704638-1000\...\Run: [uTorrent] => C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-14] (BitTorrent Inc.)
HKU\S-1-5-21-104843041-1053051366-136704638-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [438272 2009-07-08] ()
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-03-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-104843041-1053051366-136704638-1000] => hxxp://un-stop.biz/wpad.dat?5be9e6cc2d145b8c9e19a06238267f5d8780167
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{11E5B61F-04EF-43DC-A4AB-7871027B023F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AE323162-167D-4D69-A200-BDB6155D40C5}: [DhcpNameServer] 192.168.1.1
ManualProxies: 0hxxp://un-stop.biz/wpad.dat?5be9e6cc2d145b8c9e19a06238267f5d8780167
Internet Explorer:
==================
HKU\S-1-5-21-104843041-1053051366-136704638-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.sk/
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-104843041-1053051366-136704638-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-104843041-1053051366-136704638-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_skSK385
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-23] (AO Kaspersky Lab)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-29] (Oracle Corporation)
BHO-x32: Pomocník pri prihlasovaní v konte Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-23] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-29] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-23] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-23] (AO Kaspersky Lab)
DPF: HKLM-x32 {4C3CEE0B-4F2F-44C3-9586-4368F3200143} hxxps://moja.tatrabanka.sk/ibanking/ICApki.dll
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
FireFox:
========
FF ProfilePath: C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-20] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-20] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\new_plugin\npjp2.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-29] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-06-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-05-12]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-04-23]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [194000 2015-08-21] (Kaspersky Lab ZAO)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 cxbu0x64; C:\Windows\System32\DRIVERS\cxbu0x64.sys [186880 2013-03-22] (HID Global Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-23] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237480 2016-05-25] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [943536 2016-05-25] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49240 2016-05-25] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-23] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [25600 2012-03-14] (Feitian Technologies Co., Ltd.)
R3 Rockey_USB; C:\Windows\System32\DRIVERS\Rockey4USB.sys [16384 2012-03-14] (Feitian Technologies Co., Ltd.)
S3 SCR33X USB Smart Card Reader; system32\DRIVERS\SCR33X2K.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-01 10:37 - 2016-07-01 10:38 - 00019445 _____ C:\Users\H2H\Desktop\FRST.txt
2016-07-01 10:37 - 2016-07-01 10:37 - 00000000 ____D C:\FRST
2016-07-01 10:34 - 2016-07-01 10:35 - 02390016 _____ (Farbar) C:\Users\H2H\Desktop\FRST64.exe
2016-07-01 10:31 - 2016-07-01 10:31 - 00066724 _____ C:\Users\H2H\Downloads\ACFrOgBKomr6ZK8QpBq4iDIc9jhQwidKiCL0MYu8sRt-Q32Ts7MkYderFEeptVk8QGevLSbPd-gRRyt_dAcR4dYPLUkh_Lnu73RfwdH3emZmH0Yt5hbSh7NOGXsvpz4=
2016-07-01 10:31 - 2016-07-01 10:31 - 00066178 _____ C:\Users\H2H\Desktop\NAB-100-16-04023.pdf
2016-07-01 10:12 - 2016-07-01 10:13 - 00000000 ____D C:\rsit
2016-07-01 10:12 - 2016-07-01 10:12 - 01222144 _____ C:\Users\H2H\Desktop\RSITx64(4).exe
2016-07-01 09:24 - 2016-07-01 09:24 - 00123133 _____ C:\Users\H2H\Downloads\FA_1600086093(1).pdf
2016-07-01 09:21 - 2016-07-01 09:21 - 00015491 _____ C:\Users\H2H\Downloads\20140_00_2414_2016-07-01.pdf
2016-07-01 09:20 - 2016-07-01 09:20 - 00015491 _____ C:\Users\H2H\Downloads\ACFrOgD2MEDJZP2Kq2GomJ6OxVVSUkLC1RTGMleKPIDrQbsxXy3X8vWCZBuGeHg7-V5mJ-W8abfbxdxmpvo4IZYNjCDoRyCrikbCILMVwMR6yEguPwwkLxrARrGVuJqVptE0Y3QN_ao4fpCKMc0K
2016-07-01 08:39 - 2016-07-01 08:40 - 05227473 _____ C:\Users\H2H\Downloads\DOKAR 2.pdf
2016-07-01 08:39 - 2016-07-01 08:40 - 03955232 _____ C:\Users\H2H\Downloads\DOKAR 1.pdf
2016-07-01 08:39 - 2016-07-01 08:40 - 03955232 _____ C:\Users\H2H\Downloads\DOKAR 1(1).pdf
2016-06-28 14:10 - 2016-06-28 14:26 - 414561097 ____R C:\Users\H2H\Downloads\Game.of.Thrones.S06E09.1080p.HDTV.x265.HEVC.upload-hero.mkv
2016-06-28 14:08 - 2016-06-28 14:16 - 367066519 ____R C:\Users\H2H\Downloads\Game.of.Thrones.S06E08.720p.HDTV.x265.ShAaNiG.mkv
2016-06-28 14:07 - 2016-06-28 14:19 - 00000000 ____D C:\Users\H2H\Downloads\Game.of.Thrones.S06E07.HDTV.x264-KILLERS[Talamasca33]
2016-06-28 14:00 - 2016-06-28 14:29 - 575732911 ____R C:\Users\H2H\Downloads\Game Of Thrones - S06E10 - 720p - khatake2.mkv
2016-06-28 11:14 - 2016-06-28 11:14 - 00272948 _____ C:\Users\H2H\Downloads\SZS_prispevok_1617(1).pdf
2016-06-27 16:46 - 2016-06-27 16:46 - 03703360 _____ C:\Users\H2H\Downloads\adwcleaner_5.200.exe
2016-06-27 16:08 - 2016-06-27 16:08 - 00059452 _____ C:\Users\H2H\Downloads\download-27.06.2016.pdf
2016-06-27 10:32 - 2016-06-27 10:32 - 00017189 _____ C:\Users\H2H\Downloads\Faktura - 1802016 H2H -Stupava.pdf
2016-06-27 10:30 - 2016-06-27 10:30 - 00017433 _____ C:\Users\H2H\Downloads\ACFrOgBjfr7UfK4tRAvjEq2zzjOCGq-rSPR9nW2hm8G7nWCiO0UL3T0c6eBEoA42b6rIPCLmcyuYwZoOM4cSLtIhthcaqT70D9uFFlw4QT8b_R1wX-ZBdqFINYSgRKg=
2016-06-23 08:21 - 2016-06-23 08:21 - 00141018 _____ C:\Users\H2H\Desktop\1.102.2016 H2H.pdf
2016-06-22 09:30 - 2016-06-22 09:30 - 00021998 _____ C:\Users\H2H\Downloads\download-22-06-2016(3).pdf
2016-06-22 09:29 - 2016-06-22 09:29 - 00021997 _____ C:\Users\H2H\Downloads\download-22-06-2016(2).pdf
2016-06-22 09:28 - 2016-06-22 09:28 - 00021999 _____ C:\Users\H2H\Downloads\download-22-06-2016(1).pdf
2016-06-22 09:27 - 2016-06-22 09:27 - 00021999 _____ C:\Users\H2H\Downloads\download-22-06-2016.pdf
2016-06-21 15:48 - 2016-06-21 15:48 - 00039860 _____ C:\Users\H2H\Downloads\ACFrOgAz9UFvMkJZIYsjv2DnbwXOhkQOgz0HE6aRVts7lLiuANH1Zbrl0Yvp77i6yWhfnIFUGI5sV7dig9o86WNd-Y2YuDm6hRQkT0eHbjy_eO9SRlBfDRx9_MiAjMM=
2016-06-21 15:14 - 2016-06-21 15:13 - 00055808 _____ C:\Users\H2H\Desktop\supis parickova1f.xls
2016-06-21 15:13 - 2016-06-21 15:13 - 00054784 _____ C:\Users\H2H\Desktop\supis parickova1d.xls
2016-06-21 15:13 - 2016-06-21 15:13 - 00053248 _____ C:\Users\H2H\Desktop\supis parickova1e.xls
2016-06-21 15:13 - 2016-06-21 15:12 - 00044544 _____ C:\Users\H2H\Desktop\supis parickova1c.xls
2016-06-21 15:12 - 2016-06-21 15:12 - 00059392 _____ C:\Users\H2H\Desktop\supis parickova1b.xls
2016-06-21 15:12 - 2016-06-21 15:12 - 00055808 _____ C:\Users\H2H\Desktop\supis parickova1a.xls
2016-06-21 15:11 - 2016-06-21 15:11 - 00059392 _____ C:\Users\H2H\Desktop\supis parickova1.xls
2016-06-21 13:10 - 2016-06-21 13:10 - 00313052 _____ C:\Users\H2H\Downloads\referencna-listina-01(1).pdf
2016-06-21 09:27 - 2016-06-21 09:27 - 00167513 _____ C:\Users\H2H\Downloads\5046_vzn-6-2012.pdf
2016-06-20 18:40 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-20 18:40 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-20 18:40 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-20 18:40 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-20 18:40 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-20 18:40 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-20 18:40 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-20 18:40 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-20 18:40 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-20 18:40 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-20 18:40 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-20 18:40 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-20 18:40 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-20 18:40 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-20 18:40 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-20 18:40 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-20 18:40 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-20 18:40 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-20 18:40 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-20 18:40 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-20 18:39 - 2016-05-24 01:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-20 18:39 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-20 18:39 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-20 18:39 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-20 18:39 - 2016-05-21 00:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-20 18:39 - 2016-05-21 00:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-20 18:39 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-20 18:39 - 2016-05-21 00:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-20 18:39 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-20 18:39 - 2016-05-21 00:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-20 18:39 - 2016-05-21 00:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-20 18:39 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-20 18:39 - 2016-05-21 00:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-20 18:39 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-20 18:39 - 2016-05-21 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-20 18:39 - 2016-05-20 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-20 18:39 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-20 18:39 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-20 18:39 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-20 18:39 - 2016-05-20 23:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-20 18:39 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-20 18:39 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-20 18:39 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-20 18:39 - 2016-05-20 23:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-20 18:39 - 2016-05-20 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-20 18:39 - 2016-05-20 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-20 18:39 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-20 18:39 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-20 18:39 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-20 18:39 - 2016-05-20 23:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-20 18:39 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-20 18:39 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-20 18:39 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-20 18:39 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-20 18:39 - 2016-05-20 23:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-20 18:39 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-20 18:39 - 2016-05-20 23:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-20 18:39 - 2016-05-20 23:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-20 18:39 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-20 18:39 - 2016-05-20 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-20 18:39 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-20 18:39 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-20 18:39 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-20 18:39 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-20 18:39 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-20 18:39 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-20 18:39 - 2016-05-20 23:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-20 18:39 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-20 18:39 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-20 18:39 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-20 18:39 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-20 18:39 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-20 18:39 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-20 18:39 - 2016-05-20 23:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-20 18:39 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-20 18:39 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-20 18:39 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-20 18:39 - 2016-05-20 23:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-20 18:39 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-20 18:39 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-20 18:39 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-20 18:39 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-20 18:39 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-20 18:39 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-20 18:39 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-20 18:39 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-20 18:38 - 2016-06-06 18:58 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-20 18:38 - 2016-06-06 18:50 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-20 18:38 - 2016-06-03 15:05 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-20 18:38 - 2016-05-27 15:06 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-20 18:38 - 2016-05-27 15:06 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-20 18:38 - 2016-05-27 15:06 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-20 18:38 - 2016-05-27 15:06 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-20 18:38 - 2016-05-22 15:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-20 18:37 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-20 18:37 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-20 18:37 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-20 18:37 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-20 18:37 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-20 18:37 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-20 18:37 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-20 18:37 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-20 18:37 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-20 18:37 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-20 18:37 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-20 18:37 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-20 18:37 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-20 18:37 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-20 18:37 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-20 18:37 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-20 18:37 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-20 18:37 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-20 18:37 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-20 18:37 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-20 18:37 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-20 18:37 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-20 18:37 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-20 18:37 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-20 18:37 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-20 18:37 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-20 18:37 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-20 18:37 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-20 18:37 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-20 18:37 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-20 18:37 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-20 18:37 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-20 18:37 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-20 18:37 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-20 18:37 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-20 18:37 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-20 18:37 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-20 18:37 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-20 18:37 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-20 18:37 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-20 18:37 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-20 18:37 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-20 18:37 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-20 18:37 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-20 18:37 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-20 18:37 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-20 18:37 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-20 18:37 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-20 18:37 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-20 18:37 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-20 18:37 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-20 18:37 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-20 18:37 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-20 18:37 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-20 10:40 - 2016-06-23 12:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-20 09:40 - 2016-06-20 09:40 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-20 08:26 - 2016-06-20 08:27 - 00280464 _____ C:\Windows\Minidump\062016-60216-01.dmp
2016-06-16 14:27 - 2016-06-16 14:28 - 06083797 _____ C:\Users\H2H\Downloads\rys115_1-8.pdf
2016-06-16 09:44 - 2016-06-16 09:44 - 00035204 _____ C:\Users\H2H\Downloads\ACFrOgDZh3UqS8-0IaLlyBpgdj_I7P9yloE2COHpqRgJLXY-qSMeqtBUrROOpkEkEaxESnRLA_owEuzhyNPdUIns2_TOBeE_rCEF2vgpbtx-Aq0-N_QSgx9QQ0RQYhA=
2016-06-14 10:24 - 2016-06-14 10:24 - 00155264 _____ C:\Users\H2H\Downloads\Orange_doklad_FR_20160522_CN0210739868_1156129583.zip
2016-06-13 13:11 - 2016-06-13 13:11 - 00048786 _____ C:\Users\H2H\Downloads\C5_16.pdf
2016-06-13 10:42 - 2016-06-13 10:42 - 00313052 _____ C:\Users\H2H\Downloads\referencna-listina-01.pdf
2016-06-08 10:25 - 2016-06-08 10:25 - 00279658 _____ C:\Users\H2H\Downloads\weberbat-balkonovy.html
2016-06-08 09:45 - 2016-06-21 09:09 - 00000000 ____D C:\Users\H2H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-06-07 11:08 - 2016-06-07 11:08 - 00155264 _____ C:\Users\H2H\Desktop\Orange_doklad_FR_20160522_CN0210739868_1156129583.zip
2016-06-07 10:57 - 2016-06-07 10:57 - 00237752 _____ C:\Users\H2H\Downloads\ACFrOgAmhWLba9KwQFUUM6Ox9qRv8A6wHv2M9C0oxMyCbjWoDNcMntZOxwDISDnHv1QB5NUGAR09hVl5PtHCYaM_gba_ThiLcjsZmQY2Lszc9Qcmyy60CuFkrl6R198=
2016-06-07 10:46 - 2016-06-07 10:46 - 00512628 _____ C:\Users\H2H\Downloads\18_15_elprivod.pdf
2016-06-03 15:10 - 2016-06-03 15:13 - 00000000 ____D C:\Users\H2H\Downloads\Nouvelle Vague Discography
2016-06-03 15:07 - 2016-06-03 15:09 - 00000000 ____D C:\Users\H2H\Downloads\Dead Can Dance - Anastasis (2012) [mp3@192]
2016-06-02 14:36 - 2016-06-02 14:47 - 786501212 _____ C:\Users\H2H\Downloads\Game Of Thrones - S06E06 - 1080p - khatake2.mkv
2016-06-02 14:04 - 2016-06-06 08:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-06-02 13:14 - 2016-06-02 13:14 - 00049561 _____ C:\Users\H2H\Downloads\H2H fa.pdf
2016-06-01 13:48 - 2016-06-01 13:54 - 00000000 ____D C:\Users\H2H\Downloads\Game of Thrones Season 6
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-01 10:38 - 2014-07-02 14:28 - 00000000 ____D C:\Users\H2H\AppData\Roaming\uTorrent
2016-07-01 10:13 - 2013-01-11 15:21 - 00000000 ____D C:\Program Files\trend micro
2016-07-01 09:54 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-01 09:54 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-01 09:40 - 2013-05-29 11:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-01 09:18 - 2016-05-14 09:03 - 00000000 ____D C:\Users\H2H\AppData\LocalLow\uTorrent
2016-07-01 09:18 - 2010-11-09 17:51 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-07-01 08:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-30 14:38 - 2012-01-17 10:02 - 00000000 ____D C:\Users\H2H\AppData\Roaming\vlc
2016-06-29 15:43 - 2009-07-14 07:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-29 15:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-28 15:58 - 2010-06-22 11:01 - 00000000 ____D C:\CENKROSplusData
2016-06-27 08:42 - 2014-05-28 10:32 - 00000000 ____D C:\Users\TUN
2016-06-23 12:29 - 2012-05-22 08:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-23 12:29 - 2012-05-22 08:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 12:29 - 2012-05-02 09:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-23 11:34 - 2012-05-22 08:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-21 14:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-06-21 08:46 - 2016-05-09 08:18 - 00000176 _____ C:\Windows\wininit.ini
2016-06-21 07:45 - 2009-07-14 06:45 - 00347480 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-21 03:39 - 2014-12-11 04:29 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-21 03:22 - 2013-08-16 08:55 - 00000000 ____D C:\Windows\system32\MRT
2016-06-21 03:12 - 2010-06-22 09:15 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-20 18:17 - 2014-05-07 09:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-06-20 18:16 - 2015-04-08 08:32 - 00000000 ___SD C:\Windows\system32\GWX
2016-06-20 18:16 - 2009-10-29 06:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-20 18:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2016-06-20 18:16 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-06-20 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-06-20 09:40 - 2012-05-28 10:25 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-20 09:40 - 2012-05-28 10:25 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-20 09:40 - 2011-05-23 07:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-20 08:28 - 2010-06-21 16:05 - 00000000 ____D C:\Users\H2H
2016-06-20 08:26 - 2014-09-12 12:49 - 00000000 ____D C:\Windows\Minidump
2016-06-13 19:31 - 2010-06-22 08:27 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-02 14:03 - 2016-04-26 09:01 - 00000000 ____D C:\Users\H2H\Desktop\Cyrilova
==================== Files in the root of some directories =======
2009-10-29 06:21 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2010-03-01 16:47 - 2010-03-01 16:50 - 0007830 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-10-29 06:22 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
Some files in TEMP:
====================
C:\Users\H2H\AppData\Local\Temp\7za.exe
C:\Users\H2H\AppData\Local\Temp\DaS_21.exe
C:\Users\H2H\AppData\Local\Temp\hijackthis.exe
C:\Users\H2H\AppData\Local\Temp\NirCmd.exe
C:\Users\H2H\AppData\Local\Temp\PEVZ.EXE
C:\Users\H2H\AppData\Local\Temp\remove.exe
C:\Users\H2H\AppData\Local\Temp\sed.exe
C:\Users\H2H\AppData\Local\Temp\shortcut.exe
C:\Users\H2H\AppData\Local\Temp\swreg.exe
C:\Users\H2H\AppData\Local\Temp\swxcacls.exe
C:\Users\H2H\AppData\Local\Temp\wget.exe
C:\Users\H2H\AppData\Local\Temp\zoek-delete.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-27 09:18
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
Ran by H2H (administrator) on H-PC (01-07-2016 10:37:33)
Running from C:\Users\H2H\Desktop
Loaded Profiles: H2H (Available Profiles: H2H & TUN)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(BitTorrent Inc.) C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(BitTorrent Inc.) C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(BitTorrent Inc.) C:\Users\H2H\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-11] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2009-11-21] ()
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320512 2009-04-03] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [823840 2009-10-01] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-25] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-07] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-06] (Acer Corp.)
HKLM-x32\...\Run: [WheelMouse] => C:\Program Files (x86)\A4Tech\Mouse\Amoumain.exe [176128 2005-12-14] (A4Tech Co., Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498720 2016-04-23] (Adobe Systems Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
Winlogon\Notify\ScCertProp-x32: wlnotify.dll [X]
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-104843041-1053051366-136704638-1000\...\Run: [uTorrent] => C:\Users\H2H\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-14] (BitTorrent Inc.)
HKU\S-1-5-21-104843041-1053051366-136704638-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [438272 2009-07-08] ()
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-11] (Egis Technology Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-03-01]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [S-1-5-21-104843041-1053051366-136704638-1000] => hxxp://un-stop.biz/wpad.dat?5be9e6cc2d145b8c9e19a06238267f5d8780167
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{11E5B61F-04EF-43DC-A4AB-7871027B023F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{AE323162-167D-4D69-A200-BDB6155D40C5}: [DhcpNameServer] 192.168.1.1
ManualProxies: 0hxxp://un-stop.biz/wpad.dat?5be9e6cc2d145b8c9e19a06238267f5d8780167
Internet Explorer:
==================
HKU\S-1-5-21-104843041-1053051366-136704638-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.sk/
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-104843041-1053051366-136704638-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-104843041-1053051366-136704638-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_skSK385
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-23] (AO Kaspersky Lab)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-29] (Oracle Corporation)
BHO-x32: Pomocník pri prihlasovaní v konte Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-23] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-29] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-23] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-23] (AO Kaspersky Lab)
DPF: HKLM-x32 {4C3CEE0B-4F2F-44C3-9586-4368F3200143} hxxps://moja.tatrabanka.sk/ibanking/ICApki.dll
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
FireFox:
========
FF ProfilePath: C:\Users\H2H\AppData\Roaming\Mozilla\Firefox\Profiles\m9kqbrpg.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-20] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-20] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\new_plugin\npjp2.dll [No File]
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-29] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-04-23] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-06-20] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox [2016-05-25]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2016-05-12]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2016-04-23]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [194000 2015-08-21] (Kaspersky Lab ZAO)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-11] (Egis Technology Inc.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 cxbu0x64; C:\Windows\System32\DRIVERS\cxbu0x64.sys [186880 2013-03-22] (HID Global Corporation)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-23] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [237480 2016-05-25] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [943536 2016-05-25] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [49240 2016-05-25] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-23] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 ROCKEYNT; C:\Windows\System32\DRIVERS\Rockey4.sys [25600 2012-03-14] (Feitian Technologies Co., Ltd.)
R3 Rockey_USB; C:\Windows\System32\DRIVERS\Rockey4USB.sys [16384 2012-03-14] (Feitian Technologies Co., Ltd.)
S3 SCR33X USB Smart Card Reader; system32\DRIVERS\SCR33X2K.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-01 10:37 - 2016-07-01 10:38 - 00019445 _____ C:\Users\H2H\Desktop\FRST.txt
2016-07-01 10:37 - 2016-07-01 10:37 - 00000000 ____D C:\FRST
2016-07-01 10:34 - 2016-07-01 10:35 - 02390016 _____ (Farbar) C:\Users\H2H\Desktop\FRST64.exe
2016-07-01 10:31 - 2016-07-01 10:31 - 00066724 _____ C:\Users\H2H\Downloads\ACFrOgBKomr6ZK8QpBq4iDIc9jhQwidKiCL0MYu8sRt-Q32Ts7MkYderFEeptVk8QGevLSbPd-gRRyt_dAcR4dYPLUkh_Lnu73RfwdH3emZmH0Yt5hbSh7NOGXsvpz4=
2016-07-01 10:31 - 2016-07-01 10:31 - 00066178 _____ C:\Users\H2H\Desktop\NAB-100-16-04023.pdf
2016-07-01 10:12 - 2016-07-01 10:13 - 00000000 ____D C:\rsit
2016-07-01 10:12 - 2016-07-01 10:12 - 01222144 _____ C:\Users\H2H\Desktop\RSITx64(4).exe
2016-07-01 09:24 - 2016-07-01 09:24 - 00123133 _____ C:\Users\H2H\Downloads\FA_1600086093(1).pdf
2016-07-01 09:21 - 2016-07-01 09:21 - 00015491 _____ C:\Users\H2H\Downloads\20140_00_2414_2016-07-01.pdf
2016-07-01 09:20 - 2016-07-01 09:20 - 00015491 _____ C:\Users\H2H\Downloads\ACFrOgD2MEDJZP2Kq2GomJ6OxVVSUkLC1RTGMleKPIDrQbsxXy3X8vWCZBuGeHg7-V5mJ-W8abfbxdxmpvo4IZYNjCDoRyCrikbCILMVwMR6yEguPwwkLxrARrGVuJqVptE0Y3QN_ao4fpCKMc0K
2016-07-01 08:39 - 2016-07-01 08:40 - 05227473 _____ C:\Users\H2H\Downloads\DOKAR 2.pdf
2016-07-01 08:39 - 2016-07-01 08:40 - 03955232 _____ C:\Users\H2H\Downloads\DOKAR 1.pdf
2016-07-01 08:39 - 2016-07-01 08:40 - 03955232 _____ C:\Users\H2H\Downloads\DOKAR 1(1).pdf
2016-06-28 14:10 - 2016-06-28 14:26 - 414561097 ____R C:\Users\H2H\Downloads\Game.of.Thrones.S06E09.1080p.HDTV.x265.HEVC.upload-hero.mkv
2016-06-28 14:08 - 2016-06-28 14:16 - 367066519 ____R C:\Users\H2H\Downloads\Game.of.Thrones.S06E08.720p.HDTV.x265.ShAaNiG.mkv
2016-06-28 14:07 - 2016-06-28 14:19 - 00000000 ____D C:\Users\H2H\Downloads\Game.of.Thrones.S06E07.HDTV.x264-KILLERS[Talamasca33]
2016-06-28 14:00 - 2016-06-28 14:29 - 575732911 ____R C:\Users\H2H\Downloads\Game Of Thrones - S06E10 - 720p - khatake2.mkv
2016-06-28 11:14 - 2016-06-28 11:14 - 00272948 _____ C:\Users\H2H\Downloads\SZS_prispevok_1617(1).pdf
2016-06-27 16:46 - 2016-06-27 16:46 - 03703360 _____ C:\Users\H2H\Downloads\adwcleaner_5.200.exe
2016-06-27 16:08 - 2016-06-27 16:08 - 00059452 _____ C:\Users\H2H\Downloads\download-27.06.2016.pdf
2016-06-27 10:32 - 2016-06-27 10:32 - 00017189 _____ C:\Users\H2H\Downloads\Faktura - 1802016 H2H -Stupava.pdf
2016-06-27 10:30 - 2016-06-27 10:30 - 00017433 _____ C:\Users\H2H\Downloads\ACFrOgBjfr7UfK4tRAvjEq2zzjOCGq-rSPR9nW2hm8G7nWCiO0UL3T0c6eBEoA42b6rIPCLmcyuYwZoOM4cSLtIhthcaqT70D9uFFlw4QT8b_R1wX-ZBdqFINYSgRKg=
2016-06-23 08:21 - 2016-06-23 08:21 - 00141018 _____ C:\Users\H2H\Desktop\1.102.2016 H2H.pdf
2016-06-22 09:30 - 2016-06-22 09:30 - 00021998 _____ C:\Users\H2H\Downloads\download-22-06-2016(3).pdf
2016-06-22 09:29 - 2016-06-22 09:29 - 00021997 _____ C:\Users\H2H\Downloads\download-22-06-2016(2).pdf
2016-06-22 09:28 - 2016-06-22 09:28 - 00021999 _____ C:\Users\H2H\Downloads\download-22-06-2016(1).pdf
2016-06-22 09:27 - 2016-06-22 09:27 - 00021999 _____ C:\Users\H2H\Downloads\download-22-06-2016.pdf
2016-06-21 15:48 - 2016-06-21 15:48 - 00039860 _____ C:\Users\H2H\Downloads\ACFrOgAz9UFvMkJZIYsjv2DnbwXOhkQOgz0HE6aRVts7lLiuANH1Zbrl0Yvp77i6yWhfnIFUGI5sV7dig9o86WNd-Y2YuDm6hRQkT0eHbjy_eO9SRlBfDRx9_MiAjMM=
2016-06-21 15:14 - 2016-06-21 15:13 - 00055808 _____ C:\Users\H2H\Desktop\supis parickova1f.xls
2016-06-21 15:13 - 2016-06-21 15:13 - 00054784 _____ C:\Users\H2H\Desktop\supis parickova1d.xls
2016-06-21 15:13 - 2016-06-21 15:13 - 00053248 _____ C:\Users\H2H\Desktop\supis parickova1e.xls
2016-06-21 15:13 - 2016-06-21 15:12 - 00044544 _____ C:\Users\H2H\Desktop\supis parickova1c.xls
2016-06-21 15:12 - 2016-06-21 15:12 - 00059392 _____ C:\Users\H2H\Desktop\supis parickova1b.xls
2016-06-21 15:12 - 2016-06-21 15:12 - 00055808 _____ C:\Users\H2H\Desktop\supis parickova1a.xls
2016-06-21 15:11 - 2016-06-21 15:11 - 00059392 _____ C:\Users\H2H\Desktop\supis parickova1.xls
2016-06-21 13:10 - 2016-06-21 13:10 - 00313052 _____ C:\Users\H2H\Downloads\referencna-listina-01(1).pdf
2016-06-21 09:27 - 2016-06-21 09:27 - 00167513 _____ C:\Users\H2H\Downloads\5046_vzn-6-2012.pdf
2016-06-20 18:40 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-20 18:40 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-20 18:40 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-20 18:40 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-20 18:40 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-20 18:40 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-20 18:40 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-20 18:40 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-20 18:40 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-20 18:40 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-20 18:40 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-20 18:40 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-20 18:40 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-20 18:40 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-20 18:40 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-20 18:40 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-20 18:40 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-20 18:40 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-20 18:40 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-20 18:40 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-20 18:40 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-20 18:40 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-20 18:39 - 2016-05-24 01:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-20 18:39 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-20 18:39 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-20 18:39 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-20 18:39 - 2016-05-21 00:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-20 18:39 - 2016-05-21 00:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-20 18:39 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-20 18:39 - 2016-05-21 00:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-20 18:39 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-20 18:39 - 2016-05-21 00:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-20 18:39 - 2016-05-21 00:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-20 18:39 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-20 18:39 - 2016-05-21 00:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-20 18:39 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-20 18:39 - 2016-05-21 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-20 18:39 - 2016-05-20 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-20 18:39 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-20 18:39 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-20 18:39 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-20 18:39 - 2016-05-20 23:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-20 18:39 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-20 18:39 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-20 18:39 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-20 18:39 - 2016-05-20 23:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-20 18:39 - 2016-05-20 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-20 18:39 - 2016-05-20 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-20 18:39 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-20 18:39 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-20 18:39 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-20 18:39 - 2016-05-20 23:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-20 18:39 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-20 18:39 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-20 18:39 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-20 18:39 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-20 18:39 - 2016-05-20 23:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-20 18:39 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-20 18:39 - 2016-05-20 23:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-20 18:39 - 2016-05-20 23:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-20 18:39 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-20 18:39 - 2016-05-20 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-20 18:39 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-20 18:39 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-20 18:39 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-20 18:39 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-20 18:39 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-20 18:39 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-20 18:39 - 2016-05-20 23:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-20 18:39 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-20 18:39 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-20 18:39 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-20 18:39 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-20 18:39 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-20 18:39 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-20 18:39 - 2016-05-20 23:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-20 18:39 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-20 18:39 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-20 18:39 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-20 18:39 - 2016-05-20 23:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-20 18:39 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-20 18:39 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-20 18:39 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-20 18:39 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-20 18:39 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-20 18:39 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-20 18:39 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-20 18:39 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-20 18:38 - 2016-06-06 18:58 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-20 18:38 - 2016-06-06 18:50 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-20 18:38 - 2016-06-03 15:05 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-20 18:38 - 2016-05-27 15:06 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-20 18:38 - 2016-05-27 15:06 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-20 18:38 - 2016-05-27 15:06 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-20 18:38 - 2016-05-27 15:06 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-20 18:38 - 2016-05-22 15:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-20 18:37 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-20 18:37 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-20 18:37 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-20 18:37 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-20 18:37 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-20 18:37 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-20 18:37 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-20 18:37 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-20 18:37 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-20 18:37 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-20 18:37 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-20 18:37 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-20 18:37 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-20 18:37 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-20 18:37 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-20 18:37 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-20 18:37 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-20 18:37 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-20 18:37 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-20 18:37 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-20 18:37 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-20 18:37 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-20 18:37 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-20 18:37 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-20 18:37 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-20 18:37 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-20 18:37 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-20 18:37 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-20 18:37 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-20 18:37 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-20 18:37 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-20 18:37 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-20 18:37 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-20 18:37 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-20 18:37 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-20 18:37 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-20 18:37 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-20 18:37 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-20 18:37 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-20 18:37 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-20 18:37 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-20 18:37 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-20 18:37 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-20 18:37 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-20 18:37 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-20 18:37 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-20 18:37 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-20 18:37 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-20 18:37 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-20 18:37 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-20 18:37 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-20 18:37 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-20 18:37 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-20 18:37 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-20 10:40 - 2016-06-23 12:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-20 09:40 - 2016-06-20 09:40 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-20 08:26 - 2016-06-20 08:27 - 00280464 _____ C:\Windows\Minidump\062016-60216-01.dmp
2016-06-16 14:27 - 2016-06-16 14:28 - 06083797 _____ C:\Users\H2H\Downloads\rys115_1-8.pdf
2016-06-16 09:44 - 2016-06-16 09:44 - 00035204 _____ C:\Users\H2H\Downloads\ACFrOgDZh3UqS8-0IaLlyBpgdj_I7P9yloE2COHpqRgJLXY-qSMeqtBUrROOpkEkEaxESnRLA_owEuzhyNPdUIns2_TOBeE_rCEF2vgpbtx-Aq0-N_QSgx9QQ0RQYhA=
2016-06-14 10:24 - 2016-06-14 10:24 - 00155264 _____ C:\Users\H2H\Downloads\Orange_doklad_FR_20160522_CN0210739868_1156129583.zip
2016-06-13 13:11 - 2016-06-13 13:11 - 00048786 _____ C:\Users\H2H\Downloads\C5_16.pdf
2016-06-13 10:42 - 2016-06-13 10:42 - 00313052 _____ C:\Users\H2H\Downloads\referencna-listina-01.pdf
2016-06-08 10:25 - 2016-06-08 10:25 - 00279658 _____ C:\Users\H2H\Downloads\weberbat-balkonovy.html
2016-06-08 09:45 - 2016-06-21 09:09 - 00000000 ____D C:\Users\H2H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2016-06-07 11:08 - 2016-06-07 11:08 - 00155264 _____ C:\Users\H2H\Desktop\Orange_doklad_FR_20160522_CN0210739868_1156129583.zip
2016-06-07 10:57 - 2016-06-07 10:57 - 00237752 _____ C:\Users\H2H\Downloads\ACFrOgAmhWLba9KwQFUUM6Ox9qRv8A6wHv2M9C0oxMyCbjWoDNcMntZOxwDISDnHv1QB5NUGAR09hVl5PtHCYaM_gba_ThiLcjsZmQY2Lszc9Qcmyy60CuFkrl6R198=
2016-06-07 10:46 - 2016-06-07 10:46 - 00512628 _____ C:\Users\H2H\Downloads\18_15_elprivod.pdf
2016-06-03 15:10 - 2016-06-03 15:13 - 00000000 ____D C:\Users\H2H\Downloads\Nouvelle Vague Discography
2016-06-03 15:07 - 2016-06-03 15:09 - 00000000 ____D C:\Users\H2H\Downloads\Dead Can Dance - Anastasis (2012) [mp3@192]
2016-06-02 14:36 - 2016-06-02 14:47 - 786501212 _____ C:\Users\H2H\Downloads\Game Of Thrones - S06E06 - 1080p - khatake2.mkv
2016-06-02 14:04 - 2016-06-06 08:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-06-02 13:14 - 2016-06-02 13:14 - 00049561 _____ C:\Users\H2H\Downloads\H2H fa.pdf
2016-06-01 13:48 - 2016-06-01 13:54 - 00000000 ____D C:\Users\H2H\Downloads\Game of Thrones Season 6
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-01 10:38 - 2014-07-02 14:28 - 00000000 ____D C:\Users\H2H\AppData\Roaming\uTorrent
2016-07-01 10:13 - 2013-01-11 15:21 - 00000000 ____D C:\Program Files\trend micro
2016-07-01 09:54 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-01 09:54 - 2009-07-14 06:45 - 00025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-01 09:40 - 2013-05-29 11:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-01 09:18 - 2016-05-14 09:03 - 00000000 ____D C:\Users\H2H\AppData\LocalLow\uTorrent
2016-07-01 09:18 - 2010-11-09 17:51 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-07-01 08:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-30 14:38 - 2012-01-17 10:02 - 00000000 ____D C:\Users\H2H\AppData\Roaming\vlc
2016-06-29 15:43 - 2009-07-14 07:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-29 15:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-28 15:58 - 2010-06-22 11:01 - 00000000 ____D C:\CENKROSplusData
2016-06-27 08:42 - 2014-05-28 10:32 - 00000000 ____D C:\Users\TUN
2016-06-23 12:29 - 2012-05-22 08:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-23 12:29 - 2012-05-22 08:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 12:29 - 2012-05-02 09:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-23 11:34 - 2012-05-22 08:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-21 14:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-06-21 08:46 - 2016-05-09 08:18 - 00000176 _____ C:\Windows\wininit.ini
2016-06-21 07:45 - 2009-07-14 06:45 - 00347480 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-21 03:39 - 2014-12-11 04:29 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-21 03:22 - 2013-08-16 08:55 - 00000000 ____D C:\Windows\system32\MRT
2016-06-21 03:12 - 2010-06-22 09:15 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-20 18:17 - 2014-05-07 09:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-06-20 18:16 - 2015-04-08 08:32 - 00000000 ___SD C:\Windows\system32\GWX
2016-06-20 18:16 - 2009-10-29 06:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-20 18:16 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2016-06-20 18:16 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-06-20 18:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2016-06-20 09:40 - 2012-05-28 10:25 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-20 09:40 - 2012-05-28 10:25 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-20 09:40 - 2011-05-23 07:58 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-20 08:28 - 2010-06-21 16:05 - 00000000 ____D C:\Users\H2H
2016-06-20 08:26 - 2014-09-12 12:49 - 00000000 ____D C:\Windows\Minidump
2016-06-13 19:31 - 2010-06-22 08:27 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-02 14:03 - 2016-04-26 09:01 - 00000000 ____D C:\Users\H2H\Desktop\Cyrilova
==================== Files in the root of some directories =======
2009-10-29 06:21 - 2009-02-10 21:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2010-03-01 16:47 - 2010-03-01 16:50 - 0007830 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-10-29 06:22 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
Some files in TEMP:
====================
C:\Users\H2H\AppData\Local\Temp\7za.exe
C:\Users\H2H\AppData\Local\Temp\DaS_21.exe
C:\Users\H2H\AppData\Local\Temp\hijackthis.exe
C:\Users\H2H\AppData\Local\Temp\NirCmd.exe
C:\Users\H2H\AppData\Local\Temp\PEVZ.EXE
C:\Users\H2H\AppData\Local\Temp\remove.exe
C:\Users\H2H\AppData\Local\Temp\sed.exe
C:\Users\H2H\AppData\Local\Temp\shortcut.exe
C:\Users\H2H\AppData\Local\Temp\swreg.exe
C:\Users\H2H\AppData\Local\Temp\swxcacls.exe
C:\Users\H2H\AppData\Local\Temp\wget.exe
C:\Users\H2H\AppData\Local\Temp\zoek-delete.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-06-27 09:18
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny notebook vol.2
Zdravím!
Opět jste si tam asi něco natáhl. Spusťte tuto utilitu:
Opět jste si tam asi něco natáhl. Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny notebook vol.2
# AdwCleaner v5.201 - Logfile created 04/07/2016 at 10:07:00
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-01.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : H2H - H-PC
# Running from : C:\Users\H2H\Desktop\adwcleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [4113 bytes] - [15/04/2016 16:43:40]
C:\AdwCleaner\AdwCleaner[C2].txt - [2090 bytes] - [20/04/2016 08:06:28]
C:\AdwCleaner\AdwCleaner[C3].txt - [874 bytes] - [04/07/2016 10:07:00]
C:\AdwCleaner\AdwCleaner[R0].txt - [1726 bytes] - [02/09/2013 11:48:22]
C:\AdwCleaner\AdwCleaner[R1].txt - [882 bytes] - [02/09/2013 12:08:29]
C:\AdwCleaner\AdwCleaner[R2].txt - [1652 bytes] - [06/12/2013 10:27:39]
C:\AdwCleaner\AdwCleaner[R3].txt - [1458 bytes] - [30/10/2014 16:08:47]
C:\AdwCleaner\AdwCleaner[R4].txt - [1807 bytes] - [12/01/2015 12:29:16]
C:\AdwCleaner\AdwCleaner[R5].txt - [1322 bytes] - [29/01/2015 12:56:38]
C:\AdwCleaner\AdwCleaner[R6].txt - [2865 bytes] - [10/02/2015 12:53:24]
C:\AdwCleaner\AdwCleaner[R7].txt - [302 bytes] - [17/07/2015 13:59:34]
C:\AdwCleaner\AdwCleaner[R8].txt - [1572 bytes] - [17/07/2015 14:15:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [1754 bytes] - [02/09/2013 11:50:04]
C:\AdwCleaner\AdwCleaner[S1].txt - [6447 bytes] - [06/12/2013 10:31:47]
C:\AdwCleaner\AdwCleaner[S2].txt - [3458 bytes] - [30/10/2014 16:18:05]
C:\AdwCleaner\AdwCleaner[S3].txt - [2223 bytes] - [12/01/2015 12:31:49]
C:\AdwCleaner\AdwCleaner[S4].txt - [3418 bytes] - [29/01/2015 13:11:42]
C:\AdwCleaner\AdwCleaner[S5].txt - [4964 bytes] - [10/02/2015 13:21:57]
C:\AdwCleaner\AdwCleaner[S6].txt - [1638 bytes] - [17/07/2015 14:21:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2112 bytes] ##########
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-01.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : H2H - H-PC
# Running from : C:\Users\H2H\Desktop\adwcleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum
***** [ Services ] *****
***** [ Folders ] *****
***** [ Files ] *****
***** [ DLLs ] *****
***** [ WMI ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
***** [ Registry ] *****
***** [ Web browsers ] *****
*************************
:: "Tracing" keys deleted
:: Winsock settings cleared
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [4113 bytes] - [15/04/2016 16:43:40]
C:\AdwCleaner\AdwCleaner[C2].txt - [2090 bytes] - [20/04/2016 08:06:28]
C:\AdwCleaner\AdwCleaner[C3].txt - [874 bytes] - [04/07/2016 10:07:00]
C:\AdwCleaner\AdwCleaner[R0].txt - [1726 bytes] - [02/09/2013 11:48:22]
C:\AdwCleaner\AdwCleaner[R1].txt - [882 bytes] - [02/09/2013 12:08:29]
C:\AdwCleaner\AdwCleaner[R2].txt - [1652 bytes] - [06/12/2013 10:27:39]
C:\AdwCleaner\AdwCleaner[R3].txt - [1458 bytes] - [30/10/2014 16:08:47]
C:\AdwCleaner\AdwCleaner[R4].txt - [1807 bytes] - [12/01/2015 12:29:16]
C:\AdwCleaner\AdwCleaner[R5].txt - [1322 bytes] - [29/01/2015 12:56:38]
C:\AdwCleaner\AdwCleaner[R6].txt - [2865 bytes] - [10/02/2015 12:53:24]
C:\AdwCleaner\AdwCleaner[R7].txt - [302 bytes] - [17/07/2015 13:59:34]
C:\AdwCleaner\AdwCleaner[R8].txt - [1572 bytes] - [17/07/2015 14:15:19]
C:\AdwCleaner\AdwCleaner[S0].txt - [1754 bytes] - [02/09/2013 11:50:04]
C:\AdwCleaner\AdwCleaner[S1].txt - [6447 bytes] - [06/12/2013 10:31:47]
C:\AdwCleaner\AdwCleaner[S2].txt - [3458 bytes] - [30/10/2014 16:18:05]
C:\AdwCleaner\AdwCleaner[S3].txt - [2223 bytes] - [12/01/2015 12:31:49]
C:\AdwCleaner\AdwCleaner[S4].txt - [3418 bytes] - [29/01/2015 13:11:42]
C:\AdwCleaner\AdwCleaner[S5].txt - [4964 bytes] - [10/02/2015 13:21:57]
C:\AdwCleaner\AdwCleaner[S6].txt - [1638 bytes] - [17/07/2015 14:21:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2112 bytes] ##########
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny notebook vol.2
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [] => [X]
AutoConfigURL: [S-1-5-21-104843041-1053051366-136704638-1000] => hxxp://un-stop.biz/wpad.dat?5be9e6cc2d1 ... f5d8780167
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\H2H\Downloads\ACFrOgBKomr6ZK8QpBq4iDIc9jhQwidKiCL0MYu8sRt-Q32Ts7MkYderFEeptVk8QGevLSbPd-gRRyt_dAcR4dYPLUkh_Lnu73RfwdH3emZmH0Yt5hbSh7NOGXsvpz4=
C:\Users\H2H\Downloads\ACFrOgD2MEDJZP2Kq2GomJ6OxVVSUkLC1RTGMleKPIDrQbsxXy3X8vWCZBuGeHg7-V5mJ-W8abfbxdxmpvo4IZYNjCDoRyCrikbCILMVwMR6yEguPwwkLxrARrGVuJqVptE0Y3QN_ao4fpCKMc0K
C:\Users\H2H\Downloads\ACFrOgBjfr7UfK4tRAvjEq2zzjOCGq-rSPR9nW2hm8G7nWCiO0UL3T0c6eBEoA42b6rIPCLmcyuYwZoOM4cSLtIhthcaqT70D9uFFlw4QT8b_R1wX-ZBdqFINYSgRKg=
C:\Users\H2H\Downloads\ACFrOgAz9UFvMkJZIYsjv2DnbwXOhkQOgz0HE6aRVts7lLiuANH1Zbrl0Yvp77i6yWhfnIFUGI5sV7dig9o86WNd-Y2YuDm6hRQkT0eHbjy_eO9SRlBfDRx9_MiAjMM=
C:\Users\H2H\Downloads\ACFrOgDZh3UqS8-0IaLlyBpgdj_I7P9yloE2COHpqRgJLXY-qSMeqtBUrROOpkEkEaxESnRLA_owEuzhyNPdUIns2_TOBeE_rCEF2vgpbtx-Aq0-N_QSgx9QQ0RQYhA=
C:\Users\H2H\Downloads\ACFrOgAmhWLba9KwQFUUM6Ox9qRv8A6wHv2M9C0oxMyCbjWoDNcMntZOxwDISDnHv1QB5NUGAR09hVl5PtHCYaM_gba_ThiLcjsZmQY2Lszc9Qcmyy60CuFkrl6R198=
C:\Users\H2H\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny notebook vol.2
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by H2H (2016-07-06 08:34:34) Run:1
Running from C:\Users\H2H\Desktop
Loaded Profiles: H2H (Available Profiles: H2H & TUN)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
AutoConfigURL: [S-1-5-21-104843041-1053051366-136704638-1000] => hxxp://un-stop.biz/wpad.dat?5be9e6cc2d1 ... f5d8780167
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\H2H\Downloads\ACFrOgBKomr6ZK8QpBq4iDIc9jhQwidKiCL0MYu8sRt-Q32Ts7MkYderFEeptVk8QGevLSbPd-gRRyt_dAcR4dYPLUkh_Lnu73RfwdH3emZmH0Yt5hbSh7NOGXsvpz4=
C:\Users\H2H\Downloads\ACFrOgD2MEDJZP2Kq2GomJ6OxVVSUkLC1RTGMleKPIDrQbsxXy3X8vWCZBuGeHg7-V5mJ-W8abfbxdxmpvo4IZYNjCDoRyCrikbCILMVwMR6yEguPwwkLxrARrGVuJqVptE0Y3QN_ao4fpCKMc0K
C:\Users\H2H\Downloads\ACFrOgBjfr7UfK4tRAvjEq2zzjOCGq-rSPR9nW2hm8G7nWCiO0UL3T0c6eBEoA42b6rIPCLmcyuYwZoOM4cSLtIhthcaqT70D9uFFlw4QT8b_R1wX-ZBdqFINYSgRKg=
C:\Users\H2H\Downloads\ACFrOgAz9UFvMkJZIYsjv2DnbwXOhkQOgz0HE6aRVts7lLiuANH1Zbrl0Yvp77i6yWhfnIFUGI5sV7dig9o86WNd-Y2YuDm6hRQkT0eHbjy_eO9SRlBfDRx9_MiAjMM=
C:\Users\H2H\Downloads\ACFrOgDZh3UqS8-0IaLlyBpgdj_I7P9yloE2COHpqRgJLXY-qSMeqtBUrROOpkEkEaxESnRLA_owEuzhyNPdUIns2_TOBeE_rCEF2vgpbtx-Aq0-N_QSgx9QQ0RQYhA=
C:\Users\H2H\Downloads\ACFrOgAmhWLba9KwQFUUM6Ox9qRv8A6wHv2M9C0oxMyCbjWoDNcMntZOxwDISDnHv1QB5NUGAR09hVl5PtHCYaM_gba_ThiLcjsZmQY2Lszc9Qcmyy60CuFkrl6R198=
C:\Users\H2H\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-104843041-1053051366-136704638-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully
HKCR\Wow6432Node\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\H2H\Downloads\ACFrOgBKomr6ZK8QpBq4iDIc9jhQwidKiCL0MYu8sRt-Q32Ts7MkYderFEeptVk8QGevLSbPd-gRRyt_dAcR4dYPLUkh_Lnu73RfwdH3emZmH0Yt5hbSh7NOGXsvpz4= => moved successfully
C:\Users\H2H\Downloads\ACFrOgD2MEDJZP2Kq2GomJ6OxVVSUkLC1RTGMleKPIDrQbsxXy3X8vWCZBuGeHg7-V5mJ-W8abfbxdxmpvo4IZYNjCDoRyCrikbCILMVwMR6yEguPwwkLxrARrGVuJqVptE0Y3QN_ao4fpCKMc0K => moved successfully
C:\Users\H2H\Downloads\ACFrOgBjfr7UfK4tRAvjEq2zzjOCGq-rSPR9nW2hm8G7nWCiO0UL3T0c6eBEoA42b6rIPCLmcyuYwZoOM4cSLtIhthcaqT70D9uFFlw4QT8b_R1wX-ZBdqFINYSgRKg= => moved successfully
C:\Users\H2H\Downloads\ACFrOgAz9UFvMkJZIYsjv2DnbwXOhkQOgz0HE6aRVts7lLiuANH1Zbrl0Yvp77i6yWhfnIFUGI5sV7dig9o86WNd-Y2YuDm6hRQkT0eHbjy_eO9SRlBfDRx9_MiAjMM= => moved successfully
C:\Users\H2H\Downloads\ACFrOgDZh3UqS8-0IaLlyBpgdj_I7P9yloE2COHpqRgJLXY-qSMeqtBUrROOpkEkEaxESnRLA_owEuzhyNPdUIns2_TOBeE_rCEF2vgpbtx-Aq0-N_QSgx9QQ0RQYhA= => moved successfully
C:\Users\H2H\Downloads\ACFrOgAmhWLba9KwQFUUM6Ox9qRv8A6wHv2M9C0oxMyCbjWoDNcMntZOxwDISDnHv1QB5NUGAR09hVl5PtHCYaM_gba_ThiLcjsZmQY2Lszc9Qcmyy60CuFkrl6R198= => moved successfully
"C:\Users\H2H\AppData\Local\Temp" folder move:
Could not move "C:\Users\H2H\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-07-06 08:37:25)
C:\Users\H2H\AppData\Local\Temp => moved successfully
==== End of Fixlog 08:37:27 ====
Ran by H2H (2016-07-06 08:34:34) Run:1
Running from C:\Users\H2H\Desktop
Loaded Profiles: H2H (Available Profiles: H2H & TUN)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [] => [X]
AutoConfigURL: [S-1-5-21-104843041-1053051366-136704638-1000] => hxxp://un-stop.biz/wpad.dat?5be9e6cc2d1 ... f5d8780167
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Users\H2H\Downloads\ACFrOgBKomr6ZK8QpBq4iDIc9jhQwidKiCL0MYu8sRt-Q32Ts7MkYderFEeptVk8QGevLSbPd-gRRyt_dAcR4dYPLUkh_Lnu73RfwdH3emZmH0Yt5hbSh7NOGXsvpz4=
C:\Users\H2H\Downloads\ACFrOgD2MEDJZP2Kq2GomJ6OxVVSUkLC1RTGMleKPIDrQbsxXy3X8vWCZBuGeHg7-V5mJ-W8abfbxdxmpvo4IZYNjCDoRyCrikbCILMVwMR6yEguPwwkLxrARrGVuJqVptE0Y3QN_ao4fpCKMc0K
C:\Users\H2H\Downloads\ACFrOgBjfr7UfK4tRAvjEq2zzjOCGq-rSPR9nW2hm8G7nWCiO0UL3T0c6eBEoA42b6rIPCLmcyuYwZoOM4cSLtIhthcaqT70D9uFFlw4QT8b_R1wX-ZBdqFINYSgRKg=
C:\Users\H2H\Downloads\ACFrOgAz9UFvMkJZIYsjv2DnbwXOhkQOgz0HE6aRVts7lLiuANH1Zbrl0Yvp77i6yWhfnIFUGI5sV7dig9o86WNd-Y2YuDm6hRQkT0eHbjy_eO9SRlBfDRx9_MiAjMM=
C:\Users\H2H\Downloads\ACFrOgDZh3UqS8-0IaLlyBpgdj_I7P9yloE2COHpqRgJLXY-qSMeqtBUrROOpkEkEaxESnRLA_owEuzhyNPdUIns2_TOBeE_rCEF2vgpbtx-Aq0-N_QSgx9QQ0RQYhA=
C:\Users\H2H\Downloads\ACFrOgAmhWLba9KwQFUUM6Ox9qRv8A6wHv2M9C0oxMyCbjWoDNcMntZOxwDISDnHv1QB5NUGAR09hVl5PtHCYaM_gba_ThiLcjsZmQY2Lszc9Qcmyy60CuFkrl6R198=
C:\Users\H2H\AppData\Local\Temp
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-104843041-1053051366-136704638-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully
HKCR\Wow6432Node\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\H2H\Downloads\ACFrOgBKomr6ZK8QpBq4iDIc9jhQwidKiCL0MYu8sRt-Q32Ts7MkYderFEeptVk8QGevLSbPd-gRRyt_dAcR4dYPLUkh_Lnu73RfwdH3emZmH0Yt5hbSh7NOGXsvpz4= => moved successfully
C:\Users\H2H\Downloads\ACFrOgD2MEDJZP2Kq2GomJ6OxVVSUkLC1RTGMleKPIDrQbsxXy3X8vWCZBuGeHg7-V5mJ-W8abfbxdxmpvo4IZYNjCDoRyCrikbCILMVwMR6yEguPwwkLxrARrGVuJqVptE0Y3QN_ao4fpCKMc0K => moved successfully
C:\Users\H2H\Downloads\ACFrOgBjfr7UfK4tRAvjEq2zzjOCGq-rSPR9nW2hm8G7nWCiO0UL3T0c6eBEoA42b6rIPCLmcyuYwZoOM4cSLtIhthcaqT70D9uFFlw4QT8b_R1wX-ZBdqFINYSgRKg= => moved successfully
C:\Users\H2H\Downloads\ACFrOgAz9UFvMkJZIYsjv2DnbwXOhkQOgz0HE6aRVts7lLiuANH1Zbrl0Yvp77i6yWhfnIFUGI5sV7dig9o86WNd-Y2YuDm6hRQkT0eHbjy_eO9SRlBfDRx9_MiAjMM= => moved successfully
C:\Users\H2H\Downloads\ACFrOgDZh3UqS8-0IaLlyBpgdj_I7P9yloE2COHpqRgJLXY-qSMeqtBUrROOpkEkEaxESnRLA_owEuzhyNPdUIns2_TOBeE_rCEF2vgpbtx-Aq0-N_QSgx9QQ0RQYhA= => moved successfully
C:\Users\H2H\Downloads\ACFrOgAmhWLba9KwQFUUM6Ox9qRv8A6wHv2M9C0oxMyCbjWoDNcMntZOxwDISDnHv1QB5NUGAR09hVl5PtHCYaM_gba_ThiLcjsZmQY2Lszc9Qcmyy60CuFkrl6R198= => moved successfully
"C:\Users\H2H\AppData\Local\Temp" folder move:
Could not move "C:\Users\H2H\AppData\Local\Temp" => Scheduled to move on reboot.
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-07-06 08:37:25)
C:\Users\H2H\AppData\Local\Temp => moved successfully
==== End of Fixlog 08:37:27 ====
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny notebook vol.2
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny notebook vol.2
Rychlost sa zvysila, okna v prehliadaci uz nevyskakuju, ale blbne windows prieskumnik.
pri kopirovani suborov (v ramci harddisku) skolabuje, oznami ze prestal pracovat a restartuje sa. Subory sa ani neskopiruju...
pri kopirovani suborov (v ramci harddisku) skolabuje, oznami ze prestal pracovat a restartuje sa. Subory sa ani neskopiruju...
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny notebook vol.2
Udělejte jaště kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny notebook vol.2
Malwarebytes Anti-Malware
www.malwarebytes.org
Dátum kontroly: 7. 7. 2016
Čas kontroly: 8:41
Protokol: Malware log.txt
Správca: Áno
Verzia: 2.2.1.1043
Dazabáza malware: v2016.07.07.01
Databáza rootkitov: v2016.05.27.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Vypnuté
OS: Windows 7 Service Pack 1
CPU: x64
Súborový systém: NTFS
Používateľ: H2H
Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 345688
Uplynulý čas: 37 min, 46 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 1
PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-104843041-1053051366-136704638-1000\SOFTWARE\Search-Protect, , [0b22ca57d7c363d3b9d7eaf4887bc937],
Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 1
PUP.Optional.SpringFiles, C:\ProgramData\boost_interprocess\1458646610, , [909dd1501189a88e86a1f9d1966c4ab6],
Súbory: 1
PUP.Optional.SpringFiles, C:\ProgramData\boost_interprocess\1458646610\SpringFilesDownloaderPool, , [909dd1501189a88e86a1f9d1966c4ab6],
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
www.malwarebytes.org
Dátum kontroly: 7. 7. 2016
Čas kontroly: 8:41
Protokol: Malware log.txt
Správca: Áno
Verzia: 2.2.1.1043
Dazabáza malware: v2016.07.07.01
Databáza rootkitov: v2016.05.27.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Vypnuté
OS: Windows 7 Service Pack 1
CPU: x64
Súborový systém: NTFS
Používateľ: H2H
Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 345688
Uplynulý čas: 37 min, 46 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 1
PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-104843041-1053051366-136704638-1000\SOFTWARE\Search-Protect, , [0b22ca57d7c363d3b9d7eaf4887bc937],
Hodnoty databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 1
PUP.Optional.SpringFiles, C:\ProgramData\boost_interprocess\1458646610, , [909dd1501189a88e86a1f9d1966c4ab6],
Súbory: 1
PUP.Optional.SpringFiles, C:\ProgramData\boost_interprocess\1458646610\SpringFilesDownloaderPool, , [909dd1501189a88e86a1f9d1966c4ab6],
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny notebook vol.2
Nálezy smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny notebook vol.2
Zmazal som, prieskumnik napriek tomu pada, pri akomkolvek pokuse o kopirovanie suborov prestane pracovat a restartuje sa...
-
Rudy
- Site Admin
- Příspěvky: 119673
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Spomaleny notebook vol.2
Zkuste obnovu systému k datu, kdy korketně fungoval.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Spomaleny notebook vol.2
Urobil som obnovu systemu k najstarsemu automatickemu bodu obnovenia - nepomohlo.
Prieskumnik vzdy po pokuse kopirovania akehokolvek suboru kolabuje a restartuje sa...
Prieskumnik vzdy po pokuse kopirovania akehokolvek suboru kolabuje a restartuje sa...
Re: Spomaleny notebook vol.2
Spravil som znovu scan na malware, znovu nieco nasiel, log prikladam:
Malwarebytes Anti-Malware
www.malwarebytes.org
Dátum kontroly: 11. 7. 2016
Čas kontroly: 12:52
Protokol: malware 11072016.txt
Správca: Áno
Verzia: 2.2.1.1043
Dazabáza malware: v2016.07.11.04
Databáza rootkitov: v2016.05.27.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Vypnuté
OS: Windows 7 Service Pack 1
CPU: x64
Súborový systém: NTFS
Používateľ: H2H
Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 345464
Uplynulý čas: 30 min, 41 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 1
PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-104843041-1053051366-136704638-1000\SOFTWARE\Search-Protect, , [e9d757cbbfdb45f1681f5f7f3ec513ed],
Hodnoty databázy Registry: 2
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, 0http://un-stop.biz/wpad.dat?5be9e6cc2d145b8c9e19a06238267f5d8780167, , [18a8899914861e185c18bd0dfb07758b]
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-104843041-1053051366-136704638-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://un-stop.biz/wpad.dat?5be9e6cc2d1 ... f5d8780167, , [efd171b1702ad75fe48d29a1a062d42c]
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 0
(Žiadne škodlivé položky neboli zistené)
Súbory: 0
(Žiadne škodlivé položky neboli zistené)
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Dátum kontroly: 11. 7. 2016
Čas kontroly: 12:52
Protokol: malware 11072016.txt
Správca: Áno
Verzia: 2.2.1.1043
Dazabáza malware: v2016.07.11.04
Databáza rootkitov: v2016.05.27.01
Licencia: Skúšobná verzia
Ochrana pred škodlivým softvérom: Zapnuté
Ochrana pred škodlivými webstránkami: Zapnuté
Vlastná ochrana: Vypnuté
OS: Windows 7 Service Pack 1
CPU: x64
Súborový systém: NTFS
Používateľ: H2H
Typ kontroly: Kontrola hrozieb
Výsledok: Dokončená
Skontrolovaných objektov: 345464
Uplynulý čas: 30 min, 41 s
Pamäť: Zapnuté
Pri spustení: Zapnuté
Súborový systém: Zapnuté
Archívy: Zapnuté
Rootkity: Vypnuté
Heuristika: Zapnuté
PUP: Zapnuté
PUM: Zapnuté
Procesy: 0
(Žiadne škodlivé položky neboli zistené)
Moduly: 0
(Žiadne škodlivé položky neboli zistené)
Kľúče databázy Registry: 1
PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-104843041-1053051366-136704638-1000\SOFTWARE\Search-Protect, , [e9d757cbbfdb45f1681f5f7f3ec513ed],
Hodnoty databázy Registry: 2
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, 0http://un-stop.biz/wpad.dat?5be9e6cc2d145b8c9e19a06238267f5d8780167, , [18a8899914861e185c18bd0dfb07758b]
Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-104843041-1053051366-136704638-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://un-stop.biz/wpad.dat?5be9e6cc2d1 ... f5d8780167, , [efd171b1702ad75fe48d29a1a062d42c]
Údaj databázy Registry: 0
(Žiadne škodlivé položky neboli zistené)
Priečinky: 0
(Žiadne škodlivé položky neboli zistené)
Súbory: 0
(Žiadne škodlivé položky neboli zistené)
Fyzické sektory: 0
(Žiadne škodlivé položky neboli zistené)
(end)
Přispějete na provoz fóra?