Chtěl moc poprosit o odvirování ntb. Jde hlavně o reklamy. Díky moc
Logfile of random's system information tool 1.10 (written by random/random)
Run by Dominik at 2014-11-10 17:34:04
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 676 GB (94%) free of 715 GB
Total RAM: 3980 MB (36% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:34:13, on 10.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\MetafileMySQLRegister.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Dominik.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:16928
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ArchiveNetScrolling.exe - Unknown owner - C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\ArchiveNetScrolling.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DatabaseOSUtility.exe - Unknown owner - C:\Users\Dominik\AppData\Local\DatabaseOSUtility\DatabaseOSUtility.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FrozenOCRSoftware - Unknown owner - C:\Windows\SysWOW64\FrozenOCRSoftware\FrozenOCRSoftware.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: ImportTaskTooltip - Unknown owner - C:\Windows\SysWOW64\ImportTaskTooltip\ImportTaskTooltip.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10172 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 29917648
\??\C:\Windows\system32\conhost.exe "-2582227241467348439-593017354-1808126167-2082311614-719493133-11398858491051023484
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\ArchiveNetScrolling.exe
"taskhost.exe"
taskeng.exe {1BCF8B50-A801-4420-9299-A7340B842AD9}
"C:\Program Files (x86)\Internet Speed Checker\1a6cf72b-aaae-481f-87cd-e504292204ba.exe" /agentregpath='Internet Speed Checker' /appid=61752 /srcid='001726' /subid='0' /zdata='0' /bic=AF59BE1EA9474E58857463C81867CA2FIE /verifier=026b7cfbf1e5901dab1a1e07f6346bc9 /installerversion=1_35_09_29 /installationtime=1415549611 /statsdomain=http://stats.newinputinfoservice.com /errorsdomain=http://errors.newinputinfoservice.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http://logs.newinputinfoservice.com /runfrom='task' /externallog=''
"C:\Program Files (x86)\Internet Speed Checker\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-6.exe" /rawdata=taYZr7dqCefgVy9QWwXd4mMIEKsqTObnNMZOBCbx3Uz3EZVG3dE5S/5pUjQYskXUK/4x7xbK9iL8U+P4ts4YRt4NAUUmhrWx+ddnU4/LRd/tzx715A7vwQjpg0H9zGaNjQ1iPgUSqJtJwUbEYLTaAKeIwbb3Rtv0EnYIuGiPd2N602ffbjmO6+CxuI9IdcLg4hPOfPYTO3auuRAX9I2uUBnlEVmxmB8VEPvLrt0GsCkfr3uCaNzSsLPF9Qbl3slHwvAjIbHPInX4NqqE1brUhrLIUAtXez42edDnvIwiPbsSHwwCveUpNDuIG1BbRiqj2INNv6yqz/lTHjlaEjxqDR9mZGaQVMk9B45YF+m+vEZUkZatbXs8VuCaO4wu92xRNGxwBP9IC2ovEoYqptSTEOgErq5oD54AS1AD8Znfxm8IKA2oK6I1LiTuRGK0+HyPsdR1DoTImzgOvG1ab8V+/0Nq19gmfTJtGaj31JV+m1n4VqJ5jK0oV/6+rkIEjiFVgCOTmUyPXl/i6XboLpoEyeuzT+tJP4HaiKcsUUEYyIeVf83MWuiQw3Te/dERfMA3uL7ILPLsPbK9tM3b8NcOQcDn3oqdXqM3uS3LUJKKIFJ5pxbVoPEDHVVtBAf+4wloED7JmkR++J2gpKrymHttBb4JlRqrhCBMvJjykDdZr6s/w7yTmyv9FH+1qrdyjQDsAX7TszuAluI2Bh8iVl3sCHMRQBe+PgHoo3son0HNZMwWKdLA68ytTZwYkDQIOaOkWO+lxSs4oXmOYx1zpBopTROBsB2H4Da1lYwGEacM3ynm6B2s/JYD+/oad0V2TyGnUpWjCekC5uFdBut3kFyhsGWODSlV53N64624ChdJh5TbKFaOv+QKipq5DY8oLsUoIBgntjRtZh1SKzomWGu0xhhpbNYMCcw7p++tB+hAzmIkFiX9qCf1936eu2KLFmboQxLWUwFSBTW+I1fD5dL6VwY+zmSiP+naugwz8et71XwVfpwg0yzid+OEGUrMYnFcPgyzHksuDl/AEdwZR+NogPLiDLlB5yXkRVhyyvDyyOP3HRMtJT7iyQPHApAoKH2mvYj+501CMgxS7ZwKOyNiwoGRy0K9M/B3AU/8IQLma9ryDl/N9AYU2R/v00kL1d5yMWsQbhnSmdhrYT0HKJTGqGdawQCuyPOjs2huRKUEcyYEW3W9DuMFK59VrghZMQI6g1HnHz70B9nI9w2c8bIfNx72anslAcjSCZJsF6G3DU9qRU02yl224yESEP/bwmjrkk+A/uabsWXPM5A/QaQJ+SiKNmrRO/fUnMYuFheM/y9bIT4qgO1zZqaldPmLUNHXevT5tllSct2tPUwFzmlvgryHcruTivv0qR1wXlz98sPykjH40JDt81jB9gMmU4ojbeJ0/GHce3M3Ok1rg3k8WQzgBEp2cKNfr9AjfhNyS8BIpJtRyYZpRweZr47H/CtitRPb2/YeHB24umebVCihoo53MzHDKo2KTpv2L+9wRqorWjkpRQB59MOikJdV4UNRg4+9JVgQ2UzXvsle+IJinT/7xjOUeAHhXrKHbpDKjQIBOeLJe41JW6xbcYQy/5epI0wXpt3my2AS0Jl8oclR91bft+4xMZemYAxyDpcqperIyYCkYD44xaYVLQo4z1vTyaQ7fsZtTeqdUCDtBCcisBffIGgeE54aS4A9DEpa495dtbEuLu98nKvqlm62l4NGt2fEIVhLUfYmQMHCJEd7iOmfacYTBEWlfhWOENxvY7XRgSPmY4O22wTRhFBORz9ACepbZQ8feqUaLGyCFRh6zdJxV0nzbOs2sPJYQIr7QZ+npKO2smQO2acqu5DrKpfa4ShgEr1ZSEDGoCuEegVy78UMek+Ix5TiAS5SydpWCmh/I38AXdoi57vAv5VGNcxl1+U2SEiAm/cB3Y9gEm5amuk573ocQjHSg8BEoNwINKjMh5WqoSu7ng1FplQrn7tuY9i4kL72d2nUZG3smdSVtMtIMrjOYCWhQLTUrLQ022JCIUxZzbwZbn+YpNoCLF7pFN7a37g74ZWXfzyjnmi5JldNrCOsDZCfPuz7QvqMDqu2LzI7J/KUw/ROX/YwSqPMBSoYdZhvvknELcrsxdhtsQqBh1TI4lStL3CnASbX0Bcb4YxezlBMG5j5PkxxDSil/5/oWh6pXlCN8g4Lg1xwEy8ZlQUkl4dOGQJdPfM4RmC1dh+LRtLa7haf66XmhCyIWOud4AwLhqk6ZVvxFnqytcHog/WxWxTYXCFwBvbBJCSgLy6vD+OYk4f/TBpWYc6odWbo2L/cCWu3Vno6DzHsqX6pya5ihOnefroyttBiCknLbuSQ2aNiL3hGw5HWLRqvt8N/rHKz3yk/mJtR7wgIUqdduUDKwSZTWx0EYTTJN5sesMUn6W+Pj77+H28Du3v+8jZzvf/iARlegEruZ3cNdCNm8O+jqM5YWGgNUr5hTG2t36YLmaiY9h5vtvWA7CISZ5lGlW26gbS9qDcVpC//5ac07jAFD2uOiv552dZt706cKzcx/70KefzOJFDFVbjX
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"c:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --remote-debugging-port=9223
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2260.0.436993400\2110281990" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x0000 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=8.951.6.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/PP_Ethersuggest_A7_Stable_R8/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_16/UMA-Uniformity-Trial-1-Percent/group_61/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/group_02/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --disable-accelerated-video-decode --channel="2260.6.1656097820\151128576" /prefetch:673131151
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
MetafileMySQLRegister.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="2260.8.247948122\1421573108" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2855382574-2868757954-685162649-10001_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2855382574-2868757954-685162649-10001 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Users\Dominik\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\1a6cf72b-aaae-481f-87cd-e504292204ba.job - C:\Program Files (x86)\Internet Speed Checker\1a6cf72b-aaae-481f-87cd-e504292204ba.exe /agentregpath='Internet Speed Checker' /appid=61752 /srcid='001726' /subid='0' /zdata='0' /bic=AF59BE1EA9474E58857463C81867CA2FIE /verifier=026b7cfbf1e5901dab1a1e07f6346bc9 /installerversion=1_35_09_29 /installationtime=1415549611 /statsdomain=http://stats.newinputinfoservice.com /errorsdomain=http://errors.newinputinfoservice.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,178-288,179-288,180-288,223-288,263-24 /monetizationdomain=http://logs.newinputinfoservice.com /runfrom='task' /externallog=''
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-1.job - C:\Program Files (x86)\Internet Speed Checker\Internet Speed Checker-codedownloader.exe /rawdata=ZUItHPgJG4+ITSffUvbg67rrztIlFqpkb9OCXauBouUxlFywlTmmwPv4qmQ+AV2oGwl34yZVIkTYgOW95U3NpPegFKvxe8bUqcuzH7B+7MdFe7dDlmpsDluXT1xhvh53pPaojtGC41XpMNCBuRD6XHhLYfLm/NET4OI3+zR/lQ+naI+2anexC3nt4IHxokBSFs5jVCqvavmp+GW5jx96uCa4Kazd8nwAuBGj7LqU4V7nK8H/j6E2TMI5enPQ8s/Y0T1IzuoxvEfy5FMj3/AM7meRyEiIxJruFRTSK8KAQormNOFmM49O9yjrmhoy4GAx1GNZtihul/mBBwlX3/Me4Eduui78S2D00wgq+5tP4G/s9GbIY/DChoOsPZWyrc5kzklJJs9Rx8kJt5Yie5b/+Xu3GwG5vZESY9x0E3IiLxX7zDAAOTYPbQ31+aOP4M5Dy/46Mh6BHMXqYn6CJAD1QrdIuQ5UcXwYZmb9cfc++HlylA3Z9YWDxQno9ZF8zvhoRp9YeckemNu+UpPeeuGEuPE+nXJL2qK9WsPJkYOtvWE3GYS56WTLBsGtRk2zjDLUGxNrxaCzU4QcSZoN/mxJ4/CI388YlInLWuFg/hTYvTv/bpikiukBINW16d2JP6d7S7wEnejjyUMOotxOKanlNaYO7ACTHY8cpbkbP7oS/heOb0C+BEBlgtajqm1vWfC/EFGh97ZMZprehFNmY/TBhiMC90PcRaZggZ5hmyEX467mrneIR1ww4gg6fzG3bgPOYoDteJJtuVqIY+9Q/h6LSt3yDRxUYASK9wgfa7k8a65QAaOzicDeM2y87Tfcx0JozcE4JHv1dwe0ER5G2CIafiLrR2wZEGyBBtul0wC1GNskfGQ4CwklrUnwnNVKXpe7BLjfRyGs7hPujSuXNirvn/Lc0ZVQX00pYAMowAvnZR7Zwa+SueQ550+rmedmVrgMpWAPeKYoREoD6AaLH8hQoucCKBGnUUvx35oZ7wnMJ1Lwi04q7KcGXCHeWKFTjlM8uhflg1gaGlwjNAflVGNAzXqROO/3s6ivsEGPvrsJaOuhR08a6amYEzW32+iCNAmqd8GD1ViSdTbiPCRx2vqPlEKqnWC3laZt1oRtAEMYKfYCkIDVbMfasKNtpy9IWmQqG+obqjrvWkFHksM2oM7kk0u3fxPTZ67JqNNzyD/jzAdfTUvyI+ZPqji5eLE3PIB90TdU3uh1XcrPRtX2i/rOoOdPkrcgzNNhY3/58lXVLuYJOcXxpeMdGf3yg7e+g7SXdqPUezkzwwymviNseKv5WfNxIaRPu/qQPEN+KVCtVGX+J/YS0vYqP3gN5lTw/BYSk7pq284AIpe+mQ51IGVvRW8gV55B5qofB8NMrOIBzraAm0ZUP4QoKszYHrHZQHjb6w80bGtGHGTtN0f3lrtEBaeTOi0uKCNRtFcKPTpsqM5qcHzhzuS+9/tvmMjCe0k5agbgsNDumhhahS18Ibg75RRYuUdBFK4r0GUwrlv3TQGA8NfXUf72OAx7qP+6KqNf
C:\Windows\tasks\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-11.job - C:\Program Files (x86)\Internet Speed Checker\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-11.exe /rawdata=ont1yOYfonaJRj5RfBZxfd71Rq6RrGsDtHV4pZjQOAV3vzf/K7/Ct8NJyNuZD7ANP0slRv4N1XkEfm3dM3zL/wg5JWYxr8N5BVGfVQC0cr/i9AOwhSAucUqjVYYRmtNJR+CPmXcoSQjrlGQAEeT3vgLsnKEBDL5WlSzH4s2COtzAxuEP8pRX2jzf6zFNwT4NmwsiIUpx4TBHsVJQY0ffgOHO42xr4DPTV5qbcUeO6aFYUr4eBttmbn1/WnRZQIB9MNKyyvXwdm8u+805nAula+Mpod3aX6rRxwr6m73T4f1E7KqGqxZtchXYmTLyNxS6kbWhJqv+OfYg1AsGi0byg6WTCjr4iyhML+5ardUaBe7j0coBexgNRE2zDXhFSfjxW0M2pVbU5P+hsx5/waaSjv3Q+cUec5mmieSjhrFjOMDVFATuJyqq+uOW5BTLY1nYUZOIVSA/TN7Bi4jKOb7C7MZUjsMeZrHzrBb8afGdXYgH2Qf9Ci4wlJXyFrd6LP3iJlrh9NLVLHEkBzo4wfWW2n48Hs3U/NGc/Ri6dwtwtpbMeiaP5qOk6cd4iKs3rzOcw1az24kQn/BJ8F+wr4cLX9otfkf2/H2cIe6w7ht7s9eFyHVlFHpQgNqWGoG5VRLl2a3iweo5SkeUzdL+69wz+/5R/FAGl4K4o6n57GJiQ4gWbeWfbb5qi7S0uhFGShiEjX4rQNa5FlCLNJfihyCYLPCYqaEokggWlaPTAxhhQQjb30GdIl+I4Fmxs5zlcwMhes0DxAGNDxvL1X0Tq75pGB5uj7E4kzwWK9y6CgODr6uXjdxOK4366oX+jxzzsheTcSToz5OXpKv/KnjvJW2j1XMQ9a3R/vtcLy1J57673RJ7zR/W05Ow8S2aNVtkBStRsFsfpTcXSY4k6wHhq+Q0EaXE6+YSu6ZyuQ4arNCHdHFKy/gq/srnzo7TqlF306RfCgPcxExuU0txb4A9/xV0Z2CDE5hipVq4TNplduLfRep2olQdGuzvh6ozUj5z+YMmp0rTLh31Z/qA8xSfuH6o+zL5L997KITHkjtWjYCvppOBvzwEGm4QCKxoFU7kPJ4D8bS6j4PFEmFc1H1E0h1zH5dnFijmGLjERDnzb5gR4bt84AYMa59UXpflZ3Ow4Ig8zhCAtT69ovepR24m1uv7KLn4vI/YNvHpAwmsxXOYlwxulv2sSa2IJMqljhA4JpD1PwyGdv+zvSOL9FILELC37SBItCHvrR0ygpitDuC4AwH2kSgPMu2+JpOIU6TFZDnYO1z7one7lZyBPwg3TeaWHX976dny3hsDV4tYPEIk7adax80QDuln0iY8q5lwwpPG1TK6x2f2ZpeSg7oOo6975hmAj6H5Rdaw7tO1+a7ilRoQlcmYEaUjyW6jGQP1OCcne7vIYrs+8sf4GDFO7lggHI3X9f4va1MocIMBQys21t8/qBMbfoBTyOKEgcx2D4GQDUo1NIf2/smvmyv2ZCGv9wiWBeW1VSB0CP+BQ0RIu+/AkCP/EuyPSnDXUefCIP7MxP4jbZgJ6n5sXb3x371eYqWjta0XVA6FOLuAkDNxXw587KRQb8+sLxazFiKMSkTr/VNXLCK9+18QVArWLD4Pob87t6vMit9cTVRvHS0HWhA1SSBVh/fB8lBxQPBaDYR1sUMdUbT5IMwM2LgTlfcuAspVaBzpVGYlTyJiquAVIBWXzB4yJNqCLhsIUqb4CJqatHYHEcNWmBcsTQB8KBjpo2K2p4u/3to1hQvSHflfGnCog7IgSygTguSyyqh7aJKta85ID958GW5aGRL7iqQNcf9wa7tLvnMnQddpTu3bMuiaDhQ3gs8THZWDb820HTO82JHlvLCSUNrx7sR5OImDbDFNpYQ927+fM8Z6EeZKk0njA+5gEabzBnxSjttQZOWFRClJ5DujY0RJOOKZoYnRZpyUA90afCpUhQW+/VdEn4inlt+KGSaadeHKjd2oKiK8gBOOGwIe1tC584xB9EyVr+kwKyUDVBQyuHAot+Yo3UZVORsmNNPO2s2paJX9xELfPmjuFgU1IZEipgHFxXq5NKmsQoT7UuCSX7aLcM+pJF3sOGmEzF/sP9s6jZ+LUo5stth5e3JPoNOglYFikLoai8EBRJcifNYR8SOnGw5pemjdoqnNuUFfen+4Jvb0aiiexrtEPYucgkCsUQZsm6O/PUlc3upt93Fy9Rd99BfxY8RzwjJizqIjPk+rLU+ieMfHqTSO9INrL+W+ZS0WJ1wMkZ0g+Tf2cds5w+/MhBEXsDkun9YytwaMRj3Zyhxz/4o6NKxLnhuF04LdY8wjdqoAkyqHDhW2JHT/fdlzYf2NWsF5FkCTfwZ0qiqNVdNlWqpmHMI54ymxlEpGy/Q/Jx8G6w==
C:\Windows\tasks\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-2.job - C:\Program Files (x86)\Internet Speed Checker\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-2.exe /rawdata=YvreoyBySnPZb8+isXfAuC4TzFG3dAQAgKxgWidgnYBBtu4y81EkhumJX+osFAXryMNDaRKcg43JsIe2Cb2on5DkVBp0fV5pxva4loekuxh6ejAM7GkI9EDHqWefvw9ohQVn+Pog6KTzTpFxXC2km+CY4VLLEvyg6pUECA9L9W5I8hlNYULEpsvGRYCFO5oqZ9eK7H9hDZcyyOI7l+0vSI6Ci1Fk1J7hVSOQVhsekLgHws1AquU9vroRz8+FA7VRFNAJYBxKn6Clc3gJ4uQjtFsiX2xIerzp/KKx+bRRNeu+4EJXa2fvBABo6IPxmWSnnKdZ/TnJLH7HtBj8g0pgPqHrhBt2hc1u6crIz7Gixcn/CFQS9TvcL4ZMNXkOiNl+Ju9ReHBWcysjBDk2AWJs66YMxgAdkqteeG9P049P+IIrnL1fGtoilvzbPTChLxp9xwIb72DIsGXrIZKiephDoi1vf7Brd4wltoLcs4V/UMZRUNSbZ/aZ5cEgubEFyALYQjwM3AZqEOwg9wr1/zKSJ7fd2fYrdgH/fKBMaokmRI740FFfbolKaYsbvIjHRpxHIJNbb3oOCkwW518q3LtE+junUma8fCrP7ry6YOUJ2e1QGS60n3gkDgDj712yXypv0KBEyDpI6zQ3LqKxYnRw6SiBs0eithKNhPHzaWJ/7rpEFTl7PFdWQi64ZzoeQJW0hVF8axFvcnrI0jBSN85g/VtzGqWiqmtyXgL6iS/I0zk1XBSd+dvFyRy5oqYCMvv7gCuCjKQrMpHkEkM/XUB8eZJWK8L0Ev/MB/ZBJzSAEMXC7OJilNLgB2vMREl2nOIlxKG+yEBxZweXW+mtwTn3yQ==
C:\Windows\tasks\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-4.job - C:\Program Files (x86)\Internet Speed Checker\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-4.exe /rawdata=v2Bt7cZMpdDABLLWCXC9u859J3krO7Jxq2usYTmhwob8kydjDlG5bwe/Frsmx7fQ/TGtncOkf5o5aWfCqdj4Nl/fTxnh3xRMFOcPwAvbwEi+tj5H9JeK0gpjA1FUAiFbUtTD9YeaQeTTT4IJrCZIT4jSMjoqg7tEgp54mq+ViE2z8fu6Kp2ZYDFrrs4mD2A5H4A3dlwuvGVmVG4ea4gSwkt+IauZRsNTunURCcC0vucrC1GVIlenA8zXRxD4BlHNkU7JkAkuyS8AhwBNqPekfPCfxCm/OecM7vhoPSUQ7iujtxx9Kn4PQxpWzT3YCkAh7SZBthzVLj86o2FglIqU9XrTZ99uOY7r4LG4j0h1wuDiE8589hM7dq65EBf0ja5QGeURWbGYHxUQ+8uu3QawKR+ve4Jo3NKws8X1BuXeyUfC8CMhsc8idfg2qoTVutSGsshQC1d7PjZ50Oe8jCI9uxIfDAK95Sk0O4gbUFtGKqPYg02/rKrP+VMeOVoSPGoNH2ZkZpBUyT0HjlgX6b68RlSRlq1tezxW4Jo7jC73bFE0bHAE/0gLai8Shiqm1JMQ6ASurmgPngBLUAPxmd/GbwgoDagrojUuJO5EYrT4fI+x1HUOhMibOA68bVpvxX7/Q2rX2CZ9Mm0ZqPfUlX6bWfhWonmMrShX/r6uQgSOIVW9ngWcGqAJGGRfpiNFCb3f5+U6JiNwL5fjrSaPwr5/KAtPVkE0RxPFMTh+rGX+DIYDDYRKKSRQcIGswAA8FU1GUZ5v2HG8OKAsUtrlEYTHj7JMk5xLhJ/J/OPRAsEm5KJrefPz4nt4of8e7xXwP9/eyIjaAD5yoXN9kCPUA6XSvUimFfVWd+NZJO38EI+/r4G1JC+/GyJ68nMuIWOkWb3/UrqdMpR7iw53a5DCqKYnRDZRmtblNRk9n8Rth/VUGaqzdWNTRUJNi8CvdRFZo8T3IbttoG8p5FcBFzXQbROEyCPwUCnqN7Hvi3f8KV5Cn4OFETc6xM8VyD4wrcgfGrjdlIoZ+Tbj68PTOvxhqsgwn6Ofl59M/iLaY3bS/tedxFu5+eUYcHjfE7IDvkN9IR+JDlcr4nx2xXORkW6QJeX3w6+ahFPHB8cWrm0Nbe0lIaZAuf4M8bTy4uWN3cbSTSlfNZvoOe2zYHzwl4Z4hVqYJ/0nRlse5R6IzRmA0U/o0vuvLXUJiFadfEUA0G66P/qGTah+TsiQNYjdRzT4TkYSLX/VekMptzahgK3Lt/2IArBfLqQf07jkiX9YQZLmZZ/Rb39ED4Q0+dIF+5toAIjYbN4eJkfZz97F9/uo86AM2VSD3vDn4/x73BmrrqRXgrL1eZYoSQ/H1qi2q16u1zFuf79wsIV8UoellGAex0HzKodWETGgly3lpPLyma+Lz2Nuxk3cKhuMTRjqBwb0LXjUY0HQDtOCaL80Ybvgfjwgo21c9BJkJNbp4bQC9O0vlQrq+0JyeOb9AZmy0QvJiV3IEINhTQU1vhqtlxo07smTS0C7WfCg1YRGDKS8bDCnDENUWQaCFzSu10/mPGHS92UZ9jq7GpwW/tEJ9gJ/YaimiCRk2vbUMyMJ1Xs8mO7DW9JZ7Wef+U2kr0PI4M4pQZQI23c4Hnmz8lVOMiFS5cq7Cp60HcHvACChvja3Y6JXpRpL16mqsTCEZWk0FiYkoE0uXjJHHdRMOS3jAr2DAHLQ1uJVlVbRp/+2P1ObgCfPRNXM5VxCncLD8eCj5/BahWKBL8ExJY5L/bbOAW0aFiXKUIm9Ktja34aWaTvn8rIjsbWQ2cIlsUb2ZbaKsP1LRZotHR4l7obR+2O+Z9kNx7EPgH/JQWi2DdJFdYaqq0+fRJ5m+1P4C1z4tUDQuGnfuib4/g==
C:\Windows\tasks\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-5.job - C:\Program Files (x86)\Internet Speed Checker\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-5.exe /rawdata=s06c2y9Mz3TojmVdt0o23YDAairtN/LeOzVRWPoGIT2CAXH+XEYbXLjzZ2UYjpHwVeH02lcRkwEz2ROjZaOD0Fs5vPGGEc7scU8ZUbpzSpGIMsHaJ44a/0olGUht0hLjJtyeuHdEGQnzdYtTklx2EDd3Bphc+WvfyS1M6Z+VKHx8y60e4PK7BPnB4xwQSleg+gkPjr6h9tZDW4Wpc9ZAFhEWncEIMilzCLwjMPROjZqEEu2tS64TtDbdtpVT7J0TQJG86L3QGS9/JqgYcxE9sdAF19E/MUtPcmhj6nhbZ5pCPg2q1/fUkPH32ThAefg7ZH3Kj1XWkn47CheA+7m6Yxso003OOjhBYFzIhA8qw/G5pGOKpm9JYvmC0h72yMBwYpvNU2Vy3YXXLHAzrcfHTtgEAnnF8oomXKll58vzBeGuyzGYEoJrj1dxBZNlrRycpkaXzL3mzsxKYuHQUXIVCY0FNFXdQxD40A9U1kzKNGLwv9ui6SdXjvm2yOKFB61YjUuPg7YeMjt0S+VBfdNjfoq0/f53l59iUh06YfP0T9nw7kjNXrrUfFZvwqnG1ZMz7HVgyvM9gLj10BPnKGvdwTEMI6mYBzN8jlMolVtgGkQwvgTTgkQ8TWJAI7FQNZGK8C7y6R0ooFfZPf9l/gA9njY7fhgdS9ogFdfeiB/fxHeYVS/cxYdHiitMTi6SKcx5XuWX5DOtUI2OcHmqkUhDn5D3IBpENKAL27EzjfnJQ7T/RkC3TXTiwzdalXWIGImlhT4a+J7W4GM0raaEW50M54n/63X8Q9Ql9SrIneWM3Z51im3OfqZMe2kczxGSD1WXB99WlKmtxk3BwyCXBE1GrjouKgTLAo6bmeiAtIhECV7OXkhHEymACV1PO3DtT9djudyisVLBojWL+yfzzC/0fJm/WlfsaH7G8KCSt8zAT9mBAXkVlvxHI717NeWlMDA3Yikgd3aTi+au6gUU8QWhoDZIlpJve+cHcTbc0WzeGSQbwSSg5pSYRbGNZ0hSabFK
C:\Windows\tasks\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-5_user.job - C:\Program Files (x86)\Internet Speed Checker\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-5.exe /rawdata=s06c2y9Mz3TojmVdt0o23YDAairtN/LeOzVRWPoGIT2CAXH+XEYbXLjzZ2UYjpHwVeH02lcRkwEz2ROjZaOD0Fs5vPGGEc7scU8ZUbpzSpGIMsHaJ44a/0olGUht0hLjJtyeuHdEGQnzdYtTklx2EDd3Bphc+WvfyS1M6Z+VKHx8y60e4PK7BPnB4xwQSleg+gkPjr6h9tZDW4Wpc9ZAFhEWncEIMilzCLwjMPROjZqEEu2tS64TtDbdtpVT7J0TQJG86L3QGS9/JqgYcxE9sdAF19E/MUtPcmhj6nhbZ5pCPg2q1/fUkPH32ThAefg7ZH3Kj1XWkn47CheA+7m6Yxso003OOjhBYFzIhA8qw/G5pGOKpm9JYvmC0h72yMBwYpvNU2Vy3YXXLHAzrcfHTtgEAnnF8oomXKll58vzBeGuyzGYEoJrj1dxBZNlrRycpkaXzL3mzsxKYuHQUXIVCY0FNFXdQxD40A9U1kzKNGLwv9ui6SdXjvm2yOKFB61YjUuPg7YeMjt0S+VBfdNjfoq0/f53l59iUh06YfP0T9nw7kjNXrrUfFZvwqnG1ZMz7HVgyvM9gLj10BPnKGvdwTEMI6mYBzN8jlMolVtgGkQwvgTTgkQ8TWJAI7FQNZGK8C7y6R0ooFfZPf9l/gA9njY7fhgdS9ogFdfeiB/fxHeYVS/cxYdHiitMTi6SKcx5XuWX5DOtUI2OcHmqkUhDn5D3IBpENKAL27EzjfnJQ7T/RkC3TXTiwzdalXWIGImlhT4a+J7W4GM0raaEW50M54n/63X8Q9Ql9SrIneWM3Z51im3OfqZMe2kczxGSD1WXB99WlKmtxk3BwyCXBE1GriUtm/DO+6YxL73d1CUYdh24oCVRJlKKOoIeB1jxo0H8aqj1qd9GBZVWsn/8PKIBlXJOZX8YERYwU0VOfspjth6ascpLEfXIUQDv1dBIuhUqtier/uR8J153Qzrfjb7TvYpFe1b68947jtC5TECeFGp2uabsJmF7iUBA75XLCrKF
C:\Windows\tasks\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-6.job - C:\Program Files (x86)\Internet Speed Checker\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-6.exe /rawdata=taYZr7dqCefgVy9QWwXd4mMIEKsqTObnNMZOBCbx3Uz3EZVG3dE5S/5pUjQYskXUK/4x7xbK9iL8U+P4ts4YRt4NAUUmhrWx+ddnU4/LRd/tzx715A7vwQjpg0H9zGaNjQ1iPgUSqJtJwUbEYLTaAKeIwbb3Rtv0EnYIuGiPd2N602ffbjmO6+CxuI9IdcLg4hPOfPYTO3auuRAX9I2uUBnlEVmxmB8VEPvLrt0GsCkfr3uCaNzSsLPF9Qbl3slHwvAjIbHPInX4NqqE1brUhrLIUAtXez42edDnvIwiPbsSHwwCveUpNDuIG1BbRiqj2INNv6yqz/lTHjlaEjxqDR9mZGaQVMk9B45YF+m+vEZUkZatbXs8VuCaO4wu92xRNGxwBP9IC2ovEoYqptSTEOgErq5oD54AS1AD8Znfxm8IKA2oK6I1LiTuRGK0+HyPsdR1DoTImzgOvG1ab8V+/0Nq19gmfTJtGaj31JV+m1n4VqJ5jK0oV/6+rkIEjiFVgCOTmUyPXl/i6XboLpoEyeuzT+tJP4HaiKcsUUEYyIeVf83MWuiQw3Te/dERfMA3uL7ILPLsPbK9tM3b8NcOQcDn3oqdXqM3uS3LUJKKIFJ5pxbVoPEDHVVtBAf+4wloED7JmkR++J2gpKrymHttBb4JlRqrhCBMvJjykDdZr6s/w7yTmyv9FH+1qrdyjQDsAX7TszuAluI2Bh8iVl3sCHMRQBe+PgHoo3son0HNZMwWKdLA68ytTZwYkDQIOaOkWO+lxSs4oXmOYx1zpBopTROBsB2H4Da1lYwGEacM3ynm6B2s/JYD+/oad0V2TyGnUpWjCekC5uFdBut3kFyhsGWODSlV53N64624ChdJh5TbKFaOv+QKipq5DY8oLsUoIBgntjRtZh1SKzomWGu0xhhpbNYMCcw7p++tB+hAzmIkFiX9qCf1936eu2KLFmboQxLWUwFSBTW+I1fD5dL6VwY+zmSiP+naugwz8et71XwVfpwg0yzid+OEGUrMYnFcPgyzHksuDl/AEdwZR+NogPLiDLlB5yXkRVhyyvDyyOP3HRMtJT7iyQPHApAoKH2mvYj+501CMgxS7ZwKOyNiwoGRy0K9M/B3AU/8IQLma9ryDl/N9AYU2R/v00kL1d5yMWsQbhnSmdhrYT0HKJTGqGdawQCuyPOjs2huRKUEcyYEW3W9DuMFK59VrghZMQI6g1HnHz70B9nI9w2c8bIfNx72anslAcjSCZJsF6G3DU9qRU02yl224yESEP/bwmjrkk+A/uabsWXPM5A/QaQJ+SiKNmrRO/fUnMYuFheM/y9bIT4qgO1zZqaldPmLUNHXevT5tllSct2tPUwFzmlvgryHcruTivv0qR1wXlz98sPykjH40JDt81jB9gMmU4ojbeJ0/GHce3M3Ok1rg3k8WQzgBEp2cKNfr9AjfhNyS8BIpJtRyYZpRweZr47H/CtitRPb2/YeHB24umebVCihoo53MzHDKo2KTpv2L+9wRqorWjkpRQB59MOikJdV4UNRg4+9JVgQ2UzXvsle+IJinT/7xjOUeAHhXrKHbpDKjQIBOeLJe41JW6xbcYQy/5epI0wXpt3my2AS0Jl8oclR91bft+4xMZemYAxyDpcqperIyYCkYD44xaYVLQo4z1vTyaQ7fsZtTeqdUCDtBCcisBffIGgeE54aS4A9DEpa495dtbEuLu98nKvqlm62l4NGt2fEIVhLUfYmQMHCJEd7iOmfacYTBEWlfhWOENxvY7XRgSPmY4O22wTRhFBORz9ACepbZQ8feqUaLGyCFRh6zdJxV0nzbOs2sPJYQIr7QZ+npKO2smQO2acqu5DrKpfa4ShgEr1ZSEDGoCuEegVy78UMek+Ix5TiAS5SydpWCmh/I38AXdoi57vAv5VGNcxl1+U2SEiAm/cB3Y9gEm5amuk573ocQjHSg8BEoNwINKjMh5WqoSu7ng1FplQrn7tuY9i4kL72d2nUZG3smdSVtMtIMrjOYCWhQLTUrLQ022JCIUxZzbwZbn+YpNoCLF7pFN7a37g74ZWXfzyjnmi5JldNrCOsDZCfPuz7QvqMDqu2LzI7J/KUw/ROX/YwSqPMBSoYdZhvvknELcrsxdhtsQqBh1TI4lStL3CnASbX0Bcb4YxezlBMG5j5PkxxDSil/5/oWh6pXlCN8g4Lg1xwEy8ZlQUkl4dOGQJdPfM4RmC1dh+LRtLa7haf66XmhCyIWOud4AwLhqk6ZVvxFnqytcHog/WxWxTYXCFwBvbBJCSgLy6vD+OYk4f/TBpWYc6odWbo2L/cCWu3Vno6DzHsqX6pya5ihOnefroyttBiCknLbuSQ2aNiL3hGw5HWLRqvt8N/rHKz3yk/mJtR7wgIUqdduUDKwSZTWx0EYTTJN5sesMUn6W+Pj77+H28Du3v+8jZzvf/iARlegEruZ3cNdCNm8O+jqM5YWGgNUr5hTG2t36YLmaiY9h5vtvWA7CISZ5lGlW26gbS9qDcVpC//5ac07jAFD2uOiv552dZt706cKzcx/70KefzOJFDFVbjX
C:\Windows\tasks\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-7.job - C:\Program Files (x86)\Internet Speed Checker\bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-7.exe /rawdata=c3IHy3WM1pGErzqLdTTDmgT/onG5V2jVMaSwxZ663FCD8AG5sS1w9wxYTD0xlxoM77gx57MZ0MzsyTujB93aBiq32TVd+lMUTXn9HG25rgQNTM6JVZVGgKZ96Rc2LtGiVxPdvJaKhk4qvy05DRy7w+xJAMdia3DyDX4WSvpFCtC8lJC9vn75PF11ORPm4E2pej8+OIfG15TX9jjXZgOusifZX12KzqVbB9dZOEFZZNACyE4Zhkr+62kn2YRgp8RV8E62ZfaXe5v3yWUtItUagPu/l60fYu6if4hrtEFOuG4L79Wk5Wskj4TS0e6DsZ7biGPvvamghzCqKaWsXCrifYiB9UqCbSIMqOV24QKf2Bl+8CNPpZal+09vSEe04daSdmkN/7yVaNthou9iykCZO3/GXTskKNYX/y3/PLkGcK2rlvc71D8dRFkisTBYL4TA5yv3wkHcp+PzmR6eorUsKvoYol0zlL7fbrSkst/rD9NnypBLrQwTMjfDbYmT4SMvIEiBOc0BM/x5LmSl6P5OWzcgxW0A6AhdoHlCCVIml2aHbLrXEjI6IoXRm04uvh5uNT4EaW7bKRIQNDmpFovd6MUGNGlO1CcBq7L/LmcflE36Gp/dB9tDdt7n77gdov5ToPx7eztH91x/bdVZ7ERQbURmY+EVx6RHoJ8uFF14yXM/EfjpXSJFOZ8I4S/fAY9GBC2v5fO2UnPia1xJnt3HdXMMZZ9S23mcsLuNvksYDYcw4Hp2X6RFFxKWEFkChUrfQXDx+HBFLh4dUkV2DvdJROuVBxpktFrKu8VYufSG8nfMve5wiIRkg8CCdYUvwFts0HxWZTHOty8CrjBG5m6TciuKbprQJsCbIFwb1kahUhRyAJeNMABb/29GYmtUOzpGXkYzZ8a46o1wCqD482DvT4eqL5lcldtYeaKTrQdP+vLdHAvUBRmnBOKwp3k4l+/2DFkWHnynAfM6etkUy3/6E98k5tgBiBUtTiFmurR0sQkXyhENnAtSlPBpfUiXVWDefxMUpLRT844ibsGVuBGEVNFwltL4hAqfCf2v4MoQTWvl2smKT3CUKG83RpfSbFAFVeng2uOmr+X/UZS9o8vYa7qH70p2jQ4AQfAuyp26Syp5ICNLKfWYCw6m/iMuJM3hPql7AmOYroClGgmErEnCJuAB7NZz04IJPDK0KsZpGist5jXsXKmGEA5U45iqYnC8Cpz9hlF1JpobHqOCSP3sRB7JWin+iqJ/ptcJGFf0HxsbHIHAgH/yCK2/whBd8vqqHlWdAhae9LgSPLAMhd4XkLPsFReggy/RdI6PilH7jbMTtmhRWc8JVkstDclOEeccuApRdYNnyVKHW1+53Tm8glPIUFfTIsimDSqOgVJb1RHTqYu6ORHDpfjkQq3cMMX9vAtJBw7+2ddxMQAZy990Vmmu7kp+dSyiX3euxhrJMF08ZAlcpsFwQf8+eqO+KcMk0hFouYW58t2yVeetAioBqSxkF8RNDkeZHY9t6E2RlRaI2YhcuEPJO/ZL6zZljXvmc0iCrCDw2qPQ/EOKQ9HQ6w0FfTKlclo26AJr+mjkCV6R1WoifU7gtldvf4z60MaX5fR7toPKNrT7u8E8ttOP7KEW6S9GhexdMwUqLt0ZhLJzhyCcac0YLIyXL0UaDSCuVFK+GTfZX8HMaGA8zpdPPFBF0yNgolJBD8A8jnvlockDdYB32jU4cqazo65oIETgPgF+gmQWMavmxodHDC9XTiUDYhRPGycpVNkXgmlBvugad+gLZRJPjzHk+Kg5FFLmSZkVlymcwprnSbPGkSryAQI2d9ON6rT8VPca9KY1eV+ifeeIqX8BhG5JHXO5jROU90Q6kiCWL4sqSYS1+sbL3TkIw+HJuWm08/0yfyDLIwK61FELcaR7g8G+EbTCkAP/wN52EULzEKi14hX8eFD2jzcy8KX1q4O4odB8rTVDVYTRB/kmzIURgm57yKSSbxteBzb1+20mHxirg7uPpFrycN/ZL1YbYiEoLndR688IwjC6n8Y0vSW+kDBEKj44053PHlQxymK2XrDkDu3hUTv5dLxYvwcGT5DdyFUQi2pVi7qNbs6XW515eFI38VO+GEt8maK7nJZW1u8R+w3+pBYPUWo+uaWL30ITbU4gJkP9Uf7GJtBHJcYwBLX/D62gL5NEM9XUqtloh81BjFPrHIPZUgi+bHVaa9D9EA8MFhOijevGcuqozIq8VSWI5kplFgwmsU65Vd+Gr7TfJOZ7qpGon30A87CWVazvZAm/3BecK/3+vCx/mu4qVS+/p7r2bsY/w1XiEW7HyZWZI3YnZYhfDDgqsJzJw4s8SdqpkhWyhPaNxpLr/4njixYfQdt38EjzBygd3BZMAasY7dXXXd+eIsKEXx3QUeYZrBVYlBFNbIlsQhUJ6FX+5BGaz7vaAR9jsSCe0esqPlRWUeLrnNsfXbyGgS+HdE17G+wLz/tWRulKPx8u2QMWmyvv8thB5B/Udjcz4AExKBYUYaOzVDFijXuU8hqe6Q2MExFcwEJ2jJXj60PTPTOzJ9lMsDbivzZk
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}]
Internet Speed Checker
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-03-26 170264]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-03-26 398616]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-03-26 439064]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-11-12 1664000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-10-25 2804976]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-10-01 5595336]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-23 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncnomqSrv]
C:\Windows\system32\mncnomq.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mncqnmptpSrv]
C:\Windows\system32\mncqnmptp.vbe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mskiplSrv]
C:\Windows\system32\mskipl.vbe msxodbl msqcuw []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msxysrlgSrv]
C:\Windows\system32\msxysrlg.vbe mskyjkw mshsqfs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Printsrv]
c:\Windows\System32\Printing_Admin_Scripts\en-US\driverupd.vbs []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\T-Mobile CManager]
C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe -autorun []
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-03-29 636032]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2012-10-24 290688]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-03-26 434688]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-18 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-10 17:34:04 ----D---- C:\rsit
2014-11-10 17:34:04 ----D---- C:\Program Files\trend micro
2014-11-09 19:55:09 ----D---- C:\ProgramData\ESET
2014-11-09 19:55:08 ----D---- C:\Program Files\ESET
2014-11-09 17:13:56 ----D---- C:\Program Files (x86)\7bd15b68-49a9-47e4-a61c-03c220f094be
2014-11-09 17:13:38 ----D---- C:\Program Files (x86)\Internet Speed Checker
2014-11-09 17:11:13 ----D---- C:\Program Files (x86)\ESET
2014-11-09 13:53:28 ----D---- C:\Program Files\CCleaner
2014-11-08 13:57:19 ----D---- C:\Windows\SYSWOW64\ImportTaskTooltip
2014-11-08 13:56:15 ----D---- C:\Windows\SYSWOW64\FrozenOCRSoftware
2014-11-08 13:40:29 ----AS---- C:\Windows\SYSWOW64\lcpmncqnmptp.exe
2014-11-08 13:40:29 ----AS---- C:\Windows\SYSWOW64\dcgmncqnmptp.exe
2014-11-08 13:40:29 ----AS---- C:\Windows\SYSWOW64\acumncqnmptp.exe
2014-11-08 13:40:22 ----A---- C:\Users\Dominik\AppData\Roaming\mskyjkw.dat
2014-11-07 16:51:03 ----A---- C:\Users\Dominik\AppData\Roaming\msxodbl.dat
2014-11-07 16:49:53 ----AS---- C:\Windows\SYSWOW64\nircmdc.exe
2014-11-07 14:00:34 ----D---- C:\Users\Dominik\AppData\Roaming\uTorrent
2014-11-07 13:49:32 ----AD---- C:\Windows\bitstreams
2014-11-07 13:49:32 ----A---- C:\Windows\zlib1.dll
2014-11-07 13:49:32 ----A---- C:\Windows\windows-build.txt
2014-11-07 13:49:32 ----A---- C:\Windows\ssleay32.dll
2014-11-07 13:49:32 ----A---- C:\Windows\SCRYPT-README.txt
2014-11-07 13:49:32 ----A---- C:\Windows\README.txt
2014-11-07 13:49:32 ----A---- C:\Windows\NEWS.txt
2014-11-07 13:49:32 ----A---- C:\Windows\linux-usb-cgminer.txt
2014-11-07 13:49:32 ----A---- C:\Windows\libusb-1.0.dll
2014-11-07 13:49:32 ----A---- C:\Windows\libssh2.dll
2014-11-07 13:49:32 ----A---- C:\Windows\librtmp.dll
2014-11-07 13:49:32 ----A---- C:\Windows\libidn-11.dll
2014-11-07 13:49:32 ----A---- C:\Windows\libeay32.dll
2014-11-07 13:49:32 ----A---- C:\Windows\libcurl.dll
2014-11-07 13:49:32 ----A---- C:\Windows\GPU-README.txt
2014-11-07 13:49:32 ----A---- C:\Windows\FPGA-README.txt
2014-11-07 13:49:32 ----A---- C:\Windows\expIorer.exe
2014-11-07 13:49:32 ----A---- C:\Windows\COPYING.txt
2014-11-07 13:49:32 ----A---- C:\Windows\AUTHORS.txt
2014-11-07 13:49:32 ----A---- C:\Windows\ASIC-README.txt
2014-11-07 13:49:32 ----A---- C:\Windows\API-README.txt
2014-11-07 13:49:27 ----D---- C:\Program Files (x86)\ULOZ.TO
2014-11-07 13:49:18 ----AS---- C:\Windows\SYSWOW64\lcpmncnomq.exe
2014-11-07 13:49:18 ----AS---- C:\Windows\SYSWOW64\dcgmncnomq.exe
2014-11-07 13:49:17 ----D---- C:\Windows\SYSWOW64\bitstreams
2014-11-07 13:49:17 ----AS---- C:\Windows\SYSWOW64\zlib1.dll
2014-11-07 13:49:17 ----AS---- C:\Windows\SYSWOW64\ssleay32.dll
2014-11-07 13:49:17 ----AS---- C:\Windows\SYSWOW64\pthreadVC2.dll
2014-11-07 13:49:17 ----AS---- C:\Windows\SYSWOW64\pthreadGC2.dll
2014-11-07 13:49:17 ----AS---- C:\Windows\SYSWOW64\libssh2.dll
2014-11-07 13:49:17 ----AS---- C:\Windows\SYSWOW64\librtmp.dll
2014-11-07 13:49:17 ----AS---- C:\Windows\SYSWOW64\libidn-11.dll
2014-11-07 13:49:17 ----AS---- C:\Windows\SYSWOW64\libeay32.dll
2014-11-07 13:49:17 ----AS---- C:\Windows\SYSWOW64\libcurl-4.dll
2014-11-07 13:49:17 ----AS---- C:\Windows\SYSWOW64\acumncnomq.exe
2014-11-07 13:49:16 ----AS---- C:\Windows\SYSWOW64\cudart32_50_35.dll
2014-11-07 13:49:08 ----D---- C:\Program Files (x86)\MINECRAFT 1 7 2 plna hra zdarma
2014-11-07 08:47:38 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-05 21:36:14 ----D---- C:\ProgramData\Gemfor
2014-10-27 19:51:02 ----D---- C:\ProgramData\T-Mobile
2014-10-27 19:50:22 ----D---- C:\Users\Dominik\AppData\Roaming\T-Mobile
2014-10-27 19:50:22 ----D---- C:\ProgramData\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2014-10-27 19:50:04 ----D---- C:\Program Files (x86)\T-Mobile
2014-10-27 19:49:30 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2014-10-27 19:49:30 ----A---- C:\Windows\system32\drivers\WdfCoInstaller01007.dll
2014-10-27 19:49:03 ----D---- C:\Program Files (x86)\Huawei
2014-10-22 08:00:52 ----D---- C:\ProgramData\Synaptics
2014-10-20 14:35:58 ----D---- C:\Program Files\Microsoft Silverlight
2014-10-20 14:35:58 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-10-20 07:05:52 ----A---- C:\Windows\system32\d3d10warp.dll
2014-10-20 07:05:51 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2014-10-20 07:00:48 ----A---- C:\Windows\system32\spoolsv.exe
2014-10-20 07:00:48 ----A---- C:\Windows\splwow64.exe
2014-10-20 06:58:54 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2014-10-20 06:58:54 ----A---- C:\Windows\system32\WindowsCodecs.dll
2014-10-17 08:27:36 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2014-10-17 08:27:36 ----A---- C:\Windows\system32\WMPhoto.dll
2014-10-17 08:22:12 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2014-10-17 08:22:12 ----A---- C:\Windows\system32\d2d1.dll
2014-10-17 08:20:49 ----A---- C:\Windows\system32\win32k.sys
2014-10-17 08:20:41 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-17 08:20:41 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-17 08:20:41 ----A---- C:\Windows\system32\mscorier.dll
2014-10-17 08:20:41 ----A---- C:\Windows\system32\dfshim.dll
2014-10-17 08:20:40 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-17 08:20:40 ----A---- C:\Windows\system32\mscories.dll
2014-10-17 08:20:11 ----A---- C:\Windows\SYSWOW64\KBDYAK.DLL
2014-10-17 08:20:11 ----A---- C:\Windows\SYSWOW64\KBDTAT.DLL
2014-10-17 08:20:11 ----A---- C:\Windows\SYSWOW64\KBDRU1.DLL
2014-10-17 08:20:11 ----A---- C:\Windows\SYSWOW64\KBDRU.DLL
2014-10-17 08:20:11 ----A---- C:\Windows\SYSWOW64\KBDBASH.DLL
2014-10-17 08:20:11 ----A---- C:\Windows\system32\KBDYAK.DLL
2014-10-17 08:20:11 ----A---- C:\Windows\system32\KBDTAT.DLL
2014-10-17 08:20:11 ----A---- C:\Windows\system32\KBDRU1.DLL
2014-10-17 08:20:11 ----A---- C:\Windows\system32\KBDRU.DLL
2014-10-17 08:20:10 ----A---- C:\Windows\system32\KBDBASH.DLL
2014-10-17 08:20:03 ----A---- C:\Windows\system32\generaltel.dll
2014-10-17 08:20:02 ----A---- C:\Windows\system32\aepdu.dll
2014-10-17 08:20:00 ----A---- C:\Windows\system32\aeinv.dll
2014-10-17 08:19:55 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-17 08:19:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-17 08:19:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-17 08:19:54 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-17 08:19:53 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-17 08:19:53 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-17 08:19:53 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-17 08:19:53 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-17 08:19:53 ----A---- C:\Windows\system32\iernonce.dll
2014-10-17 08:19:53 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-17 08:19:53 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-17 08:19:52 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-17 08:19:52 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-17 08:19:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-17 08:19:50 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-17 08:19:50 ----A---- C:\Windows\system32\urlmon.dll
2014-10-17 08:19:50 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-17 08:19:49 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-17 08:19:49 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-17 08:19:49 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-17 08:19:49 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-17 08:19:48 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-17 08:19:48 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-17 08:19:48 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-17 08:19:48 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-17 08:19:48 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-17 08:19:47 ----A---- C:\Windows\system32\iesetup.dll
2014-10-17 08:19:47 ----A---- C:\Windows\system32\iertutil.dll
2014-10-17 08:19:45 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-17 08:19:45 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-17 08:19:44 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-17 08:19:44 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-17 08:19:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-17 08:19:43 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-17 08:19:43 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-17 08:19:42 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-17 08:19:42 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-17 08:19:40 ----A---- C:\Windows\system32\ieui.dll
2014-10-17 08:19:40 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-17 08:19:39 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-17 08:19:39 ----A---- C:\Windows\system32\ieframe.dll
2014-10-17 08:19:38 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-17 08:19:38 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-17 08:19:38 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-17 08:19:37 ----A---- C:\Windows\system32\vbscript.dll
2014-10-17 08:19:37 ----A---- C:\Windows\system32\jscript9.dll
2014-10-17 08:19:37 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-17 08:19:36 ----A---- C:\Windows\system32\wininet.dll
2014-10-17 08:19:36 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-17 08:19:35 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-17 08:19:35 ----A---- C:\Windows\system32\msrating.dll
2014-10-17 08:19:35 ----A---- C:\Windows\system32\mshtml.dll
2014-10-17 08:16:37 ----A---- C:\Windows\system32\msi.dll
2014-10-17 08:16:36 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-17 08:16:15 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-17 08:16:15 ----A---- C:\Windows\system32\rastls.dll
2014-10-17 08:16:05 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-17 07:56:21 ----A---- C:\Windows\system32\mstscax.dll
2014-10-17 07:56:18 ----A---- C:\Windows\system32\termsrv.dll
2014-10-17 07:56:18 ----A---- C:\Windows\system32\mstsc.exe
2014-10-17 07:56:17 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-17 07:56:16 ----A---- C:\Windows\system32\winsta.dll
2014-10-17 07:56:15 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-17 07:56:15 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-17 07:56:15 ----A---- C:\Windows\system32\winlogon.exe
2014-10-17 07:56:15 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-17 07:56:15 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-17 07:56:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-17 07:56:14 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-17 07:56:14 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-17 07:56:14 ----A---- C:\Windows\system32\credssp.dll
2014-10-17 07:56:13 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-16 22:26:11 ----A---- C:\Windows\system32\packager.dll
2014-10-16 22:26:10 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-16 22:25:28 ----D---- C:\Users\Dominik\AppData\Roaming\QuickScan
2014-10-16 22:23:21 ----D---- C:\Users\Dominik\AppData\Roaming\WebExtend
2014-10-16 22:06:07 ----A---- C:\Windows\SYSWOW64\explorer.exe
2014-10-16 22:06:07 ----A---- C:\Windows\explorer.exe
2014-10-14 23:30:24 ----A---- C:\Windows\SYSWOW64\msmpeg2vdec.dll
2014-10-14 23:30:24 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2014-10-14 22:18:11 ----D---- C:\ProgramData\Electronic Arts
2014-10-14 22:03:38 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2014-10-14 22:03:38 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2014-10-14 22:03:36 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2014-10-14 07:04:05 ----D---- C:\Program Files (x86)\Google
2014-10-13 11:53:12 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-13 11:53:11 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-13 11:53:11 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-13 11:53:09 ----A---- C:\Windows\system32\wmp.dll
2014-10-13 11:38:23 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2014-10-13 11:38:19 ----A---- C:\Windows\SYSWOW64\url.dll
2014-10-13 11:38:19 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2014-10-13 11:38:19 ----A---- C:\Windows\SYSWOW64\msls31.dll
2014-10-13 11:38:19 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2014-10-13 11:38:19 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2014-10-13 11:38:19 ----A---- C:\Windows\system32\elshyph.dll
2014-10-13 11:38:18 ----A---- C:\Windows\SYSWOW64\wextract.exe
2014-10-13 11:38:18 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2014-10-13 11:38:18 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2014-10-13 11:38:18 ----A---- C:\Windows\SYSWOW64\occache.dll
2014-10-13 11:38:18 ----A---- C:\Windows\SYSWOW64\mshta.exe
2014-10-13 11:38:18 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2014-10-13 11:38:18 ----A---- C:\Windows\SYSWOW64\inseng.dll
2014-10-13 11:38:18 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2014-10-13 11:38:18 ----A---- C:\Windows\SYSWOW64\icardie.dll
2014-10-13 11:38:17 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2014-10-13 11:38:17 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2014-10-13 11:38:17 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2014-10-13 11:38:17 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2014-10-13 11:38:17 ----A---- C:\Windows\SYSWOW64\jscript.dll
2014-10-13 11:38:17 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2014-10-13 11:38:17 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2014-10-13 11:38:17 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2014-10-13 11:38:17 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2014-10-13 11:38:15 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-13 11:38:15 ----A---- C:\Windows\system32\msls31.dll
2014-10-13 11:38:15 ----A---- C:\Windows\system32\msfeedssync.exe
2014-10-13 11:38:15 ----A---- C:\Windows\system32\msfeedsbs.dll
2014-10-13 11:38:15 ----A---- C:\Windows\system32\jsIntl.dll
2014-10-13 11:38:15 ----A---- C:\Windows\system32\IEAdvpack.dll
2014-10-13 11:38:14 ----A---- C:\Windows\system32\wextract.exe
2014-10-13 11:38:14 ----A---- C:\Windows\system32\webcheck.dll
2014-10-13 11:38:14 ----A---- C:\Windows\system32\url.dll
2014-10-13 11:38:14 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2014-10-13 11:38:14 ----A---- C:\Windows\system32\mshtmler.dll
2014-10-13 11:38:14 ----A---- C:\Windows\system32\licmgr10.dll
2014-10-13 11:38:14 ----A---- C:\Windows\system32\inseng.dll
2014-10-13 11:38:14 ----A---- C:\Windows\system32\iexpress.exe
2014-10-13 11:38:14 ----A---- C:\Windows\system32\iesysprep.dll
2014-10-13 11:38:14 ----A---- C:\Windows\system32\ieapfltr.dat
2014-10-13 11:38:14 ----A---- C:\Windows\system32\icardie.dll
2014-10-13 11:38:13 ----A---- C:\Windows\system32\pngfilt.dll
2014-10-13 11:38:13 ----A---- C:\Windows\system32\occache.dll
2014-10-13 11:38:13 ----A---- C:\Windows\system32\mshta.exe
2014-10-13 11:38:13 ----A---- C:\Windows\system32\jscript.dll
2014-10-13 11:38:13 ----A---- C:\Windows\system32\imgutil.dll
2014-10-13 11:38:13 ----A---- C:\Windows\system32\iepeers.dll
2014-10-13 11:35:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-13 11:35:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-13 11:35:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-13 11:35:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-13 11:35:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-13 11:35:04 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-13 11:35:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-13 11:35:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-13 11:35:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-13 11:35:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-13 11:35:04 ----AH---- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-13 11:35:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-13 11:35:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-13 11:35:03 ----AH---- C:\Windows\SYSWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-10-13 11:35:03 ----AH---- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-13 11:35:03 ----AH---- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-13 11:35:03 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-13 11:35:03 ----AH---- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-10-13 11:35:03 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2014-10-13 11:35:03 ----A---- C:\Windows\SYSWOW64\XpsGdiConverter.dll
2014-10-13 11:35:03 ----A---- C:\Windows\SYSWOW64\WindowsCodecsExt.dll
2014-10-13 11:35:03 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2014-10-13 11:35:03 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2014-10-13 11:35:03 ----A---- C:\Windows\SYSWOW64\d3d10core.dll
2014-10-13 11:35:03 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2014-10-13 11:35:03 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2014-10-13 11:35:03 ----A---- C:\Windows\SYSWOW64\d3d10.dll
2014-10-13 11:35:03 ----A---- C:\Windows\system32\XpsPrint.dll
2014-10-13 11:35:03 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2014-10-13 11:35:03 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2014-10-13 11:35:03 ----A---- C:\Windows\system32\FntCache.dll
2014-10-13 11:35:03 ----A---- C:\Windows\system32\dxgi.dll
2014-10-13 11:35:03 ----A---- C:\Windows\system32\DWrite.dll
2014-10-13 11:35:03 ----A---- C:\Windows\system32\d3d10core.dll
2014-10-13 11:35:03 ----A---- C:\Windows\system32\d3d10_1core.dll
2014-10-13 11:35:03 ----A---- C:\Windows\system32\d3d10.dll
2014-10-13 11:35:02 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2014-10-13 11:35:02 ----A---- C:\Windows\SYSWOW64\dxgi.dll
2014-10-13 11:35:02 ----A---- C:\Windows\system32\UIAnimation.dll
2014-10-13 11:35:02 ----A---- C:\Windows\system32\d3d10level9.dll
2014-10-13 11:35:02 ----A---- C:\Windows\system32\d3d10_1.dll
2014-10-13 11:04:33 ----A---- C:\Windows\system32\browserchoice.exe
2014-10-13 10:56:01 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2014-10-13 10:56:01 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2014-10-13 10:56:00 ----A---- C:\Windows\system32\WUDFSvc.dll
2014-10-13 10:56:00 ----A---- C:\Windows\system32\WUDFPlatform.dll
2014-10-13 10:55:59 ----A---- C:\Windows\system32\WUDFx.dll
2014-10-13 10:55:59 ----A---- C:\Windows\system32\WUDFHost.exe
2014-10-13 10:55:59 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2014-10-13 10:34:48 ----D---- C:\Program Files (x86)\globalUpdate
2014-10-13 10:28:40 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2014-10-13 10:28:22 ----D---- C:\Windows\PCHEALTH
2014-10-13 10:28:22 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2014-10-13 10:28:22 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-10-13 10:26:30 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2014-10-13 10:25:54 ----D---- C:\Program Files\Microsoft Office
2014-10-13 10:25:26 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2014-10-13 10:25:07 ----D---- C:\ProgramData\Microsoft Help
2014-10-13 10:25:07 ----D---- C:\Program Files (x86)\Microsoft Office
2014-10-13 10:24:40 ----RHD---- C:\MSOCache
2014-10-13 10:23:58 ----AD---- C:\ProgramData\TEMP
2014-10-13 10:22:45 ----D---- C:\Users\Dominik\AppData\Roaming\Seznam.cz
2014-10-13 10:21:48 ----D---- C:\Users\Dominik\AppData\Roaming\DAEMON Tools Lite
2014-10-13 10:20:24 ----D---- C:\ProgramData\DAEMON Tools Lite
2014-10-13 10:10:40 ----D---- C:\Users\Dominik\AppData\Roaming\Macromedia
2014-10-13 09:57:09 ----D---- C:\Users\Dominik\AppData\Roaming\Adobe
2014-10-13 09:56:34 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-13 09:56:33 ----D---- C:\Windows\SYSWOW64\Macromed
2014-10-13 09:56:32 ----D---- C:\Windows\system32\Macromed
2014-10-13 09:54:13 ----D---- C:\Program Files (x86)\Adobe
2014-10-13 09:54:01 ----D---- C:\ProgramData\Adobe
2014-10-13 09:51:45 ----D---- C:\Users\Dominik\AppData\Roaming\vlc
2014-10-13 09:51:12 ----D---- C:\Program Files (x86)\7-Zip
2014-10-13 09:50:19 ----D---- C:\Program Files (x86)\VideoLAN
2014-10-13 09:47:28 ----D---- C:\Users\Dominik\AppData\Roaming\Mozilla
2014-10-13 09:46:55 ----D---- C:\ProgramData\Mozilla
2014-10-13 08:30:31 ----D---- C:\Windows\SYSWOW64\Wat
2014-10-13 08:30:31 ----D---- C:\Windows\system32\Wat
2014-10-13 07:59:06 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2014-10-13 07:57:31 ----D---- C:\Program Files (x86)\Microsoft.NET
2014-10-13 07:57:30 ----D---- C:\Windows\Migration
2014-10-13 07:52:33 ----A---- C:\Windows\system32\IEUDINIT.EXE
2014-10-13 07:42:58 ----A---- C:\Windows\SYSWOW64\d3d11.dll
2014-10-13 07:42:58 ----A---- C:\Windows\system32\d3d11.dll
2014-10-13 07:38:59 ----A---- C:\Windows\system32\drivers\BTHUSB.SYS
2014-10-13 07:38:59 ----A---- C:\Windows\system32\drivers\bthport.sys
2014-10-13 07:38:56 ----A---- C:\Windows\system32\fsutil.exe
2014-10-13 07:38:56 ----A---- C:\Windows\system32\esent.dll
2014-10-13 07:38:56 ----A---- C:\Windows\system32\drivers\amdxata.sys
2014-10-13 07:38:55 ----A---- C:\Windows\SYSWOW64\fsutil.exe
2014-10-13 07:38:55 ----A---- C:\Windows\SYSWOW64\esent.dll
2014-10-13 07:38:55 ----A---- C:\Windows\system32\drivers\nvraid.sys
2014-10-13 07:38:55 ----A---- C:\Windows\system32\drivers\iaStorV.sys
2014-10-13 07:38:55 ----A---- C:\Windows\system32\drivers\amdsata.sys
2014-10-13 07:38:54 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2014-10-13 07:38:54 ----A---- C:\Windows\system32\drivers\nvstor.sys
2014-10-13 07:14:44 ----D---- C:\Windows\system32\MRT
2014-10-13 07:14:41 ----A---- C:\Windows\system32\MRT.exe
======List of files/folders modified in the last 1 month======
2014-11-10 17:34:13 ----D---- C:\Windows\Prefetch
2014-11-10 17:34:06 ----D---- C:\Windows\Temp
2014-11-10 17:34:04 ----RD---- C:\Program Files
2014-11-10 17:33:21 ----D---- C:\Windows\system32\config
2014-11-10 17:32:19 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-09 21:26:58 ----SD---- C:\Users\Dominik\AppData\Roaming\Microsoft
2014-11-09 20:37:31 ----D---- C:\Windows\Tasks
2014-11-09 20:37:31 ----D---- C:\Windows\system32\Tasks
2014-11-09 20:29:47 ----RD---- C:\Program Files (x86)
2014-11-09 19:57:48 ----SHD---- C:\Windows\Installer
2014-11-09 19:56:52 ----D---- C:\Windows\system32\DriverStore
2014-11-09 19:56:52 ----D---- C:\Windows\system32\drivers
2014-11-09 19:56:52 ----D---- C:\Windows\system32\catroot
2014-11-09 19:56:52 ----D---- C:\Windows\inf
2014-11-09 19:55:09 ----HD---- C:\ProgramData
2014-11-09 19:53:19 ----SHD---- C:\System Volume Information
2014-11-09 17:40:52 ----D---- C:\Windows\SysWOW64
2014-11-09 17:40:49 ----D---- C:\Windows
2014-11-09 14:33:40 ----D---- C:\Windows\rescache
2014-11-09 13:54:24 ----D---- C:\Windows\Panther
2014-11-09 13:54:20 ----D---- C:\Windows\Logs
2014-11-09 13:54:20 ----D---- C:\Windows\debug
2014-11-09 13:35:24 ----HD---- C:\Windows\system32\GroupPolicy
2014-11-09 13:35:24 ----D---- C:\Windows\SYSWOW64\GroupPolicy
2014-11-09 13:35:23 ----D---- C:\Program Files\Common Files
2014-11-09 13:23:05 ----D---- C:\Windows\system32\catroot2
2014-11-09 13:19:32 ----D---- C:\Windows\AppPatch
2014-11-09 08:56:31 ----D---- C:\Windows\system32\wdi
2014-11-08 19:28:15 ----D---- C:\Windows\System32
2014-11-08 19:28:15 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-07 13:49:32 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2014-11-05 21:36:29 ----D---- C:\Windows\system32\LogFiles
2014-11-05 18:23:23 ----D---- C:\Windows\system32\NDF
2014-10-30 12:25:26 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-22 17:16:56 ----D---- C:\Windows\Microsoft.NET
2014-10-22 17:16:11 ----RSD---- C:\Windows\assembly
2014-10-20 15:07:43 ----D---- C:\Program Files (x86)\Common Files
2014-10-20 14:53:50 ----D---- C:\Windows\winsxs
2014-10-20 14:51:22 ----RSD---- C:\Windows\Fonts
2014-10-20 14:51:21 ----SD---- C:\Windows\system32\CompatTel
2014-10-20 14:51:21 ----D---- C:\Program Files\Internet Explorer
2014-10-20 14:51:20 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-20 14:51:19 ----D---- C:\Windows\system32\en-US
2014-10-20 14:51:17 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-20 14:51:15 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-20 14:51:14 ----D---- C:\Windows\system32\cs-CZ
2014-10-16 22:22:28 ----SD---- C:\ProgramData\Microsoft
2014-10-14 23:32:36 ----A---- C:\Windows\win.ini
2014-10-14 09:52:48 ----D---- C:\Windows\system32\drivers\UMDF
2014-10-13 11:58:41 ----D---- C:\Windows\ehome
2014-10-13 11:58:41 ----D---- C:\Program Files\Windows Media Player
2014-10-13 11:58:41 ----D---- C:\Program Files\Common Files\System
2014-10-13 11:58:41 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-13 11:58:40 ----D---- C:\Windows\SYSWOW64\migration
2014-10-13 11:58:39 ----D---- C:\Windows\system32\migration
2014-10-13 11:58:39 ----D---- C:\Windows\PolicyDefinitions
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\zh-TW
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\zh-HK
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\zh-CN
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\tr-TR
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\sv-SE
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\ru-RU
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\pt-PT
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\pt-BR
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\pl-PL
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\nl-NL
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\nb-NO
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\ko-KR
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\ja-JP
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\it-IT
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\hu-HU
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\fr-FR
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\fi-FI
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\es-ES
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\el-GR
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\de-DE
2014-10-13 11:58:38 ----D---- C:\Windows\SYSWOW64\da-DK
2014-10-13 11:58:36 ----D---- C:\Windows\system32\zh-HK
2014-10-13 11:58:36 ----D---- C:\Windows\system32\tr-TR
2014-10-13 11:58:36 ----D---- C:\Windows\system32\sv-SE
2014-10-13 11:58:36 ----D---- C:\Windows\system32\pt-PT
2014-10-13 11:58:36 ----D---- C:\Windows\system32\pt-BR
2014-10-13 11:58:36 ----D---- C:\Windows\system32\pl-PL
2014-10-13 11:58:36 ----D---- C:\Windows\system32\nl-NL
2014-10-13 11:58:36 ----D---- C:\Windows\system32\ko-KR
2014-10-13 11:58:36 ----D---- C:\Windows\system32\it-IT
2014-10-13 11:58:36 ----D---- C:\Windows\system32\hu-HU
2014-10-13 11:58:36 ----D---- C:\Windows\system32\fr-FR
2014-10-13 11:58:36 ----D---- C:\Windows\system32\fi-FI
2014-10-13 11:58:36 ----D---- C:\Windows\system32\el-GR
2014-10-13 11:58:35 ----D---- C:\Windows\system32\zh-TW
2014-10-13 11:58:35 ----D---- C:\Windows\system32\zh-CN
2014-10-13 11:58:35 ----D---- C:\Windows\system32\ru-RU
2014-10-13 11:58:35 ----D---- C:\Windows\system32\nb-NO
2014-10-13 11:58:35 ----D---- C:\Windows\system32\ja-JP
2014-10-13 11:58:35 ----D---- C:\Windows\system32\es-ES
2014-10-13 11:58:35 ----D---- C:\Windows\system32\de-DE
2014-10-13 11:58:35 ----D---- C:\Windows\system32\da-DK
2014-10-13 11:58:31 ----D---- C:\Program Files\Windows Journal
2014-10-13 11:58:23 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-13 11:58:23 ----D---- C:\Windows\system32\Dism
2014-10-13 11:58:15 ----D---- C:\Windows\system32\Boot
2014-10-13 10:29:02 ----D---- C:\Windows\ShellNew
2014-10-13 10:28:54 ----D---- C:\Program Files (x86)\MSBuild
2014-10-13 10:27:02 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-10-13 08:30:31 ----D---- C:\Program Files\Windows Defender
2014-10-13 08:30:31 ----D---- C:\Program Files (x86)\Windows Defender
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2012-03-20 32896]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2012-10-16 20024]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-03-29 10859008]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-03-29 328704]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2012-03-21 2808832]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2012-03-26 14748416]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-10-16 358456]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-10-16 791608]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-13 62784]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-06-18 872152]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-11-12 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-10-25 549104]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
S3 ew_usbenumfilter;huawei_CompositeFilter; C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys []
S3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
S3 hwusb_cdcacm;hwusb_cdcacm; C:\Windows\system32\DRIVERS\ew_cdcacm.sys []
S3 hwusb_wwanecm;hwusb_wwanecm; C:\Windows\system32\DRIVERS\ew_wwanecm.sys []
S3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2013-04-26 176880]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-03-29 235520]
R2 ArchiveNetScrolling.exe;ArchiveNetScrolling.exe; C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\ArchiveNetScrolling.exe [2014-11-04 165376]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-12-10 732160]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-01-14 131032]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-01-14 165336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-01-14 279000]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-11-12 327680]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-01-14 366040]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2013-09-12 3221392]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 DatabaseOSUtility.exe;DatabaseOSUtility.exe; C:\Users\Dominik\AppData\Local\DatabaseOSUtility\DatabaseOSUtility.exe []
S2 FrozenOCRSoftware;FrozenOCRSoftware; C:\Windows\SysWOW64\FrozenOCRSoftware\FrozenOCRSoftware.exe []
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-09 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09 107912]
S2 ImportTaskTooltip;ImportTaskTooltip; C:\Windows\SysWOW64\ImportTaskTooltip\ImportTaskTooltip.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-13 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-03-26 276248]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-11-09 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09 107912]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2012-12-10 803872]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 30814400]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-13 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o pomoc s viry
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o pomoc s viry
Zdravim 
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Po spusteni probehne stazeni databaze
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o pomoc s viry
# AdwCleaner v4.101 - Report created 10/11/2014 at 17:51:12
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Dominik - DOMINIK-PC
# Running from : C:\Users\Dominik\Downloads\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Internet Speed Checker
Folder Deleted : C:\Users\Dominik\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Dominik\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Dominik\AppData\Roaming\WebExtend
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\sepherdwilbur@aol.com
File Deleted : C:\Users\Dominik\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\searchplugins\trovi-search.xml
File Deleted : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : 1a6cf72b-aaae-481f-87cd-e504292204ba
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-1
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-11
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-2
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-4
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-5
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-5_user
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-6
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-7
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174452}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Internet Speed Checker
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Upt
Key Deleted : HKLM\SOFTWARE\WinUpd
Key Deleted : HKLM\SOFTWARE\RST
Key Deleted : HKLM\SOFTWARE\Internet Speed Checker
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\Upt
Key Deleted : [x64] HKLM\SOFTWARE\WinUpd
Key Deleted : [x64] HKLM\SOFTWARE\RST
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v
[nfj20qwv.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Trovi search");
[nfj20qwv.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Trovi search");
[nfj20qwv.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid ... -4406-91F6[...]
[nfj20qwv.default\prefs.js] - Line Deleted : user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22[...]
[nfj20qwv.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14909a4a5828c463ee2d6c2f7a7e3723");
-\\ Google Chrome v38.0.2125.111
[C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3 ... rms}&SSPV=
[C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3 ... rms}&SSPV=
*************************
AdwCleaner[R0].txt - [11118 octets] - [10/11/2014 17:47:59]
AdwCleaner[S0].txt - [10785 octets] - [10/11/2014 17:51:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10846 octets] ##########
# Updated 09/11/2014 by Xplode
# Database : 2014-11-07.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Dominik - DOMINIK-PC
# Running from : C:\Users\Dominik\Downloads\adwcleaner_4.101.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
***** [ Files / Folders ] *****
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\Internet Speed Checker
Folder Deleted : C:\Users\Dominik\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Dominik\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Dominik\AppData\Roaming\WebExtend
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\sepherdwilbur@aol.com
File Deleted : C:\Users\Dominik\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\searchplugins\trovi-search.xml
File Deleted : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : 1a6cf72b-aaae-481f-87cd-e504292204ba
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-1
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-11
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-2
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-4
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-5
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-5_user
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-6
Task Deleted : bf8fb631-c99a-48f0-ae5e-d8d238d35ca6-7
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644174452}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171152}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172252}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175552}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176652}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171152}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Internet Speed Checker
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\Upt
Key Deleted : HKLM\SOFTWARE\WinUpd
Key Deleted : HKLM\SOFTWARE\RST
Key Deleted : HKLM\SOFTWARE\Internet Speed Checker
Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro
Key Deleted : [x64] HKLM\SOFTWARE\Upt
Key Deleted : [x64] HKLM\SOFTWARE\WinUpd
Key Deleted : [x64] HKLM\SOFTWARE\RST
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v
[nfj20qwv.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Trovi search");
[nfj20qwv.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Trovi search");
[nfj20qwv.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3330189&octid ... -4406-91F6[...]
[nfj20qwv.default\prefs.js] - Line Deleted : user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22[...]
[nfj20qwv.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "14909a4a5828c463ee2d6c2f7a7e3723");
-\\ Google Chrome v38.0.2125.111
[C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3 ... rms}&SSPV=
[C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3 ... rms}&SSPV=
*************************
AdwCleaner[R0].txt - [11118 octets] - [10/11/2014 17:47:59]
AdwCleaner[S0].txt - [10785 octets] - [10/11/2014 17:51:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10846 octets] ##########
Re: Prosím o pomoc s viry
Zoek.exe v5.0.0.0 Updated 10-November-2014
Tool run by Dominik on po 10.11.2014 at 17:57:22,95.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dominik\Desktop\zoek.exe [Scan all users] [Script inserted]
===== Runcheck 17:57:41,74 =====
--- Create Environment Variables 17:57:43,32
--- Create System Restore Point 17:57:52,13
--- Checking Input 17:58:28,37
--- Reset Hosts File 17:58:35,27
--- AU AppData Check 17:58:37,25
--- Remove From Windows Installer 17:58:43,41
--- IE Startpage Check 17:59:59,32
--- Program Files DB Check 18:00:29,48
--- C:\Users\Default\AppData\Roaming DB Check 18:01:17,41
--- C:\Users\Default User\AppData\Roaming DB Check 18:01:17,41
--- C:\Users\Dominik\AppData\Roaming DB Check 18:01:17,41
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 18:01:17,41
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 18:01:17,41
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 18:01:17,41
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 18:01:17,41
--- C:\Users\Dominik DB Check 18:03:24,77
--- C:\PROGRA~3 DB Check 18:03:40,75
--- C:\Users\Default\AppData\Local DB Check 18:03:42,65
--- C:\Users\Default User\AppData\Local DB Check 18:03:42,65
--- C:\Users\Dominik\AppData\Local DB Check 18:03:42,65
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 18:03:42,65
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 18:03:42,65
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 18:03:42,65
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 18:03:42,65
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 18:05:08,31
--- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 18:05:17,14
--- Tasks DB Check 18:05:22,74
--- Downloads DB Check 18:05:26,73
--- C:\Users\Dominik\AppData\LocalLow DB Check 18:05:31,21
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 18:05:31,21
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 18:05:31,21
--- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 18:05:31,21
--- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 18:05:31,21
--- Tasks2 DB Check 18:06:24,89
--- Documents DB Check 18:06:57,72
--- C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default DB Check 18:07:03,78
--- C:\Users\Public\Desktop DB Check 18:07:06,45
--- C:\Users\Dominik\Desktop DB Check 18:07:10,40
--- Services DB Check 18:07:20,45
Tool run by Dominik on po 10.11.2014 at 17:57:22,95.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dominik\Desktop\zoek.exe [Scan all users] [Script inserted]
===== Runcheck 17:57:41,74 =====
--- Create Environment Variables 17:57:43,32
--- Create System Restore Point 17:57:52,13
--- Checking Input 17:58:28,37
--- Reset Hosts File 17:58:35,27
--- AU AppData Check 17:58:37,25
--- Remove From Windows Installer 17:58:43,41
--- IE Startpage Check 17:59:59,32
--- Program Files DB Check 18:00:29,48
--- C:\Users\Default\AppData\Roaming DB Check 18:01:17,41
--- C:\Users\Default User\AppData\Roaming DB Check 18:01:17,41
--- C:\Users\Dominik\AppData\Roaming DB Check 18:01:17,41
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 18:01:17,41
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 18:01:17,41
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 18:01:17,41
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 18:01:17,41
--- C:\Users\Dominik DB Check 18:03:24,77
--- C:\PROGRA~3 DB Check 18:03:40,75
--- C:\Users\Default\AppData\Local DB Check 18:03:42,65
--- C:\Users\Default User\AppData\Local DB Check 18:03:42,65
--- C:\Users\Dominik\AppData\Local DB Check 18:03:42,65
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 18:03:42,65
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 18:03:42,65
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 18:03:42,65
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 18:03:42,65
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 18:05:08,31
--- C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 18:05:17,14
--- Tasks DB Check 18:05:22,74
--- Downloads DB Check 18:05:26,73
--- C:\Users\Dominik\AppData\LocalLow DB Check 18:05:31,21
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 18:05:31,21
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 18:05:31,21
--- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 18:05:31,21
--- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 18:05:31,21
--- Tasks2 DB Check 18:06:24,89
--- Documents DB Check 18:06:57,72
--- C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default DB Check 18:07:03,78
--- C:\Users\Public\Desktop DB Check 18:07:06,45
--- C:\Users\Dominik\Desktop DB Check 18:07:10,40
--- Services DB Check 18:07:20,45
Re: Prosím o pomoc s viry
Podivejte se prosim jeste po logu c:\zoek_result.log a ten mi sem vlozte...
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o pomoc s viry
Zoek.exe v5.0.0.0 Updated 10-November-2014
Tool run by Dominik on po 10.11.2014 at 17:57:22,95.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dominik\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
10.11.2014 17:58:22 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\prefs.js:
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default
user.js not found
---- Lines {121761af-0fa5-4896-a2a8-cfdbac4e4982} removed from prefs.js ----
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.daysPassed", "{\"t10d\":true,\"t7d\":true,\"t2d\":true}");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.installtime", "1413494781.768");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.is_bundle", "true");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.isFirstRun", "false");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.last_version", "");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.lastC", "{\"sm\":393113,\"li\":393200,\"mo\":393200}");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.moEnabled", true);
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.server", "https://s7902.webovernet.com");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.src", "7902");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.toolbarButtonInstalled", true);
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.user_id", "13569136-E2BE-45B9-947B-D868EDB099F9");
---- Lines {121761af-0fa5-4896-a2a8-cfdbac4e4982} modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program
---- Lines awarnerrobertshotmailcom61915 removed from prefs.js ----
user_pref("extensions.awarnerrobertshotmailcom61915.61915.active", true);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.addressbar", "NA");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.addressbarenhanced", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.asyncdb.was_copied", "true");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.asyncinternaldb.was_copied", "true");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.backgroundver", 1);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.certdomaininstaller", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.cookie.InstallationTime.value", "%221413192863%22");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000805%22%2C%22sub_id%22%3A%220%22%2
user_pref("extensions.awarnerrobertshotmailcom61915.61915.description", ".");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.domain", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.enablesearch", false);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.homepage", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.changeprevious", false);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.iframe", false);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.InstallationThankYouPage", false);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.InstallationTime", 1413192863);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.__defualt_browser__.value", "%22ff%22");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22AF
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22AF59BE1EA9474E58857463C
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000805%22%2C%22sub_id%22%3A%220%
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000805%22%2C%22sub_id%22%3A
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22AF59BE1EA9474E
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100")
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT+01
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_bundledWithHash.value", "null");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT+010
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_regBundledWithSoftware.expiration", "Fri Feb 01 2030 00:00:00
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_regBundledWithSoftware.value", "%7B%7D");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_appVer.value", "47");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_nextCheck.expiration", "Sun Nov 09 2014 14:57:36 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.lastDailyReport", "1415519855423");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.lastUpdate", "1415519856496");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.manifesturl", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.name", "Sense1");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.newtab", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.opensearch", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.pluginsurl", "http://js.newinputinfoservice.com/plugi ... ugins.json
user_pref("extensions.awarnerrobertshotmailcom61915.61915.pluginsversion", 43);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.publisher", "Object Browser");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.searchstatus", 0);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.setnewtab", false);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.thankyou", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.updateinterval", 360);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.ver", 47);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.warnerroberts@hotmail.comasyncdb_dbWasSet", true);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.warnerroberts@hotmail.comasyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.warnerroberts@hotmail.comasyncinternaldb_dbWasSet", true);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.warnerroberts@hotmail.comasyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.warnerroberts@hotmail.comawarnerrobertshotmailcom61915_dbWasSet", true);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.warnerroberts@hotmail.comawarnerrobertshotmailcom61915_dbWasSet_FF25_FIX", true);
user_pref("extensions.awarnerrobertshotmailcom61915.apps", "61915");
user_pref("extensions.awarnerrobertshotmailcom61915.bic", "14909a4a5828c463ee2d6c2f7a7e3723");
user_pref("extensions.awarnerrobertshotmailcom61915.cid", 61915);
user_pref("extensions.awarnerrobertshotmailcom61915.firstrun", false);
user_pref("extensions.awarnerrobertshotmailcom61915.hadappinstalled", true);
user_pref("extensions.awarnerrobertshotmailcom61915.installationdate", 1413206026);
user_pref("extensions.awarnerrobertshotmailcom61915.modetype", "production");
user_pref("extensions.awarnerrobertshotmailcom61915.reportInstall", true);
user_pref("extensions.awarnerrobertshotmailcom61915.statsDailyCounter", 15);
---- FireFox user.js and prefs.js backups ----
prefs_10.11.2014_1809_.backup
==== Deleting Files \ Folders ======================
C:\Windows\Syswow64\FrozenOCRSoftware deleted
C:\Windows\Syswow64\ImportTaskTooltip deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\Users\Dominik\AppData\Local\Installer deleted
C:\windows\SysNative\tasks\UNELEVATE_18548 deleted
C:\windows\SysNative\Tasks\SPBIW_UpdateTask_Time_313230383936313936302d5b554a6c6c5a23572a415534 deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\ROUAILDE73397174@UXGZI17268980.com deleted
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\warnerroberts@hotmail.com deleted
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\{121761af-0fa5-4896-a2a8-cfdbac4e4982} deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\ArchiveNetScrolling.exe" deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\MetafileMySQLRegister.exe" deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\msvcp100.dll" deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\msvcr100.dll" not deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\QtCore4.dll" deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\QtNetwork4.dll" deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling" not deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\desktop" not deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\service" deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default
- Undetermined - {121761af-0fa5-4896-a2a8-cfdbac4e4982}
- Undetermined - translator@dontfollowme.net
- Undetermined - ROUAILDE73397174@UXGZI17268980.com
- Undetermined - warnerroberts@hotmail.com
- Undetermined - {746505DC-0E21-4667-97F8-72EA6BCF5EEF}
- translatordontfollowmenet - %ProfilePath%\extensions\translator@dontfollowme.net
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
==== Firefox Plugins ======================
Profilepath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
==== Chromium Look ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{F5DDCA21-73C8-4134-BF10-8E5DDC711C15} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"
==== Reset Google Chrome ======================
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyServer"="http=127.0.0.1:38262"
"ProxyOverride"="<local>;*origin.com;*ea.com;*akamaihd.net"
"ProxyEnable"=dword:00000001
Value(s) after fix:
"ProxyEnable"=dword:00000000
Tool run by Dominik on po 10.11.2014 at 17:57:22,95.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Dominik\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
10.11.2014 17:58:22 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\prefs.js:
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default
user.js not found
---- Lines {121761af-0fa5-4896-a2a8-cfdbac4e4982} removed from prefs.js ----
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.daysPassed", "{\"t10d\":true,\"t7d\":true,\"t2d\":true}");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.installtime", "1413494781.768");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.is_bundle", "true");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.isFirstRun", "false");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.last_version", "");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.lastC", "{\"sm\":393113,\"li\":393200,\"mo\":393200}");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.moEnabled", true);
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.server", "https://s7902.webovernet.com");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.src", "7902");
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.toolbarButtonInstalled", true);
user_pref("{121761af-0fa5-4896-a2a8-cfdbac4e4982}.user_id", "13569136-E2BE-45B9-947B-D868EDB099F9");
---- Lines {121761af-0fa5-4896-a2a8-cfdbac4e4982} modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program
---- Lines awarnerrobertshotmailcom61915 removed from prefs.js ----
user_pref("extensions.awarnerrobertshotmailcom61915.61915.active", true);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.addressbar", "NA");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.addressbarenhanced", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.asyncdb.was_copied", "true");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.asyncinternaldb.was_copied", "true");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.backgroundver", 1);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.certdomaininstaller", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.cookie.InstallationTime.value", "%221413192863%22");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000805%22%2C%22sub_id%22%3A%220%22%2
user_pref("extensions.awarnerrobertshotmailcom61915.61915.description", ".");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.domain", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.enablesearch", false);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.homepage", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.changeprevious", false);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.iframe", false);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.InstallationThankYouPage", false);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.InstallationTime", 1413192863);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.__defualt_browser__.value", "%22ff%22");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22AF
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22AF59BE1EA9474E58857463C
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000805%22%2C%22sub_id%22%3A%220%
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000805%22%2C%22sub_id%22%3A
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22AF59BE1EA9474E
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100")
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT+01
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_bundledWithHash.value", "null");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT+010
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_regBundledWithSoftware.expiration", "Fri Feb 01 2030 00:00:00
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.monetization_plugin_regBundledWithSoftware.value", "%7B%7D");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_appVer.value", "47");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_nextCheck.expiration", "Sun Nov 09 2014 14:57:36 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.lastDailyReport", "1415519855423");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.lastUpdate", "1415519856496");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.manifesturl", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.name", "Sense1");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.newtab", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.opensearch", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.pluginsurl", "http://js.newinputinfoservice.com/plugi ... ugins.json
user_pref("extensions.awarnerrobertshotmailcom61915.61915.pluginsversion", 43);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.publisher", "Object Browser");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.searchstatus", 0);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.setnewtab", false);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.thankyou", "");
user_pref("extensions.awarnerrobertshotmailcom61915.61915.updateinterval", 360);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.ver", 47);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.warnerroberts@hotmail.comasyncdb_dbWasSet", true);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.warnerroberts@hotmail.comasyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.warnerroberts@hotmail.comasyncinternaldb_dbWasSet", true);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.warnerroberts@hotmail.comasyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.warnerroberts@hotmail.comawarnerrobertshotmailcom61915_dbWasSet", true);
user_pref("extensions.awarnerrobertshotmailcom61915.61915.warnerroberts@hotmail.comawarnerrobertshotmailcom61915_dbWasSet_FF25_FIX", true);
user_pref("extensions.awarnerrobertshotmailcom61915.apps", "61915");
user_pref("extensions.awarnerrobertshotmailcom61915.bic", "14909a4a5828c463ee2d6c2f7a7e3723");
user_pref("extensions.awarnerrobertshotmailcom61915.cid", 61915);
user_pref("extensions.awarnerrobertshotmailcom61915.firstrun", false);
user_pref("extensions.awarnerrobertshotmailcom61915.hadappinstalled", true);
user_pref("extensions.awarnerrobertshotmailcom61915.installationdate", 1413206026);
user_pref("extensions.awarnerrobertshotmailcom61915.modetype", "production");
user_pref("extensions.awarnerrobertshotmailcom61915.reportInstall", true);
user_pref("extensions.awarnerrobertshotmailcom61915.statsDailyCounter", 15);
---- FireFox user.js and prefs.js backups ----
prefs_10.11.2014_1809_.backup
==== Deleting Files \ Folders ======================
C:\Windows\Syswow64\FrozenOCRSoftware deleted
C:\Windows\Syswow64\ImportTaskTooltip deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\Users\Dominik\AppData\Local\Installer deleted
C:\windows\SysNative\tasks\UNELEVATE_18548 deleted
C:\windows\SysNative\Tasks\SPBIW_UpdateTask_Time_313230383936313936302d5b554a6c6c5a23572a415534 deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\ROUAILDE73397174@UXGZI17268980.com deleted
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\warnerroberts@hotmail.com deleted
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\{121761af-0fa5-4896-a2a8-cfdbac4e4982} deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\ArchiveNetScrolling.exe" deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\MetafileMySQLRegister.exe" deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\msvcp100.dll" deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\msvcr100.dll" not deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\QtCore4.dll" deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\QtNetwork4.dll" deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling" not deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\desktop" not deleted
"C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\service" deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default
- Undetermined - {121761af-0fa5-4896-a2a8-cfdbac4e4982}
- Undetermined - translator@dontfollowme.net
- Undetermined - ROUAILDE73397174@UXGZI17268980.com
- Undetermined - warnerroberts@hotmail.com
- Undetermined - {746505DC-0E21-4667-97F8-72EA6BCF5EEF}
- translatordontfollowmenet - %ProfilePath%\extensions\translator@dontfollowme.net
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
==== Firefox Plugins ======================
Profilepath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default
DFC9460CC37E5C414DC4680B10C19E7A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll - Shockwave Flash
==== Chromium Look ======================
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{F5DDCA21-73C8-4134-BF10-8E5DDC711C15} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13415"
==== Reset Google Chrome ======================
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyServer"="http=127.0.0.1:38262"
"ProxyOverride"="<local>;*origin.com;*ea.com;*akamaihd.net"
"ProxyEnable"=dword:00000001
Value(s) after fix:
"ProxyEnable"=dword:00000000
Re: Prosím o pomoc s viry
Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o pomoc s viry
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Dominik (administrator) on DOMINIK-PC on 10-11-2014 19:09:16
Running from C:\Users\Dominik\Desktop
Loaded Profile: Dominik (Available profiles: Dominik)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-25] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-01-31] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-10-24] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f7fa-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f812-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f829-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {cb893064-52ab-11e4-a507-74e543f05c84} - F:\SETUP.EXE
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {F5DDCA21-73C8-4134-BF10-8E5DDC711C15} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: translatordontfollowmenet - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\translator@dontfollowme.net [2014-10-20]
FF Extension: Seznam lištička - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-11-05]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\{121761af-0fa5-4896-a2a8-cfdbac4e4982} [Not Found]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\ROUAILDE73397174@UXGZI17268980.com [Not Found]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\warnerroberts@hotmail.com [Not Found]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\sepherdwilbur@aol.com [Not Found]
FF Extension: No Name - {121761af-0fa5-4896-a2a8-cfdbac4e4982} [Not Found]
FF Extension: No Name - ROUAILDE73397174@UXGZI17268980.com [Not Found]
FF Extension: No Name - warnerroberts@hotmail.com [Not Found]
FF Extension: No Name - {746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-09]
CHR Extension: (Dokumenty Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-09]
CHR Extension: (Disk Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-09]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-09]
CHR Extension: (Vyhledávání Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-09]
CHR Extension: (Tabulky Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-09]
CHR Extension: (Peněženka Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-09]
CHR Extension: (Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-14] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [File not signed]
S2 ArchiveNetScrolling.exe; C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\ArchiveNetScrolling.exe [X]
S2 DatabaseOSUtility.exe; C:\Users\Dominik\AppData\Local\DatabaseOSUtility\DatabaseOSUtility.exe [X]
S2 FrozenOCRSoftware; C:\Windows\SysWOW64\FrozenOCRSoftware\FrozenOCRSoftware.exe [X]
S2 ImportTaskTooltip; C:\Windows\SysWOW64\ImportTaskTooltip\ImportTaskTooltip.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwusb_cdcacm; system32\DRIVERS\ew_cdcacm.sys [X]
S3 hwusb_wwanecm; system32\DRIVERS\ew_wwanecm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 19:09 - 2014-11-10 19:10 - 00013334 _____ () C:\Users\Dominik\Desktop\FRST.txt
2014-11-10 19:08 - 2014-11-10 19:09 - 00000000 ____D () C:\FRST
2014-11-10 19:07 - 2014-11-10 19:07 - 02116096 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2014-11-10 18:09 - 2014-11-10 18:09 - 00000068 _____ () C:\files.log
2014-11-10 18:08 - 2014-11-10 18:09 - 00000076 _____ () C:\folders.log
2014-11-10 18:08 - 2014-11-10 18:08 - 00000000 ____D () C:\zoek
2014-11-10 17:57 - 2014-11-10 18:11 - 00016458 _____ () C:\zoek-results.log
2014-11-10 17:56 - 2014-11-10 18:11 - 00003200 _____ () C:\runcheck.txt
2014-11-10 17:56 - 2014-11-10 18:09 - 00000000 ____D () C:\zoek_backup
2014-11-10 17:55 - 2014-11-10 17:56 - 01294848 _____ () C:\Users\Dominik\Desktop\zoek.exe
2014-11-10 17:52 - 2014-11-10 17:52 - 00010975 _____ () C:\Users\Dominik\Desktop\AdwCleaner[S0].txt
2014-11-10 17:46 - 2014-11-10 17:51 - 00000000 ____D () C:\AdwCleaner
2014-11-10 17:46 - 2014-11-10 17:46 - 02140160 _____ () C:\Users\Dominik\Downloads\adwcleaner_4.101 (1).exe
2014-11-10 17:45 - 2014-11-10 17:45 - 02140160 _____ () C:\Users\Dominik\Downloads\adwcleaner_4.101.exe
2014-11-10 17:34 - 2014-11-10 17:34 - 00000000 ____D () C:\rsit
2014-11-10 17:34 - 2014-11-10 17:34 - 00000000 ____D () C:\Program Files\trend micro
2014-11-10 17:33 - 2014-11-10 17:33 - 01222144 _____ () C:\Users\Dominik\Downloads\RSITx64.exe
2014-11-09 20:36 - 2014-11-09 20:36 - 00000000 ____D () C:\Users\Dominik\AppData\Local\ESET
2014-11-09 20:35 - 2014-11-09 20:35 - 00003144 _____ () C:\Windows\System32\Tasks\{F105F853-1C3C-4EFB-ABF7-8225430CCAD9}
2014-11-09 19:55 - 2014-11-09 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-11-09 19:55 - 2014-11-09 19:55 - 00000000 ____D () C:\ProgramData\ESET
2014-11-09 19:55 - 2014-11-09 19:55 - 00000000 ____D () C:\Program Files\ESET
2014-11-09 19:51 - 2014-11-09 19:52 - 73400320 _____ () C:\Users\Dominik\Downloads\eav_nt64_csy.msi
2014-11-09 19:49 - 2014-11-09 19:50 - 63823872 _____ () C:\Users\Dominik\Downloads\eav_nt32_csy.msi
2014-11-09 19:49 - 2014-11-09 19:49 - 01223776 _____ (Zugara Investments Limited ) C:\Users\Dominik\Downloads\eavnt32csymsi.exe
2014-11-09 19:47 - 2014-11-09 19:48 - 00000026 _____ () C:\Users\Dominik\Desktop\Nový textový dokument.txt
2014-11-09 19:46 - 2014-11-09 19:46 - 01761992 _____ (ESET) C:\Users\Dominik\Downloads\eset_nod32_antivirus_live_installer_.exe
2014-11-09 17:13 - 2014-11-09 17:14 - 00000000 ____D () C:\Program Files (x86)\7bd15b68-49a9-47e4-a61c-03c220f094be
2014-11-09 17:11 - 2014-11-09 17:11 - 02347384 _____ (ESET) C:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe
2014-11-09 17:11 - 2014-11-09 17:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-09 13:58 - 2014-11-10 18:12 - 00001908 _____ () C:\Windows\PFRO.log
2014-11-09 13:58 - 2014-11-10 18:12 - 00000336 _____ () C:\Windows\setupact.log
2014-11-09 13:58 - 2014-11-09 13:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-09 13:53 - 2014-11-09 13:53 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-09 13:53 - 2014-11-09 13:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-09 13:52 - 2014-11-09 13:52 - 04974864 _____ (Piriform Ltd) C:\Users\Dominik\Downloads\ccsetup419.exe
2014-11-09 13:49 - 2014-11-10 19:06 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 13:49 - 2014-11-10 18:12 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 13:49 - 2014-11-09 17:13 - 00002313 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-09 13:49 - 2014-11-09 13:49 - 00003950 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-09 13:49 - 2014-11-09 13:49 - 00003698 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-09 13:49 - 2014-11-09 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-09 13:48 - 2014-11-09 13:49 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Deployment
2014-11-09 13:48 - 2014-11-09 13:48 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Apps\2.0
2014-11-08 13:40 - 2014-11-08 14:44 - 00003903 _____ () C:\Users\Dominik\AppData\Roaming\mskyjkw.dat
2014-11-08 13:40 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncqnmptp.exe
2014-11-08 13:40 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncqnmptp.exe
2014-11-08 13:40 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncqnmptp.exe
2014-11-07 17:54 - 2014-11-09 14:00 - 00000330 _____ () C:\Users\Dominik\rgut
2014-11-07 17:54 - 2014-11-07 17:54 - 00000003 _____ () C:\Users\Dominik\stut
2014-11-07 16:51 - 2014-11-09 17:13 - 00000029 _____ () C:\Users\Dominik\AppData\Roaming\msxodbl.dat
2014-11-07 16:49 - 2013-08-11 15:40 - 00043520 ____S (NirSoft) C:\Windows\SysWOW64\nircmdc.exe
2014-11-07 14:34 - 2014-11-07 14:34 - 00003182 _____ () C:\Windows\System32\Tasks\{BEB232F4-078A-46E4-B938-74C151D520D8}
2014-11-07 14:02 - 2014-11-07 14:02 - 00000000 ____D () C:\Users\Dominik\Downloads\Skeletons
2014-11-07 14:00 - 2014-11-09 13:42 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\uTorrent
2014-11-07 13:59 - 2014-11-07 14:00 - 01689680 _____ (BitTorrent Inc.) C:\Users\Dominik\Downloads\uTorrent_3_4_2build34537.exe
2014-11-07 13:49 - 2014-11-09 13:31 - 00000000 ____D () C:\Program Files (x86)\MINECRAFT 1 7 2 plna hra zdarma
2014-11-07 13:49 - 2014-11-08 13:40 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-11-07 13:49 - 2014-11-07 14:34 - 00000000 ____D () C:\Windows\bitstreams
2014-11-07 13:49 - 2014-11-07 13:49 - 00000000 ____D () C:\Program Files (x86)\ULOZ.TO
2014-11-07 13:49 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncnomq.exe
2014-11-07 13:49 - 2013-10-26 20:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncnomq.exe
2014-11-07 13:49 - 2013-10-26 20:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2014-11-07 13:49 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncnomq.exe
2014-11-07 13:49 - 2013-06-12 15:15 - 00119888 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadGC2.dll
2014-11-07 13:49 - 2013-06-12 15:15 - 00100864 ____S () C:\Windows\SysWOW64\zlib1.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 01704448 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\libeay32.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00612352 _____ (The cURL library, http://curl.haxx.se/) C:\Windows\libcurl.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00565774 _____ () C:\Windows\expIorer.exe
2014-11-07 13:49 - 2013-05-31 16:32 - 00364544 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\ssleay32.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00279955 _____ () C:\Windows\libidn-11.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00206309 _____ () C:\Windows\NEWS.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00183382 _____ () C:\Windows\librtmp.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00171008 _____ (The libssh2 library, http://www.libssh2.org/) C:\Windows\libssh2.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00110094 _____ (libusb.org) C:\Windows\libusb-1.0.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00084992 _____ () C:\Windows\zlib1.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00064577 _____ () C:\Windows\miner.php
2014-11-07 13:49 - 2013-05-31 16:32 - 00049279 _____ () C:\Windows\API-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00044727 _____ () C:\Windows\diablo130302.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00043810 _____ () C:\Windows\poclbm130302.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00035821 _____ () C:\Windows\COPYING.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00031351 _____ () C:\Windows\README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00030802 _____ () C:\Windows\diakgcn121016.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00024624 _____ () C:\Windows\GPU-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00023825 _____ () C:\Windows\scrypt130511.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00015886 _____ () C:\Windows\windows-build.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00013062 _____ () C:\Windows\phatk121016.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00011728 _____ () C:\Windows\FPGA-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00011166 _____ () C:\Windows\linux-usb-cgminer.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00009998 _____ () C:\Windows\SCRYPT-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00007530 _____ () C:\Windows\api-example.c
2014-11-07 13:49 - 2013-05-31 16:32 - 00004108 _____ () C:\Windows\ASIC-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00003431 _____ () C:\Windows\API.class
2014-11-07 13:49 - 2013-05-31 16:32 - 00003306 _____ () C:\Windows\API.java
2014-11-07 13:49 - 2013-05-31 16:32 - 00002174 _____ () C:\Windows\api-example.php
2014-11-07 13:49 - 2013-05-31 16:32 - 00000763 _____ () C:\Windows\example.conf
2014-11-07 13:49 - 2013-05-31 16:32 - 00000438 _____ () C:\Windows\AUTHORS.txt
2014-11-07 13:49 - 2012-09-25 23:46 - 00472424 ____S (NVIDIA Corporation) C:\Windows\SysWOW64\cudart32_50_35.dll
2014-11-07 13:49 - 2012-05-27 01:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadVC2.dll
2014-11-07 08:47 - 2014-11-09 13:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-05 21:53 - 2014-11-05 21:53 - 00551610 _____ () C:\Users\Dominik\Downloads\Tipsport _ Největší komunita sázkařů.htm
2014-11-05 21:53 - 2014-11-05 21:53 - 00000000 ____D () C:\Users\Dominik\Downloads\Tipsport _ Největší komunita sázkařů_soubory
2014-11-05 21:36 - 2014-11-05 21:36 - 00000000 ____D () C:\ProgramData\Gemfor
2014-11-05 21:35 - 2014-11-05 21:35 - 01054912 _____ (Adobe) C:\Users\Dominik\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe
2014-11-05 16:47 - 2014-11-05 16:47 - 00000000 __SHD () C:\Users\Dominik\AppData\Local\EmieUserList
2014-11-05 16:47 - 2014-11-05 16:47 - 00000000 __SHD () C:\Users\Dominik\AppData\Local\EmieSiteList
2014-10-27 19:51 - 2014-10-27 19:51 - 00000000 ____D () C:\ProgramData\T-Mobile
2014-10-27 19:50 - 2014-11-09 13:19 - 00000000 ____D () C:\Program Files (x86)\T-Mobile
2014-10-27 19:50 - 2014-10-27 19:50 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\T-Mobile
2014-10-27 19:50 - 2014-10-27 19:50 - 00000000 ____D () C:\ProgramData\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2014-10-27 19:49 - 2014-10-27 19:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2014-10-27 19:49 - 2014-10-27 19:49 - 00000000 ____D () C:\Program Files (x86)\Huawei
2014-10-27 19:49 - 2012-08-20 08:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-10-27 19:49 - 2012-08-20 08:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2014-10-22 08:00 - 2014-10-22 08:00 - 00000000 ____D () C:\ProgramData\Synaptics
2014-10-20 15:17 - 2014-10-20 15:17 - 00000000 ____H () C:\Users\Dominik\Documents\Default.rdp
2014-10-20 14:38 - 2014-10-20 14:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-20 14:35 - 2014-10-20 14:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-20 14:35 - 2014-10-20 14:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-20 07:05 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-10-20 07:05 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-10-20 07:00 - 2012-02-11 07:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-10-20 07:00 - 2012-02-11 07:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-10-20 06:58 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-10-20 06:58 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-10-17 08:27 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-10-17 08:27 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-10-17 08:22 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-10-17 08:22 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-10-17 08:20 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-17 08:20 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-17 08:20 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-17 08:20 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-17 08:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-17 08:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-17 08:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-17 08:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-17 08:20 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-17 08:20 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-17 08:20 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-17 08:20 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-17 08:20 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-17 08:20 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-17 08:20 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-17 08:20 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-17 08:20 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-17 08:20 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-17 08:20 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-17 08:20 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-17 08:20 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-17 08:20 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-17 08:19 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-17 08:19 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-17 08:19 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-17 08:19 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-17 08:19 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-17 08:19 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-17 08:19 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-17 08:19 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-17 08:19 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-17 08:19 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-17 08:19 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-17 08:19 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-17 08:19 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-17 08:19 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-17 08:19 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-17 08:19 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-17 08:19 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-17 08:19 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-17 08:19 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-17 08:19 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-17 08:19 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-17 08:19 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-17 08:19 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-17 08:19 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-17 08:19 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-17 08:19 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-17 08:19 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-17 08:19 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-17 08:19 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-17 08:19 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-17 08:19 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-17 08:19 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-17 08:19 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-17 08:19 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-17 08:19 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-17 08:19 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-17 08:19 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-17 08:19 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-17 08:19 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-17 08:19 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-17 08:19 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-17 08:19 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-17 08:19 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-17 08:19 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-17 08:19 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-17 08:19 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-17 08:19 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-17 08:19 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-17 08:19 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-17 08:19 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-17 08:19 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-17 08:19 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-17 08:19 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-17 08:19 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-17 08:19 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-17 08:19 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-17 08:16 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-17 08:16 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-17 08:16 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-17 08:16 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-17 08:16 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-17 07:56 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-17 07:56 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-17 07:56 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-17 07:56 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-17 07:56 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-17 07:56 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-17 07:56 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-17 07:56 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-17 07:56 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-17 07:56 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-17 07:56 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-17 07:56 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-17 07:56 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-17 07:56 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-17 07:56 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 22:26 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 22:26 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 22:25 - 2014-10-16 22:25 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\QuickScan
2014-10-16 22:06 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-10-16 22:06 - 2011-02-25 06:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-10-14 23:30 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-10-14 23:30 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-10-14 22:18 - 2014-10-14 22:18 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-10-14 22:17 - 2014-10-14 22:17 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Game Updater
2014-10-14 22:03 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-10-14 22:03 - 2010-05-26 10:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-10-14 22:03 - 2007-04-04 17:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-10-14 22:02 - 2014-11-07 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
2014-10-14 09:56 - 2014-10-14 09:56 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Setup Integrity Check
2014-10-14 09:52 - 2014-10-14 09:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-10-14 07:04 - 2014-11-09 13:49 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-14 07:03 - 2014-11-09 13:49 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Google
2014-10-14 07:00 - 2014-10-14 07:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-10-13 11:53 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-13 11:53 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-13 11:53 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-13 11:53 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-10-13 11:38 - 2014-10-13 11:38 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-10-13 11:38 - 2014-10-13 11:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-10-13 11:38 - 2014-10-13 11:38 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-10-13 11:38 - 2014-10-13 11:38 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-10-13 11:38 - 2014-10-13 11:38 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-10-13 11:38 - 2014-10-13 11:38 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-10-13 11:35 - 2014-10-13 11:35 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-13 11:10 - 2014-10-13 11:10 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-10-13 11:10 - 2014-10-13 11:10 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-10-13 11:04 - 2010-02-23 09:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-10-13 10:56 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-10-13 10:56 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-10-13 10:56 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-10-13 10:56 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-10-13 10:55 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-10-13 10:55 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-10-13 10:55 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-10-13 10:55 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-10-13 10:45 - 2014-11-09 13:43 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-10-13 10:29 - 2014-10-13 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-10-13 10:29 - 2014-10-13 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-10-13 10:28 - 2014-10-13 10:28 - 00000000 ____D () C:\Windows\PCHEALTH
2014-10-13 10:28 - 2014-10-13 10:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-10-13 10:28 - 2014-10-13 10:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-10-13 10:28 - 2014-10-13 10:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-10-13 10:27 - 2014-10-13 10:27 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-10-13 10:26 - 2014-10-13 10:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-10-13 10:25 - 2014-10-20 14:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-13 10:25 - 2014-10-13 10:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-10-13 10:25 - 2014-10-13 10:25 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Microsoft Help
2014-10-13 10:25 - 2014-10-13 10:25 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-10-13 10:25 - 2014-10-13 10:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-10-13 10:24 - 2014-10-13 10:24 - 00000000 __RHD () C:\MSOCache
2014-10-13 10:23 - 2014-10-13 10:36 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-13 10:22 - 2014-11-09 13:32 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Seznam.cz
2014-10-13 10:21 - 2014-11-09 13:54 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\DAEMON Tools Lite
2014-10-13 10:20 - 2014-10-13 10:23 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-10-13 10:10 - 2014-10-13 10:10 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Macromedia
2014-10-13 10:10 - 2014-10-13 10:10 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Macromedia
2014-10-13 09:57 - 2014-10-13 09:57 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Adobe
2014-10-13 09:56 - 2014-11-10 18:13 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-13 09:56 - 2014-10-13 09:56 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-13 09:56 - 2014-10-13 09:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-13 09:56 - 2014-10-13 09:56 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-13 09:56 - 2014-10-13 09:56 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-10-13 09:56 - 2014-10-13 09:56 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-13 09:54 - 2014-10-13 12:08 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-13 09:54 - 2014-10-13 12:05 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-13 09:54 - 2014-10-13 09:54 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-13 09:53 - 2014-10-13 09:57 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Adobe
2014-10-13 09:51 - 2014-10-29 10:37 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\vlc
2014-10-13 09:51 - 2014-10-13 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-10-13 09:51 - 2014-10-13 09:51 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-10-13 09:50 - 2014-10-13 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-13 09:50 - 2014-10-13 09:50 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-10-13 09:47 - 2014-10-13 09:47 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Mozilla
2014-10-13 09:47 - 2014-10-13 09:47 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Mozilla
2014-10-13 09:46 - 2014-10-13 09:46 - 00000000 ____D () C:\ProgramData\Mozilla
2014-10-13 07:59 - 2014-10-13 11:05 - 01558096 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-13 07:52 - 2013-10-14 17:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-10-13 07:42 - 2014-10-13 07:42 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-10-13 07:42 - 2014-10-13 07:42 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-10-13 07:38 - 2012-07-06 21:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-10-13 07:38 - 2011-04-28 04:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-10-13 07:38 - 2011-03-11 07:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-10-13 07:38 - 2011-03-11 07:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-10-13 07:38 - 2011-03-11 07:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-10-13 07:38 - 2011-03-11 07:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-10-13 07:38 - 2011-03-11 07:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-10-13 07:38 - 2011-03-11 07:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-10-13 07:38 - 2011-03-11 07:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-10-13 07:38 - 2011-03-11 06:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-10-13 07:38 - 2011-03-11 06:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-10-13 07:38 - 2011-03-11 05:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-10-13 07:14 - 2014-10-20 14:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-13 07:14 - 2014-10-20 14:23 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 18:20 - 2009-07-14 05:45 - 00031504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 18:20 - 2009-07-14 05:45 - 00031504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 18:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-10 18:11 - 2014-10-09 17:14 - 01675678 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 18:09 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-10 18:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-09 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-09 13:54 - 2014-10-09 18:10 - 00000000 ____D () C:\Windows\Panther
2014-11-08 19:28 - 2011-04-12 09:34 - 00668376 _____ () C:\Windows\system32\perfh005.dat
2014-11-08 19:28 - 2011-04-12 09:34 - 00141004 _____ () C:\Windows\system32\perfc005.dat
2014-11-08 19:28 - 2009-07-14 06:13 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-07 17:54 - 2014-10-10 07:22 - 00000000 ____D () C:\Users\Dominik\AppData\Local\VirtualStore
2014-11-07 17:54 - 2014-10-10 07:21 - 00000000 ____D () C:\Users\Dominik
2014-11-07 14:14 - 2014-10-10 07:21 - 00000000 ___RD () C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-07 13:49 - 2011-04-12 09:34 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-11-05 18:40 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-11-05 18:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-20 14:53 - 2009-07-14 05:45 - 00408952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-20 14:51 - 2014-10-10 15:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-14 23:32 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-10-14 22:07 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-13 12:04 - 2014-10-10 07:22 - 00001393 _____ () C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-13 11:58 - 2011-04-12 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-13 10:38 - 2014-10-10 07:52 - 00109296 _____ () C:\Users\Dominik\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-13 10:29 - 2011-04-12 09:45 - 00000000 ____D () C:\Windows\ShellNew
2014-10-13 10:28 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-13 10:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-13 08:30 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-13 08:30 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
Some content of TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\7za.exe
C:\Users\Dominik\AppData\Local\Temp\hijackthis.exe
C:\Users\Dominik\AppData\Local\Temp\InstHelper.exe
C:\Users\Dominik\AppData\Local\Temp\NirCmd.exe
C:\Users\Dominik\AppData\Local\Temp\PEVZ.EXE
C:\Users\Dominik\AppData\Local\Temp\Quarantine.exe
C:\Users\Dominik\AppData\Local\Temp\remove.exe
C:\Users\Dominik\AppData\Local\Temp\sed.exe
C:\Users\Dominik\AppData\Local\Temp\shortcut.exe
C:\Users\Dominik\AppData\Local\Temp\sqlite3.dll
C:\Users\Dominik\AppData\Local\Temp\swreg.exe
C:\Users\Dominik\AppData\Local\Temp\swxcacls.exe
C:\Users\Dominik\AppData\Local\Temp\wget.exe
C:\Users\Dominik\AppData\Local\Temp\zoek-delete.exe
C:\Users\Dominik\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-09 14:25
==================== End Of Log ============================
Ran by Dominik (administrator) on DOMINIK-PC on 10-11-2014 19:09:16
Running from C:\Users\Dominik\Desktop
Loaded Profile: Dominik (Available profiles: Dominik)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-11-12] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-25] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5595336 2014-10-01] (ESET)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-29] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-01-31] ()
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-10-24] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f7fa-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f812-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f829-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {cb893064-52ab-11e4-a507-74e543f05c84} - F:\SETUP.EXE
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {F5DDCA21-73C8-4134-BF10-8E5DDC711C15} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: hxxp://www.google.com/search?btnG=Google+Search&q=
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: translatordontfollowmenet - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\translator@dontfollowme.net [2014-10-20]
FF Extension: Seznam lištička - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-11-05]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\{121761af-0fa5-4896-a2a8-cfdbac4e4982} [Not Found]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\ROUAILDE73397174@UXGZI17268980.com [Not Found]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\warnerroberts@hotmail.com [Not Found]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\sepherdwilbur@aol.com [Not Found]
FF Extension: No Name - {121761af-0fa5-4896-a2a8-cfdbac4e4982} [Not Found]
FF Extension: No Name - ROUAILDE73397174@UXGZI17268980.com [Not Found]
FF Extension: No Name - warnerroberts@hotmail.com [Not Found]
FF Extension: No Name - {746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-09]
CHR Extension: (Dokumenty Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-09]
CHR Extension: (Disk Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-09]
CHR Extension: (YouTube) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-09]
CHR Extension: (Vyhledávání Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-09]
CHR Extension: (Tabulky Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-09]
CHR Extension: (Peněženka Google) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-09]
CHR Extension: (Gmail) - C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1349576 2014-10-01] (ESET)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-01-14] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-11-12] (IDT, Inc.) [File not signed]
S2 ArchiveNetScrolling.exe; C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\ArchiveNetScrolling.exe [X]
S2 DatabaseOSUtility.exe; C:\Users\Dominik\AppData\Local\DatabaseOSUtility\DatabaseOSUtility.exe [X]
S2 FrozenOCRSoftware; C:\Windows\SysWOW64\FrozenOCRSoftware\FrozenOCRSoftware.exe [X]
S2 ImportTaskTooltip; C:\Windows\SysWOW64\ImportTaskTooltip\ImportTaskTooltip.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [243440 2014-10-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241368 2014-10-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169280 2014-10-10] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [158968 2014-10-10] (ESET)
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwusb_cdcacm; system32\DRIVERS\ew_cdcacm.sys [X]
S3 hwusb_wwanecm; system32\DRIVERS\ew_wwanecm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 19:09 - 2014-11-10 19:10 - 00013334 _____ () C:\Users\Dominik\Desktop\FRST.txt
2014-11-10 19:08 - 2014-11-10 19:09 - 00000000 ____D () C:\FRST
2014-11-10 19:07 - 2014-11-10 19:07 - 02116096 _____ (Farbar) C:\Users\Dominik\Desktop\FRST64.exe
2014-11-10 18:09 - 2014-11-10 18:09 - 00000068 _____ () C:\files.log
2014-11-10 18:08 - 2014-11-10 18:09 - 00000076 _____ () C:\folders.log
2014-11-10 18:08 - 2014-11-10 18:08 - 00000000 ____D () C:\zoek
2014-11-10 17:57 - 2014-11-10 18:11 - 00016458 _____ () C:\zoek-results.log
2014-11-10 17:56 - 2014-11-10 18:11 - 00003200 _____ () C:\runcheck.txt
2014-11-10 17:56 - 2014-11-10 18:09 - 00000000 ____D () C:\zoek_backup
2014-11-10 17:55 - 2014-11-10 17:56 - 01294848 _____ () C:\Users\Dominik\Desktop\zoek.exe
2014-11-10 17:52 - 2014-11-10 17:52 - 00010975 _____ () C:\Users\Dominik\Desktop\AdwCleaner[S0].txt
2014-11-10 17:46 - 2014-11-10 17:51 - 00000000 ____D () C:\AdwCleaner
2014-11-10 17:46 - 2014-11-10 17:46 - 02140160 _____ () C:\Users\Dominik\Downloads\adwcleaner_4.101 (1).exe
2014-11-10 17:45 - 2014-11-10 17:45 - 02140160 _____ () C:\Users\Dominik\Downloads\adwcleaner_4.101.exe
2014-11-10 17:34 - 2014-11-10 17:34 - 00000000 ____D () C:\rsit
2014-11-10 17:34 - 2014-11-10 17:34 - 00000000 ____D () C:\Program Files\trend micro
2014-11-10 17:33 - 2014-11-10 17:33 - 01222144 _____ () C:\Users\Dominik\Downloads\RSITx64.exe
2014-11-09 20:36 - 2014-11-09 20:36 - 00000000 ____D () C:\Users\Dominik\AppData\Local\ESET
2014-11-09 20:35 - 2014-11-09 20:35 - 00003144 _____ () C:\Windows\System32\Tasks\{F105F853-1C3C-4EFB-ABF7-8225430CCAD9}
2014-11-09 19:55 - 2014-11-09 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-11-09 19:55 - 2014-11-09 19:55 - 00000000 ____D () C:\ProgramData\ESET
2014-11-09 19:55 - 2014-11-09 19:55 - 00000000 ____D () C:\Program Files\ESET
2014-11-09 19:51 - 2014-11-09 19:52 - 73400320 _____ () C:\Users\Dominik\Downloads\eav_nt64_csy.msi
2014-11-09 19:49 - 2014-11-09 19:50 - 63823872 _____ () C:\Users\Dominik\Downloads\eav_nt32_csy.msi
2014-11-09 19:49 - 2014-11-09 19:49 - 01223776 _____ (Zugara Investments Limited ) C:\Users\Dominik\Downloads\eavnt32csymsi.exe
2014-11-09 19:47 - 2014-11-09 19:48 - 00000026 _____ () C:\Users\Dominik\Desktop\Nový textový dokument.txt
2014-11-09 19:46 - 2014-11-09 19:46 - 01761992 _____ (ESET) C:\Users\Dominik\Downloads\eset_nod32_antivirus_live_installer_.exe
2014-11-09 17:13 - 2014-11-09 17:14 - 00000000 ____D () C:\Program Files (x86)\7bd15b68-49a9-47e4-a61c-03c220f094be
2014-11-09 17:11 - 2014-11-09 17:11 - 02347384 _____ (ESET) C:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe
2014-11-09 17:11 - 2014-11-09 17:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-09 13:58 - 2014-11-10 18:12 - 00001908 _____ () C:\Windows\PFRO.log
2014-11-09 13:58 - 2014-11-10 18:12 - 00000336 _____ () C:\Windows\setupact.log
2014-11-09 13:58 - 2014-11-09 13:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-09 13:53 - 2014-11-09 13:53 - 00002776 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-11-09 13:53 - 2014-11-09 13:53 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-09 13:52 - 2014-11-09 13:52 - 04974864 _____ (Piriform Ltd) C:\Users\Dominik\Downloads\ccsetup419.exe
2014-11-09 13:49 - 2014-11-10 19:06 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-09 13:49 - 2014-11-10 18:12 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-09 13:49 - 2014-11-09 17:13 - 00002313 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-09 13:49 - 2014-11-09 13:49 - 00003950 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-09 13:49 - 2014-11-09 13:49 - 00003698 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-09 13:49 - 2014-11-09 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-09 13:48 - 2014-11-09 13:49 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Deployment
2014-11-09 13:48 - 2014-11-09 13:48 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Apps\2.0
2014-11-08 13:40 - 2014-11-08 14:44 - 00003903 _____ () C:\Users\Dominik\AppData\Roaming\mskyjkw.dat
2014-11-08 13:40 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncqnmptp.exe
2014-11-08 13:40 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncqnmptp.exe
2014-11-08 13:40 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncqnmptp.exe
2014-11-07 17:54 - 2014-11-09 14:00 - 00000330 _____ () C:\Users\Dominik\rgut
2014-11-07 17:54 - 2014-11-07 17:54 - 00000003 _____ () C:\Users\Dominik\stut
2014-11-07 16:51 - 2014-11-09 17:13 - 00000029 _____ () C:\Users\Dominik\AppData\Roaming\msxodbl.dat
2014-11-07 16:49 - 2013-08-11 15:40 - 00043520 ____S (NirSoft) C:\Windows\SysWOW64\nircmdc.exe
2014-11-07 14:34 - 2014-11-07 14:34 - 00003182 _____ () C:\Windows\System32\Tasks\{BEB232F4-078A-46E4-B938-74C151D520D8}
2014-11-07 14:02 - 2014-11-07 14:02 - 00000000 ____D () C:\Users\Dominik\Downloads\Skeletons
2014-11-07 14:00 - 2014-11-09 13:42 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\uTorrent
2014-11-07 13:59 - 2014-11-07 14:00 - 01689680 _____ (BitTorrent Inc.) C:\Users\Dominik\Downloads\uTorrent_3_4_2build34537.exe
2014-11-07 13:49 - 2014-11-09 13:31 - 00000000 ____D () C:\Program Files (x86)\MINECRAFT 1 7 2 plna hra zdarma
2014-11-07 13:49 - 2014-11-08 13:40 - 00000000 ____D () C:\Windows\SysWOW64\bitstreams
2014-11-07 13:49 - 2014-11-07 14:34 - 00000000 ____D () C:\Windows\bitstreams
2014-11-07 13:49 - 2014-11-07 13:49 - 00000000 ____D () C:\Program Files (x86)\ULOZ.TO
2014-11-07 13:49 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncnomq.exe
2014-11-07 13:49 - 2013-10-26 20:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncnomq.exe
2014-11-07 13:49 - 2013-10-26 20:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2014-11-07 13:49 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncnomq.exe
2014-11-07 13:49 - 2013-06-12 15:15 - 00119888 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadGC2.dll
2014-11-07 13:49 - 2013-06-12 15:15 - 00100864 ____S () C:\Windows\SysWOW64\zlib1.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 01704448 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\libeay32.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00612352 _____ (The cURL library, http://curl.haxx.se/) C:\Windows\libcurl.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00565774 _____ () C:\Windows\expIorer.exe
2014-11-07 13:49 - 2013-05-31 16:32 - 00364544 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Windows\ssleay32.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00279955 _____ () C:\Windows\libidn-11.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00206309 _____ () C:\Windows\NEWS.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00183382 _____ () C:\Windows\librtmp.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00171008 _____ (The libssh2 library, http://www.libssh2.org/) C:\Windows\libssh2.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00110094 _____ (libusb.org) C:\Windows\libusb-1.0.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00084992 _____ () C:\Windows\zlib1.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00064577 _____ () C:\Windows\miner.php
2014-11-07 13:49 - 2013-05-31 16:32 - 00049279 _____ () C:\Windows\API-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00044727 _____ () C:\Windows\diablo130302.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00043810 _____ () C:\Windows\poclbm130302.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00035821 _____ () C:\Windows\COPYING.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00031351 _____ () C:\Windows\README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00030802 _____ () C:\Windows\diakgcn121016.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00024624 _____ () C:\Windows\GPU-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00023825 _____ () C:\Windows\scrypt130511.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00015886 _____ () C:\Windows\windows-build.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00013062 _____ () C:\Windows\phatk121016.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00011728 _____ () C:\Windows\FPGA-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00011166 _____ () C:\Windows\linux-usb-cgminer.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00009998 _____ () C:\Windows\SCRYPT-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00007530 _____ () C:\Windows\api-example.c
2014-11-07 13:49 - 2013-05-31 16:32 - 00004108 _____ () C:\Windows\ASIC-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00003431 _____ () C:\Windows\API.class
2014-11-07 13:49 - 2013-05-31 16:32 - 00003306 _____ () C:\Windows\API.java
2014-11-07 13:49 - 2013-05-31 16:32 - 00002174 _____ () C:\Windows\api-example.php
2014-11-07 13:49 - 2013-05-31 16:32 - 00000763 _____ () C:\Windows\example.conf
2014-11-07 13:49 - 2013-05-31 16:32 - 00000438 _____ () C:\Windows\AUTHORS.txt
2014-11-07 13:49 - 2012-09-25 23:46 - 00472424 ____S (NVIDIA Corporation) C:\Windows\SysWOW64\cudart32_50_35.dll
2014-11-07 13:49 - 2012-05-27 01:36 - 00055808 ____S (Open Source Software community LGPL) C:\Windows\SysWOW64\pthreadVC2.dll
2014-11-07 08:47 - 2014-11-09 13:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-05 21:53 - 2014-11-05 21:53 - 00551610 _____ () C:\Users\Dominik\Downloads\Tipsport _ Největší komunita sázkařů.htm
2014-11-05 21:53 - 2014-11-05 21:53 - 00000000 ____D () C:\Users\Dominik\Downloads\Tipsport _ Největší komunita sázkařů_soubory
2014-11-05 21:36 - 2014-11-05 21:36 - 00000000 ____D () C:\ProgramData\Gemfor
2014-11-05 21:35 - 2014-11-05 21:35 - 01054912 _____ (Adobe) C:\Users\Dominik\Downloads\install_flashplayer15x32au_mssa_aaa_aih.exe
2014-11-05 16:47 - 2014-11-05 16:47 - 00000000 __SHD () C:\Users\Dominik\AppData\Local\EmieUserList
2014-11-05 16:47 - 2014-11-05 16:47 - 00000000 __SHD () C:\Users\Dominik\AppData\Local\EmieSiteList
2014-10-27 19:51 - 2014-10-27 19:51 - 00000000 ____D () C:\ProgramData\T-Mobile
2014-10-27 19:50 - 2014-11-09 13:19 - 00000000 ____D () C:\Program Files (x86)\T-Mobile
2014-10-27 19:50 - 2014-10-27 19:50 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\T-Mobile
2014-10-27 19:50 - 2014-10-27 19:50 - 00000000 ____D () C:\ProgramData\{CC71B1CB-A2E4-4CF7-8EDB-A0E290BA1604}
2014-10-27 19:49 - 2014-10-27 19:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
2014-10-27 19:49 - 2014-10-27 19:49 - 00000000 ____D () C:\Program Files (x86)\Huawei
2014-10-27 19:49 - 2012-08-20 08:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-10-27 19:49 - 2012-08-20 08:37 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2014-10-22 08:00 - 2014-10-22 08:00 - 00000000 ____D () C:\ProgramData\Synaptics
2014-10-20 15:17 - 2014-10-20 15:17 - 00000000 ____H () C:\Users\Dominik\Documents\Default.rdp
2014-10-20 14:38 - 2014-10-20 14:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-20 14:35 - 2014-10-20 14:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-20 14:35 - 2014-10-20 14:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-20 07:05 - 2014-06-24 04:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-10-20 07:05 - 2014-06-24 03:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-10-20 07:00 - 2012-02-11 07:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-10-20 07:00 - 2012-02-11 07:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-10-20 06:58 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-10-20 06:58 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-10-17 08:27 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-10-17 08:27 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-10-17 08:22 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-10-17 08:22 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-10-17 08:20 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-17 08:20 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-17 08:20 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-17 08:20 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-17 08:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-17 08:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-17 08:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-17 08:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-17 08:20 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-17 08:20 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-17 08:20 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-17 08:20 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-17 08:20 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-17 08:20 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-17 08:20 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-17 08:20 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-17 08:20 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-17 08:20 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-17 08:20 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-17 08:20 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-17 08:20 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-17 08:20 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-17 08:19 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-17 08:19 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-17 08:19 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-17 08:19 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-17 08:19 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-17 08:19 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-17 08:19 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-17 08:19 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-17 08:19 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-17 08:19 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-17 08:19 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-17 08:19 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-17 08:19 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-17 08:19 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-17 08:19 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-17 08:19 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-17 08:19 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-17 08:19 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-17 08:19 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-17 08:19 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-17 08:19 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-17 08:19 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-17 08:19 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-17 08:19 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-17 08:19 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-17 08:19 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-17 08:19 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-17 08:19 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-17 08:19 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-17 08:19 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-17 08:19 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-17 08:19 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-17 08:19 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-17 08:19 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-17 08:19 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-17 08:19 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-17 08:19 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-17 08:19 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-17 08:19 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-17 08:19 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-17 08:19 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-17 08:19 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-17 08:19 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-17 08:19 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-17 08:19 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-17 08:19 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-17 08:19 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-17 08:19 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-17 08:19 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-17 08:19 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-17 08:19 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-17 08:19 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-17 08:19 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-17 08:19 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-17 08:19 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-17 08:19 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-17 08:16 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-17 08:16 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-17 08:16 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-17 08:16 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-17 08:16 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-17 07:56 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-17 07:56 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-17 07:56 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-17 07:56 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-17 07:56 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-17 07:56 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-17 07:56 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-17 07:56 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-17 07:56 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-17 07:56 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-17 07:56 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-17 07:56 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-17 07:56 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-17 07:56 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-17 07:56 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 22:26 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 22:26 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 22:25 - 2014-10-16 22:25 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\QuickScan
2014-10-16 22:06 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-10-16 22:06 - 2011-02-25 06:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-10-14 23:30 - 2014-06-27 03:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-10-14 23:30 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-10-14 22:18 - 2014-10-14 22:18 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-10-14 22:17 - 2014-10-14 22:17 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Game Updater
2014-10-14 22:03 - 2010-05-26 10:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-10-14 22:03 - 2010-05-26 10:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-10-14 22:03 - 2007-04-04 17:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2014-10-14 22:02 - 2014-11-07 19:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 14
2014-10-14 09:56 - 2014-10-14 09:56 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Setup Integrity Check
2014-10-14 09:52 - 2014-10-14 09:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-10-14 07:04 - 2014-11-09 13:49 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-14 07:03 - 2014-11-09 13:49 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Google
2014-10-14 07:00 - 2014-10-14 07:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-10-13 11:53 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-13 11:53 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-13 11:53 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-13 11:53 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-10-13 11:38 - 2014-10-13 11:38 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-10-13 11:38 - 2014-10-13 11:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-10-13 11:38 - 2014-10-13 11:38 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-10-13 11:38 - 2014-10-13 11:38 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-10-13 11:38 - 2014-10-13 11:38 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-10-13 11:38 - 2014-10-13 11:38 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-10-13 11:38 - 2014-10-13 11:38 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-13 11:38 - 2014-10-13 11:38 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-10-13 11:35 - 2014-10-13 11:35 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-13 11:35 - 2014-10-13 11:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-10-13 11:10 - 2014-10-13 11:10 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-10-13 11:10 - 2014-10-13 11:10 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-10-13 11:04 - 2010-02-23 09:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-10-13 10:56 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-10-13 10:56 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-10-13 10:56 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-10-13 10:56 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-10-13 10:55 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-10-13 10:55 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-10-13 10:55 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-10-13 10:55 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-10-13 10:45 - 2014-11-09 13:43 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-10-13 10:29 - 2014-10-13 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-10-13 10:29 - 2014-10-13 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-10-13 10:28 - 2014-10-13 10:28 - 00000000 ____D () C:\Windows\PCHEALTH
2014-10-13 10:28 - 2014-10-13 10:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-10-13 10:28 - 2014-10-13 10:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-10-13 10:28 - 2014-10-13 10:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-10-13 10:27 - 2014-10-13 10:27 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-10-13 10:26 - 2014-10-13 10:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-10-13 10:25 - 2014-10-20 14:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-13 10:25 - 2014-10-13 10:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-10-13 10:25 - 2014-10-13 10:25 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Microsoft Help
2014-10-13 10:25 - 2014-10-13 10:25 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-10-13 10:25 - 2014-10-13 10:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-10-13 10:24 - 2014-10-13 10:24 - 00000000 __RHD () C:\MSOCache
2014-10-13 10:23 - 2014-10-13 10:36 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-13 10:22 - 2014-11-09 13:32 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Seznam.cz
2014-10-13 10:21 - 2014-11-09 13:54 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\DAEMON Tools Lite
2014-10-13 10:20 - 2014-10-13 10:23 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-10-13 10:10 - 2014-10-13 10:10 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Macromedia
2014-10-13 10:10 - 2014-10-13 10:10 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Macromedia
2014-10-13 09:57 - 2014-10-13 09:57 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Adobe
2014-10-13 09:56 - 2014-11-10 18:13 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-13 09:56 - 2014-10-13 09:56 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-13 09:56 - 2014-10-13 09:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-13 09:56 - 2014-10-13 09:56 - 00003852 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-10-13 09:56 - 2014-10-13 09:56 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-10-13 09:56 - 2014-10-13 09:56 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-13 09:54 - 2014-10-13 12:08 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-13 09:54 - 2014-10-13 12:05 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-13 09:54 - 2014-10-13 09:54 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-13 09:53 - 2014-10-13 09:57 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Adobe
2014-10-13 09:51 - 2014-10-29 10:37 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\vlc
2014-10-13 09:51 - 2014-10-13 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-10-13 09:51 - 2014-10-13 09:51 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-10-13 09:50 - 2014-10-13 09:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-13 09:50 - 2014-10-13 09:50 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-10-13 09:47 - 2014-10-13 09:47 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Mozilla
2014-10-13 09:47 - 2014-10-13 09:47 - 00000000 ____D () C:\Users\Dominik\AppData\Local\Mozilla
2014-10-13 09:46 - 2014-10-13 09:46 - 00000000 ____D () C:\ProgramData\Mozilla
2014-10-13 07:59 - 2014-10-13 11:05 - 01558096 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-13 07:52 - 2013-10-14 17:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-10-13 07:42 - 2014-10-13 07:42 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-10-13 07:42 - 2014-10-13 07:42 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-10-13 07:38 - 2012-07-06 21:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-10-13 07:38 - 2011-04-28 04:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2014-10-13 07:38 - 2011-03-11 07:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-10-13 07:38 - 2011-03-11 07:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-10-13 07:38 - 2011-03-11 07:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-10-13 07:38 - 2011-03-11 07:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-10-13 07:38 - 2011-03-11 07:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-10-13 07:38 - 2011-03-11 07:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-10-13 07:38 - 2011-03-11 07:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-10-13 07:38 - 2011-03-11 06:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-10-13 07:38 - 2011-03-11 06:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-10-13 07:38 - 2011-03-11 05:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-10-13 07:14 - 2014-10-20 14:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-13 07:14 - 2014-10-20 14:23 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-10 18:20 - 2009-07-14 05:45 - 00031504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 18:20 - 2009-07-14 05:45 - 00031504 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 18:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-10 18:11 - 2014-10-09 17:14 - 01675678 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 18:09 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-10 18:09 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-09 14:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-09 13:54 - 2014-10-09 18:10 - 00000000 ____D () C:\Windows\Panther
2014-11-08 19:28 - 2011-04-12 09:34 - 00668376 _____ () C:\Windows\system32\perfh005.dat
2014-11-08 19:28 - 2011-04-12 09:34 - 00141004 _____ () C:\Windows\system32\perfc005.dat
2014-11-08 19:28 - 2009-07-14 06:13 - 01582262 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-07 17:54 - 2014-10-10 07:22 - 00000000 ____D () C:\Users\Dominik\AppData\Local\VirtualStore
2014-11-07 17:54 - 2014-10-10 07:21 - 00000000 ____D () C:\Users\Dominik
2014-11-07 14:14 - 2014-10-10 07:21 - 00000000 ___RD () C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-07 13:49 - 2011-04-12 09:34 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2014-11-05 18:40 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-11-05 18:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-20 14:53 - 2009-07-14 05:45 - 00408952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-20 14:51 - 2014-10-10 15:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-14 23:32 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-10-14 22:07 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-13 12:04 - 2014-10-10 07:22 - 00001393 _____ () C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-13 11:58 - 2011-04-12 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-13 11:58 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-10-13 10:38 - 2014-10-10 07:52 - 00109296 _____ () C:\Users\Dominik\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-13 10:29 - 2011-04-12 09:45 - 00000000 ____D () C:\Windows\ShellNew
2014-10-13 10:28 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-13 10:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-13 08:30 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-10-13 08:30 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
Some content of TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\7za.exe
C:\Users\Dominik\AppData\Local\Temp\hijackthis.exe
C:\Users\Dominik\AppData\Local\Temp\InstHelper.exe
C:\Users\Dominik\AppData\Local\Temp\NirCmd.exe
C:\Users\Dominik\AppData\Local\Temp\PEVZ.EXE
C:\Users\Dominik\AppData\Local\Temp\Quarantine.exe
C:\Users\Dominik\AppData\Local\Temp\remove.exe
C:\Users\Dominik\AppData\Local\Temp\sed.exe
C:\Users\Dominik\AppData\Local\Temp\shortcut.exe
C:\Users\Dominik\AppData\Local\Temp\sqlite3.dll
C:\Users\Dominik\AppData\Local\Temp\swreg.exe
C:\Users\Dominik\AppData\Local\Temp\swxcacls.exe
C:\Users\Dominik\AppData\Local\Temp\wget.exe
C:\Users\Dominik\AppData\Local\Temp\zoek-delete.exe
C:\Users\Dominik\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-09 14:25
==================== End Of Log ============================
Re: Prosím o pomoc s viry
pripadne jeste addition :
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014 01
Ran by Dominik at 2014-11-10 19:10:37
Running from C:\Users\Dominik\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{818912C6-BD97-B888-53F1-1C64148A754F}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
ESET NOD32 Antivirus (HKLM\...\{AB1AA952-0F66-42B2-B8B0-6B94FC500132}) (Version: 8.0.304.1 - ESET, spol s r. o.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.6.245 - Intel Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
20-10-2014 06:19:40 Windows Update
20-10-2014 13:23:14 Windows Update
20-10-2014 14:07:59 Instalováno Colin McRae Rally 3
20-10-2014 14:23:07 Instalováno Colin McRae Rally 3
20-10-2014 14:24:13 Instalováno Colin McRae Rally 3
28-10-2014 06:52:22 Windows Update
02-11-2014 20:44:50 Windows Update
06-11-2014 21:15:43 Windows Update
09-11-2014 18:53:00 Nainstalováno: ESET NOD32 Antivirus
10-11-2014 16:35:23 Windows Update
10-11-2014 16:57:56 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-11-10 17:58 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {08791E3C-EDB9-499C-A20F-9DA55A36E8C6} - \UNELEVATE_18548 No Task File <==== ATTENTION
Task: {914E95F2-2237-4F68-B5B4-D6A1B82A6CA7} - \SPBIW_UpdateTask_Time_313230383936313936302d5b554a6c6c5a23572a415534 No Task File <==== ATTENTION
Task: {A0BA8C03-1A06-4553-A4CD-6963AF75128C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {A67AEDFE-9D22-44F6-8BF1-4303A20F1687} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-13] (Adobe Systems Incorporated)
Task: {C44042B8-AF59-494B-876C-536904F75109} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {E4E9030E-72EE-40B8-B658-68B72BC5AE95} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-03-26 16:33 - 2012-03-26 16:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-23 20:19 - 2014-10-23 20:19 - 00043520 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2011-12-26 12:20 - 2011-12-26 12:20 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-03-29 22:07 - 2012-03-29 22:07 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-11-09 13:49 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-11-09 13:49 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-11-09 13:49 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-11-09 13:49 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-10-10 14:28 - 2013-01-14 22:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: mncnomqSrv => C:\Windows\system32\mncnomq.vbe
MSCONFIG\startupreg: mncqnmptpSrv => C:\Windows\system32\mncqnmptp.vbe
MSCONFIG\startupreg: mskiplSrv => "C:\Windows\system32\mskipl.vbe" msxodbl msqcuw
MSCONFIG\startupreg: msxysrlgSrv => "C:\Windows\system32\msxysrlg.vbe" mskyjkw mshsqfs
MSCONFIG\startupreg: Printsrv => c:\Windows\System32\Printing_Admin_Scripts\en-US\driverupd.vbs
MSCONFIG\startupreg: T-Mobile CManager => "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
========================= Accounts: ==========================
Administrator (S-1-5-21-2855382574-2868757954-685162649-500 - Administrator - Disabled)
Dominik (S-1-5-21-2855382574-2868757954-685162649-1000 - Administrator - Enabled) => C:\Users\Dominik
Guest (S-1-5-21-2855382574-2868757954-685162649-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2855382574-2868757954-685162649-1004 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/10/2014 06:14:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2014 05:56:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/10/2014 05:54:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2014 05:30:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/09/2014 09:31:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/09/2014 08:34:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/09/2014 07:50:49 PM) (Source: MsiInstaller) (EventID: 1013) (User: Dominik-PC)
Description: Product: ESET NOD32 Antivirus -- Tento instalační balíček je určen pro 32-bitové operační systémy. Použijte prosím instalační balíček pro 64-bitové operační systémy.
Error: (11/09/2014 05:13:56 PM) (Source: MsiInstaller) (EventID: 11309) (User: Dominik-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.
Error: (11/09/2014 05:11:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/09/2014 05:11:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (11/10/2014 06:18:25 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{5A3856C7-66AC-4B38-99B1-16B02661FED3} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.
Error: (11/10/2014 06:14:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ImportTaskTooltip neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (11/10/2014 06:14:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba FrozenOCRSoftware neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (11/10/2014 06:12:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DatabaseOSUtility.exe neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (11/10/2014 06:12:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ArchiveNetScrolling.exe neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (11/10/2014 06:11:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (11/10/2014 06:09:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (11/10/2014 06:09:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (11/10/2014 06:09:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (11/10/2014 06:09:03 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Microsoft Office Sessions:
=========================
Error: (11/10/2014 06:14:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2014 05:56:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe
Error: (11/10/2014 05:54:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2014 05:30:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/09/2014 09:31:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/09/2014 08:34:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/09/2014 07:50:49 PM) (Source: MsiInstaller) (EventID: 1013) (User: Dominik-PC)
Description: Product: ESET NOD32 Antivirus -- Tento instalační balíček je určen pro 32-bitové operační systémy. Použijte prosím instalační balíček pro 64-bitové operační systémy.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/09/2014 05:13:56 PM) (Source: MsiInstaller) (EventID: 11309) (User: Dominik-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/09/2014 05:11:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe
Error: (11/09/2014 05:11:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B970 @ 2.30GHz
Percentage of memory in use: 42%
Total physical RAM: 3979.72 MB
Available physical RAM: 2307.54 MB
Total Pagefile: 7957.62 MB
Available Pagefile: 5978.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.54 GB) (Free:658.97 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014 01
Ran by Dominik at 2014-11-10 19:10:37
Running from C:\Users\Dominik\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{818912C6-BD97-B888-53F1-1C64148A754F}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
ESET NOD32 Antivirus (HKLM\...\{AB1AA952-0F66-42B2-B8B0-6B94FC500132}) (Version: 8.0.304.1 - ESET, spol s r. o.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.6.245 - Intel Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
20-10-2014 06:19:40 Windows Update
20-10-2014 13:23:14 Windows Update
20-10-2014 14:07:59 Instalováno Colin McRae Rally 3
20-10-2014 14:23:07 Instalováno Colin McRae Rally 3
20-10-2014 14:24:13 Instalováno Colin McRae Rally 3
28-10-2014 06:52:22 Windows Update
02-11-2014 20:44:50 Windows Update
06-11-2014 21:15:43 Windows Update
09-11-2014 18:53:00 Nainstalováno: ESET NOD32 Antivirus
10-11-2014 16:35:23 Windows Update
10-11-2014 16:57:56 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-11-10 17:58 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {08791E3C-EDB9-499C-A20F-9DA55A36E8C6} - \UNELEVATE_18548 No Task File <==== ATTENTION
Task: {914E95F2-2237-4F68-B5B4-D6A1B82A6CA7} - \SPBIW_UpdateTask_Time_313230383936313936302d5b554a6c6c5a23572a415534 No Task File <==== ATTENTION
Task: {A0BA8C03-1A06-4553-A4CD-6963AF75128C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {A67AEDFE-9D22-44F6-8BF1-4303A20F1687} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-13] (Adobe Systems Incorporated)
Task: {C44042B8-AF59-494B-876C-536904F75109} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-09] (Google Inc.)
Task: {E4E9030E-72EE-40B8-B658-68B72BC5AE95} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-03-26 16:33 - 2012-03-26 16:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-23 20:19 - 2014-10-23 20:19 - 00043520 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2011-12-26 12:20 - 2011-12-26 12:20 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-03-29 22:07 - 2012-03-29 22:07 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-11-09 13:49 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-11-09 13:49 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-11-09 13:49 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-11-09 13:49 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-10-10 14:28 - 2013-01-14 22:25 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: mncnomqSrv => C:\Windows\system32\mncnomq.vbe
MSCONFIG\startupreg: mncqnmptpSrv => C:\Windows\system32\mncqnmptp.vbe
MSCONFIG\startupreg: mskiplSrv => "C:\Windows\system32\mskipl.vbe" msxodbl msqcuw
MSCONFIG\startupreg: msxysrlgSrv => "C:\Windows\system32\msxysrlg.vbe" mskyjkw mshsqfs
MSCONFIG\startupreg: Printsrv => c:\Windows\System32\Printing_Admin_Scripts\en-US\driverupd.vbs
MSCONFIG\startupreg: T-Mobile CManager => "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
========================= Accounts: ==========================
Administrator (S-1-5-21-2855382574-2868757954-685162649-500 - Administrator - Disabled)
Dominik (S-1-5-21-2855382574-2868757954-685162649-1000 - Administrator - Enabled) => C:\Users\Dominik
Guest (S-1-5-21-2855382574-2868757954-685162649-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2855382574-2868757954-685162649-1004 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/10/2014 06:14:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2014 05:56:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/10/2014 05:54:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2014 05:30:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/09/2014 09:31:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/09/2014 08:34:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/09/2014 07:50:49 PM) (Source: MsiInstaller) (EventID: 1013) (User: Dominik-PC)
Description: Product: ESET NOD32 Antivirus -- Tento instalační balíček je určen pro 32-bitové operační systémy. Použijte prosím instalační balíček pro 64-bitové operační systémy.
Error: (11/09/2014 05:13:56 PM) (Source: MsiInstaller) (EventID: 11309) (User: Dominik-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.
Error: (11/09/2014 05:11:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (11/09/2014 05:11:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Generování kontextu aktivace pro C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 se nezdařilo. Chyba v souboru manifestu nebo zásad C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 na řádku C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Součást 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (11/10/2014 06:18:25 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{5A3856C7-66AC-4B38-99B1-16B02661FED3} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.
Error: (11/10/2014 06:14:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ImportTaskTooltip neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (11/10/2014 06:14:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba FrozenOCRSoftware neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (11/10/2014 06:12:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DatabaseOSUtility.exe neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (11/10/2014 06:12:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ArchiveNetScrolling.exe neuspěla při spuštění v důsledku následující chyby:
%%2
Error: (11/10/2014 06:11:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (11/10/2014 06:09:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (11/10/2014 06:09:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (11/10/2014 06:09:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Error: (11/10/2014 06:09:03 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.
Microsoft Office Sessions:
=========================
Error: (11/10/2014 06:14:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2014 05:56:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe
Error: (11/10/2014 05:54:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/10/2014 05:30:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/09/2014 09:31:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/09/2014 08:34:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/09/2014 07:50:49 PM) (Source: MsiInstaller) (EventID: 1013) (User: Dominik-PC)
Description: Product: ESET NOD32 Antivirus -- Tento instalační balíček je určen pro 32-bitové operační systémy. Použijte prosím instalační balíček pro 64-bitové operační systémy.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/09/2014 05:13:56 PM) (Source: MsiInstaller) (EventID: 11309) (User: Dominik-PC)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt. System error 3. Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (11/09/2014 05:11:11 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe
Error: (11/09/2014 05:11:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B970 @ 2.30GHz
Percentage of memory in use: 42%
Total physical RAM: 3979.72 MB
Available physical RAM: 2307.54 MB
Total Pagefile: 7957.62 MB
Available Pagefile: 5978.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.54 GB) (Free:658.97 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Re: Prosím o pomoc s viry
Tvorba fixlistu pro FRST
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
Start CloseProcesses: HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f7fa-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f812-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f829-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {cb893064-52ab-11e4-a507-74e543f05c84} - F:\SETUP.EXE FF Extension: translatordontfollowmenet - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\translator@dontfollowme.net [2014-10-20] FF Extension: Seznam lištička - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-11-05] FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\{121761af-0fa5-4896-a2a8-cfdbac4e4982} [Not Found] FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\ROUAILDE73397174@UXGZI17268980.com [Not Found] FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\warnerroberts@hotmail.com [Not Found] FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\sepherdwilbur@aol.com [Not Found] FF Extension: No Name - {121761af-0fa5-4896-a2a8-cfdbac4e4982} [Not Found] FF Extension: No Name - ROUAILDE73397174@UXGZI17268980.com [Not Found] FF Extension: No Name - warnerroberts@hotmail.com [Not Found] FF Extension: No Name - {746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] S2 ArchiveNetScrolling.exe; C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\ArchiveNetScrolling.exe [X] S2 DatabaseOSUtility.exe; C:\Users\Dominik\AppData\Local\DatabaseOSUtility\DatabaseOSUtility.exe [X] S2 FrozenOCRSoftware; C:\Windows\SysWOW64\FrozenOCRSoftware\FrozenOCRSoftware.exe [X] S2 ImportTaskTooltip; C:\Windows\SysWOW64\ImportTaskTooltip\ImportTaskTooltip.exe [X] 2014-11-10 19:09 - 2014-11-10 19:10 - 00013334 _____ () C:\Users\Dominik\Desktop\FRST.txt 2014-11-10 18:09 - 2014-11-10 18:09 - 00000068 _____ () C:\files.log 2014-11-10 18:08 - 2014-11-10 18:09 - 00000076 _____ () C:\folders.log 2014-11-10 18:08 - 2014-11-10 18:08 - 00000000 ____D () C:\zoek 2014-11-10 17:57 - 2014-11-10 18:11 - 00016458 _____ () C:\zoek-results.log 2014-11-10 17:56 - 2014-11-10 18:11 - 00003200 _____ () C:\runcheck.txt 2014-11-10 17:56 - 2014-11-10 18:09 - 00000000 ____D () C:\zoek_backup 2014-11-10 17:55 - 2014-11-10 17:56 - 01294848 _____ () C:\Users\Dominik\Desktop\zoek.exe 2014-11-10 17:52 - 2014-11-10 17:52 - 00010975 _____ () C:\Users\Dominik\Desktop\AdwCleaner[S0].txt 2014-11-10 17:46 - 2014-11-10 17:51 - 00000000 ____D () C:\AdwCleaner 2014-11-10 17:46 - 2014-11-10 17:46 - 02140160 _____ () C:\Users\Dominik\Downloads\adwcleaner_4.101 (1).exe 2014-11-10 17:45 - 2014-11-10 17:45 - 02140160 _____ () C:\Users\Dominik\Downloads\adwcleaner_4.101.exe 2014-11-10 17:34 - 2014-11-10 17:34 - 00000000 ____D () C:\rsit 2014-11-10 17:34 - 2014-11-10 17:34 - 00000000 ____D () C:\Program Files\trend micro 2014-11-10 17:33 - 2014-11-10 17:33 - 01222144 _____ () C:\Users\Dominik\Downloads\RSITx64.exe 2014-11-09 19:49 - 2014-11-09 19:49 - 01223776 _____ (Zugara Investments Limited ) C:\Users\Dominik\Downloads\eavnt32csymsi.exe 2014-11-09 19:46 - 2014-11-09 19:46 - 01761992 _____ (ESET) C:\Users\Dominik\Downloads\eset_nod32_antivirus_live_installer_.exe 2014-11-09 17:11 - 2014-11-09 17:11 - 02347384 _____ (ESET) C:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe 2014-11-09 13:52 - 2014-11-09 13:52 - 04974864 _____ (Piriform Ltd) C:\Users\Dominik\Downloads\ccsetup419.exe 2014-11-08 13:40 - 2014-11-08 14:44 - 00003903 _____ () C:\Users\Dominik\AppData\Roaming\mskyjkw.dat 2014-11-08 13:40 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncqnmptp.exe 2014-11-08 13:40 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncqnmptp.exe 2014-11-08 13:40 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncqnmptp.exe 2014-11-07 17:54 - 2014-11-09 14:00 - 00000330 _____ () C:\Users\Dominik\rgut 2014-11-07 17:54 - 2014-11-07 17:54 - 00000003 _____ () C:\Users\Dominik\stut 2014-11-07 16:51 - 2014-11-09 17:13 - 00000029 _____ () C:\Users\Dominik\AppData\Roaming\msxodbl.dat 2014-11-07 13:49 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncnomq.exe 2014-11-07 13:49 - 2013-10-26 20:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll 2014-11-07 13:49 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncnomq.exe 2014-11-07 13:49 - 2013-10-26 20:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll 2014-11-07 13:49 - 2013-10-26 20:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll 2014-11-07 13:49 - 2013-10-26 20:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll 2014-11-07 13:49 - 2013-10-26 20:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll 2014-11-07 13:49 - 2013-10-26 20:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll 2014-11-07 13:49 - 2013-10-26 20:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl 2014-11-07 13:49 - 2013-10-26 20:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl 2014-11-07 13:49 - 2013-10-26 20:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl 2014-11-07 13:49 - 2013-10-26 20:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl 2014-11-07 13:49 - 2013-10-26 20:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl 2014-11-07 13:49 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncnomq.exe 2014-11-07 13:49 - 2013-05-31 16:32 - 00279955 _____ () C:\Windows\libidn-11.dll 2014-11-07 13:49 - 2013-05-31 16:32 - 00206309 _____ () C:\Windows\NEWS.txt 2014-11-07 13:49 - 2013-05-31 16:32 - 00183382 _____ () C:\Windows\librtmp.dll 2014-11-07 13:49 - 2013-05-31 16:32 - 00084992 _____ () C:\Windows\zlib1.dll 2014-11-07 13:49 - 2013-05-31 16:32 - 00064577 _____ () C:\Windows\miner.php 2014-11-07 13:49 - 2013-05-31 16:32 - 00049279 _____ () C:\Windows\API-README.txt 2014-11-07 13:49 - 2013-05-31 16:32 - 00044727 _____ () C:\Windows\diablo130302.cl 2014-11-07 13:49 - 2013-05-31 16:32 - 00043810 _____ () C:\Windows\poclbm130302.cl 2014-11-07 13:49 - 2013-05-31 16:32 - 00035821 _____ () C:\Windows\COPYING.txt 2014-11-07 13:49 - 2013-05-31 16:32 - 00031351 _____ () C:\Windows\README.txt 2014-11-07 13:49 - 2013-05-31 16:32 - 00030802 _____ () C:\Windows\diakgcn121016.cl 2014-11-07 13:49 - 2013-05-31 16:32 - 00024624 _____ () C:\Windows\GPU-README.txt 2014-11-07 13:49 - 2013-05-31 16:32 - 00023825 _____ () C:\Windows\scrypt130511.cl 2014-11-07 13:49 - 2013-05-31 16:32 - 00015886 _____ () C:\Windows\windows-build.txt 2014-11-07 13:49 - 2013-05-31 16:32 - 00013062 _____ () C:\Windows\phatk121016.cl 2014-11-07 13:49 - 2013-05-31 16:32 - 00011728 _____ () C:\Windows\FPGA-README.txt 2014-11-07 13:49 - 2013-05-31 16:32 - 00011166 _____ () C:\Windows\linux-usb-cgminer.txt 2014-11-07 13:49 - 2013-05-31 16:32 - 00009998 _____ () C:\Windows\SCRYPT-README.txt 2014-11-07 13:49 - 2013-05-31 16:32 - 00007530 _____ () C:\Windows\api-example.c 2014-11-07 13:49 - 2013-05-31 16:32 - 00004108 _____ () C:\Windows\ASIC-README.txt 2014-11-07 13:49 - 2013-05-31 16:32 - 00003431 _____ () C:\Windows\API.class 2014-11-07 13:49 - 2013-05-31 16:32 - 00003306 _____ () C:\Windows\API.java 2014-11-07 13:49 - 2013-05-31 16:32 - 00002174 _____ () C:\Windows\api-example.php 2014-11-07 13:49 - 2013-05-31 16:32 - 00000763 _____ () C:\Windows\example.conf 2014-11-07 13:49 - 2013-05-31 16:32 - 00000438 _____ () C:\Windows\AUTHORS.txt Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {08791E3C-EDB9-499C-A20F-9DA55A36E8C6} - \UNELEVATE_18548 No Task File <==== ATTENTION Task: {914E95F2-2237-4F68-B5B4-D6A1B82A6CA7} - \SPBIW_UpdateTask_Time_313230383936313936302d5b554a6c6c5a23572a415534 No Task File <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 C:\Windows\system32\mncnomq.vbe C:\Windows\system32\mncqnmptp.vbe C:\Windows\system32\mskipl.vbe C:\Windows\system32\msxysrlg.vbe Hosts: EmptyTemp: Reboot: End- Ulozte vytvoreny TXT jako fixlist.txt
- Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
- Kliknete na Fix
- Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o pomoc s viry
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01
Ran by Dominik at 2014-11-11 17:56:48 Run:1
Running from C:\Users\Dominik\Desktop
Loaded Profile: Dominik (Available profiles: Dominik)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f7fa-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f812-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f829-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {cb893064-52ab-11e4-a507-74e543f05c84} - F:\SETUP.EXE
FF Extension: translatordontfollowmenet - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\translator@dontfollowme.net [2014-10-20]
FF Extension: Seznam lištička - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-11-05]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\{121761af-0fa5-4896-a2a8-cfdbac4e4982} [Not Found]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\ROUAILDE73397174@UXGZI17268980.com [Not Found]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\warnerroberts@hotmail.com [Not Found]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\sepherdwilbur@aol.com [Not Found]
FF Extension: No Name - {121761af-0fa5-4896-a2a8-cfdbac4e4982} [Not Found]
FF Extension: No Name - ROUAILDE73397174@UXGZI17268980.com [Not Found]
FF Extension: No Name - warnerroberts@hotmail.com [Not Found]
FF Extension: No Name - {746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
S2 ArchiveNetScrolling.exe; C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\ArchiveNetScrolling.exe [X]
S2 DatabaseOSUtility.exe; C:\Users\Dominik\AppData\Local\DatabaseOSUtility\DatabaseOSUtility.exe [X]
S2 FrozenOCRSoftware; C:\Windows\SysWOW64\FrozenOCRSoftware\FrozenOCRSoftware.exe [X]
S2 ImportTaskTooltip; C:\Windows\SysWOW64\ImportTaskTooltip\ImportTaskTooltip.exe [X]
2014-11-10 19:09 - 2014-11-10 19:10 - 00013334 _____ () C:\Users\Dominik\Desktop\FRST.txt
2014-11-10 18:09 - 2014-11-10 18:09 - 00000068 _____ () C:\files.log
2014-11-10 18:08 - 2014-11-10 18:09 - 00000076 _____ () C:\folders.log
2014-11-10 18:08 - 2014-11-10 18:08 - 00000000 ____D () C:\zoek
2014-11-10 17:57 - 2014-11-10 18:11 - 00016458 _____ () C:\zoek-results.log
2014-11-10 17:56 - 2014-11-10 18:11 - 00003200 _____ () C:\runcheck.txt
2014-11-10 17:56 - 2014-11-10 18:09 - 00000000 ____D () C:\zoek_backup
2014-11-10 17:55 - 2014-11-10 17:56 - 01294848 _____ () C:\Users\Dominik\Desktop\zoek.exe
2014-11-10 17:52 - 2014-11-10 17:52 - 00010975 _____ () C:\Users\Dominik\Desktop\AdwCleaner[S0].txt
2014-11-10 17:46 - 2014-11-10 17:51 - 00000000 ____D () C:\AdwCleaner
2014-11-10 17:46 - 2014-11-10 17:46 - 02140160 _____ () C:\Users\Dominik\Downloads\adwcleaner_4.101 (1).exe
2014-11-10 17:45 - 2014-11-10 17:45 - 02140160 _____ () C:\Users\Dominik\Downloads\adwcleaner_4.101.exe
2014-11-10 17:34 - 2014-11-10 17:34 - 00000000 ____D () C:\rsit
2014-11-10 17:34 - 2014-11-10 17:34 - 00000000 ____D () C:\Program Files\trend micro
2014-11-10 17:33 - 2014-11-10 17:33 - 01222144 _____ () C:\Users\Dominik\Downloads\RSITx64.exe
2014-11-09 19:49 - 2014-11-09 19:49 - 01223776 _____ (Zugara Investments Limited ) C:\Users\Dominik\Downloads\eavnt32csymsi.exe
2014-11-09 19:46 - 2014-11-09 19:46 - 01761992 _____ (ESET) C:\Users\Dominik\Downloads\eset_nod32_antivirus_live_installer_.exe
2014-11-09 17:11 - 2014-11-09 17:11 - 02347384 _____ (ESET) C:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe
2014-11-09 13:52 - 2014-11-09 13:52 - 04974864 _____ (Piriform Ltd) C:\Users\Dominik\Downloads\ccsetup419.exe
2014-11-08 13:40 - 2014-11-08 14:44 - 00003903 _____ () C:\Users\Dominik\AppData\Roaming\mskyjkw.dat
2014-11-08 13:40 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncqnmptp.exe
2014-11-08 13:40 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncqnmptp.exe
2014-11-08 13:40 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncqnmptp.exe
2014-11-07 17:54 - 2014-11-09 14:00 - 00000330 _____ () C:\Users\Dominik\rgut
2014-11-07 17:54 - 2014-11-07 17:54 - 00000003 _____ () C:\Users\Dominik\stut
2014-11-07 16:51 - 2014-11-09 17:13 - 00000029 _____ () C:\Users\Dominik\AppData\Roaming\msxodbl.dat
2014-11-07 13:49 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncnomq.exe
2014-11-07 13:49 - 2013-10-26 20:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncnomq.exe
2014-11-07 13:49 - 2013-10-26 20:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2014-11-07 13:49 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncnomq.exe
2014-11-07 13:49 - 2013-05-31 16:32 - 00279955 _____ () C:\Windows\libidn-11.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00206309 _____ () C:\Windows\NEWS.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00183382 _____ () C:\Windows\librtmp.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00084992 _____ () C:\Windows\zlib1.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00064577 _____ () C:\Windows\miner.php
2014-11-07 13:49 - 2013-05-31 16:32 - 00049279 _____ () C:\Windows\API-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00044727 _____ () C:\Windows\diablo130302.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00043810 _____ () C:\Windows\poclbm130302.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00035821 _____ () C:\Windows\COPYING.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00031351 _____ () C:\Windows\README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00030802 _____ () C:\Windows\diakgcn121016.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00024624 _____ () C:\Windows\GPU-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00023825 _____ () C:\Windows\scrypt130511.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00015886 _____ () C:\Windows\windows-build.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00013062 _____ () C:\Windows\phatk121016.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00011728 _____ () C:\Windows\FPGA-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00011166 _____ () C:\Windows\linux-usb-cgminer.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00009998 _____ () C:\Windows\SCRYPT-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00007530 _____ () C:\Windows\api-example.c
2014-11-07 13:49 - 2013-05-31 16:32 - 00004108 _____ () C:\Windows\ASIC-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00003431 _____ () C:\Windows\API.class
2014-11-07 13:49 - 2013-05-31 16:32 - 00003306 _____ () C:\Windows\API.java
2014-11-07 13:49 - 2013-05-31 16:32 - 00002174 _____ () C:\Windows\api-example.php
2014-11-07 13:49 - 2013-05-31 16:32 - 00000763 _____ () C:\Windows\example.conf
2014-11-07 13:49 - 2013-05-31 16:32 - 00000438 _____ () C:\Windows\AUTHORS.txt
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {08791E3C-EDB9-499C-A20F-9DA55A36E8C6} - \UNELEVATE_18548 No Task File <==== ATTENTION
Task: {914E95F2-2237-4F68-B5B4-D6A1B82A6CA7} - \SPBIW_UpdateTask_Time_313230383936313936302d5b554a6c6c5a23572a415534 No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
C:\Windows\system32\mncnomq.vbe
C:\Windows\system32\mncqnmptp.vbe
C:\Windows\system32\mskipl.vbe
C:\Windows\system32\msxysrlg.vbe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value deleted successfully.
"HKU\S-1-5-21-2855382574-2868757954-685162649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6194f7fa-5b63-11e4-b74c-74e543f05c84}" => Key deleted successfully.
"HKCR\CLSID\{6194f7fa-5b63-11e4-b74c-74e543f05c84}" => Key not found.
"HKU\S-1-5-21-2855382574-2868757954-685162649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6194f812-5b63-11e4-b74c-74e543f05c84}" => Key deleted successfully.
"HKCR\CLSID\{6194f812-5b63-11e4-b74c-74e543f05c84}" => Key not found.
"HKU\S-1-5-21-2855382574-2868757954-685162649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6194f829-5b63-11e4-b74c-74e543f05c84}" => Key deleted successfully.
"HKCR\CLSID\{6194f829-5b63-11e4-b74c-74e543f05c84}" => Key not found.
"HKU\S-1-5-21-2855382574-2868757954-685162649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb893064-52ab-11e4-a507-74e543f05c84}" => Key deleted successfully.
"HKCR\CLSID\{cb893064-52ab-11e4-a507-74e543f05c84}" => Key not found.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\translator@dontfollowme.net => Moved successfully.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => Moved successfully.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\{121761af-0fa5-4896-a2a8-cfdbac4e4982} not found.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\ROUAILDE73397174@UXGZI17268980.com not found.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\warnerroberts@hotmail.com not found.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\sepherdwilbur@aol.com not found.
FF Extension: No Name - {121761af-0fa5-4896-a2a8-cfdbac4e4982} [Not Found] not found.
FF Extension: No Name - ROUAILDE73397174@UXGZI17268980.com [Not Found] not found.
FF Extension: No Name - warnerroberts@hotmail.com [Not Found] not found.
FF Extension: No Name - {746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found] not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
ArchiveNetScrolling.exe => Service deleted successfully.
DatabaseOSUtility.exe => Service deleted successfully.
FrozenOCRSoftware => Service deleted successfully.
ImportTaskTooltip => Service deleted successfully.
C:\Users\Dominik\Desktop\FRST.txt => Moved successfully.
C:\files.log => Moved successfully.
C:\folders.log => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\runcheck.txt => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Dominik\Desktop\zoek.exe => Moved successfully.
C:\Users\Dominik\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Dominik\Downloads\adwcleaner_4.101 (1).exe => Moved successfully.
C:\Users\Dominik\Downloads\adwcleaner_4.101.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Dominik\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Dominik\Downloads\eavnt32csymsi.exe => Moved successfully.
C:\Users\Dominik\Downloads\eset_nod32_antivirus_live_installer_.exe => Moved successfully.
C:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe => Moved successfully.
C:\Users\Dominik\Downloads\ccsetup419.exe => Moved successfully.
C:\Users\Dominik\AppData\Roaming\mskyjkw.dat => Moved successfully.
C:\Windows\SysWOW64\acumncqnmptp.exe => Moved successfully.
C:\Windows\SysWOW64\dcgmncqnmptp.exe => Moved successfully.
C:\Windows\SysWOW64\lcpmncqnmptp.exe => Moved successfully.
C:\Users\Dominik\rgut => Moved successfully.
C:\Users\Dominik\stut => Moved successfully.
C:\Users\Dominik\AppData\Roaming\msxodbl.dat => Moved successfully.
C:\Windows\SysWOW64\acumncnomq.exe => Moved successfully.
C:\Windows\SysWOW64\libeay32.dll => Moved successfully.
C:\Windows\SysWOW64\dcgmncnomq.exe => Moved successfully.
C:\Windows\SysWOW64\libcurl-4.dll => Moved successfully.
C:\Windows\SysWOW64\ssleay32.dll => Moved successfully.
C:\Windows\SysWOW64\libidn-11.dll => Moved successfully.
C:\Windows\SysWOW64\libssh2.dll => Moved successfully.
C:\Windows\SysWOW64\librtmp.dll => Moved successfully.
C:\Windows\SysWOW64\diablo130302.cl => Moved successfully.
C:\Windows\SysWOW64\poclbm130302.cl => Moved successfully.
C:\Windows\SysWOW64\diakgcn121016.cl => Moved successfully.
C:\Windows\SysWOW64\scrypt130511.cl => Moved successfully.
C:\Windows\SysWOW64\phatk121016.cl => Moved successfully.
C:\Windows\SysWOW64\lcpmncnomq.exe => Moved successfully.
C:\Windows\libidn-11.dll => Moved successfully.
C:\Windows\NEWS.txt => Moved successfully.
C:\Windows\librtmp.dll => Moved successfully.
C:\Windows\zlib1.dll => Moved successfully.
C:\Windows\miner.php => Moved successfully.
C:\Windows\API-README.txt => Moved successfully.
C:\Windows\diablo130302.cl => Moved successfully.
C:\Windows\poclbm130302.cl => Moved successfully.
C:\Windows\COPYING.txt => Moved successfully.
C:\Windows\README.txt => Moved successfully.
C:\Windows\diakgcn121016.cl => Moved successfully.
C:\Windows\GPU-README.txt => Moved successfully.
C:\Windows\scrypt130511.cl => Moved successfully.
C:\Windows\windows-build.txt => Moved successfully.
C:\Windows\phatk121016.cl => Moved successfully.
C:\Windows\FPGA-README.txt => Moved successfully.
C:\Windows\linux-usb-cgminer.txt => Moved successfully.
C:\Windows\SCRYPT-README.txt => Moved successfully.
C:\Windows\api-example.c => Moved successfully.
C:\Windows\ASIC-README.txt => Moved successfully.
C:\Windows\API.class => Moved successfully.
C:\Windows\API.java => Moved successfully.
C:\Windows\api-example.php => Moved successfully.
C:\Windows\example.conf => Moved successfully.
C:\Windows\AUTHORS.txt => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08791E3C-EDB9-499C-A20F-9DA55A36E8C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08791E3C-EDB9-499C-A20F-9DA55A36E8C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UNELEVATE_18548" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{914E95F2-2237-4F68-B5B4-D6A1B82A6CA7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{914E95F2-2237-4F68-B5B4-D6A1B82A6CA7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_313230383936313936302d5b554a6c6c5a23572a415534" => Key deleted successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
"C:\Windows\system32\mncnomq.vbe" => File/Directory not found.
"C:\Windows\system32\mncqnmptp.vbe" => File/Directory not found.
"C:\Windows\system32\mskipl.vbe" => File/Directory not found.
"C:\Windows\system32\msxysrlg.vbe" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 202.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Ran by Dominik at 2014-11-11 17:56:48 Run:1
Running from C:\Users\Dominik\Desktop
Loaded Profile: Dominik (Available profiles: Dominik)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f7fa-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f812-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {6194f829-5b63-11e4-b74c-74e543f05c84} - E:\Autorun.exe
HKU\S-1-5-21-2855382574-2868757954-685162649-1000\...\MountPoints2: {cb893064-52ab-11e4-a507-74e543f05c84} - F:\SETUP.EXE
FF Extension: translatordontfollowmenet - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\translator@dontfollowme.net [2014-10-20]
FF Extension: Seznam lištička - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2014-11-05]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\{121761af-0fa5-4896-a2a8-cfdbac4e4982} [Not Found]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\ROUAILDE73397174@UXGZI17268980.com [Not Found]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\warnerroberts@hotmail.com [Not Found]
FF Extension: No Name - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\sepherdwilbur@aol.com [Not Found]
FF Extension: No Name - {121761af-0fa5-4896-a2a8-cfdbac4e4982} [Not Found]
FF Extension: No Name - ROUAILDE73397174@UXGZI17268980.com [Not Found]
FF Extension: No Name - warnerroberts@hotmail.com [Not Found]
FF Extension: No Name - {746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
S2 ArchiveNetScrolling.exe; C:\Users\Dominik\AppData\Local\ArchiveNetScrolling\ArchiveNetScrolling.exe [X]
S2 DatabaseOSUtility.exe; C:\Users\Dominik\AppData\Local\DatabaseOSUtility\DatabaseOSUtility.exe [X]
S2 FrozenOCRSoftware; C:\Windows\SysWOW64\FrozenOCRSoftware\FrozenOCRSoftware.exe [X]
S2 ImportTaskTooltip; C:\Windows\SysWOW64\ImportTaskTooltip\ImportTaskTooltip.exe [X]
2014-11-10 19:09 - 2014-11-10 19:10 - 00013334 _____ () C:\Users\Dominik\Desktop\FRST.txt
2014-11-10 18:09 - 2014-11-10 18:09 - 00000068 _____ () C:\files.log
2014-11-10 18:08 - 2014-11-10 18:09 - 00000076 _____ () C:\folders.log
2014-11-10 18:08 - 2014-11-10 18:08 - 00000000 ____D () C:\zoek
2014-11-10 17:57 - 2014-11-10 18:11 - 00016458 _____ () C:\zoek-results.log
2014-11-10 17:56 - 2014-11-10 18:11 - 00003200 _____ () C:\runcheck.txt
2014-11-10 17:56 - 2014-11-10 18:09 - 00000000 ____D () C:\zoek_backup
2014-11-10 17:55 - 2014-11-10 17:56 - 01294848 _____ () C:\Users\Dominik\Desktop\zoek.exe
2014-11-10 17:52 - 2014-11-10 17:52 - 00010975 _____ () C:\Users\Dominik\Desktop\AdwCleaner[S0].txt
2014-11-10 17:46 - 2014-11-10 17:51 - 00000000 ____D () C:\AdwCleaner
2014-11-10 17:46 - 2014-11-10 17:46 - 02140160 _____ () C:\Users\Dominik\Downloads\adwcleaner_4.101 (1).exe
2014-11-10 17:45 - 2014-11-10 17:45 - 02140160 _____ () C:\Users\Dominik\Downloads\adwcleaner_4.101.exe
2014-11-10 17:34 - 2014-11-10 17:34 - 00000000 ____D () C:\rsit
2014-11-10 17:34 - 2014-11-10 17:34 - 00000000 ____D () C:\Program Files\trend micro
2014-11-10 17:33 - 2014-11-10 17:33 - 01222144 _____ () C:\Users\Dominik\Downloads\RSITx64.exe
2014-11-09 19:49 - 2014-11-09 19:49 - 01223776 _____ (Zugara Investments Limited ) C:\Users\Dominik\Downloads\eavnt32csymsi.exe
2014-11-09 19:46 - 2014-11-09 19:46 - 01761992 _____ (ESET) C:\Users\Dominik\Downloads\eset_nod32_antivirus_live_installer_.exe
2014-11-09 17:11 - 2014-11-09 17:11 - 02347384 _____ (ESET) C:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe
2014-11-09 13:52 - 2014-11-09 13:52 - 04974864 _____ (Piriform Ltd) C:\Users\Dominik\Downloads\ccsetup419.exe
2014-11-08 13:40 - 2014-11-08 14:44 - 00003903 _____ () C:\Users\Dominik\AppData\Roaming\mskyjkw.dat
2014-11-08 13:40 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncqnmptp.exe
2014-11-08 13:40 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncqnmptp.exe
2014-11-08 13:40 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncqnmptp.exe
2014-11-07 17:54 - 2014-11-09 14:00 - 00000330 _____ () C:\Users\Dominik\rgut
2014-11-07 17:54 - 2014-11-07 17:54 - 00000003 _____ () C:\Users\Dominik\stut
2014-11-07 16:51 - 2014-11-09 17:13 - 00000029 _____ () C:\Users\Dominik\AppData\Roaming\msxodbl.dat
2014-11-07 13:49 - 2013-12-10 00:30 - 10236928 ____S () C:\Windows\SysWOW64\acumncnomq.exe
2014-11-07 13:49 - 2013-10-26 20:30 - 01704448 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00972814 ____S () C:\Windows\SysWOW64\dcgmncnomq.exe
2014-11-07 13:49 - 2013-10-26 20:30 - 00538126 ____S () C:\Windows\SysWOW64\libcurl-4.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00364544 ____S (The OpenSSL Project, http://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00192512 ____S () C:\Windows\SysWOW64\libidn-11.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00171008 ____S (The libssh2 library, http://www.libssh2.org/) C:\Windows\SysWOW64\libssh2.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00133632 ____S () C:\Windows\SysWOW64\librtmp.dll
2014-11-07 13:49 - 2013-10-26 20:30 - 00044727 ____S () C:\Windows\SysWOW64\diablo130302.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00043810 ____S () C:\Windows\SysWOW64\poclbm130302.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00030802 ____S () C:\Windows\SysWOW64\diakgcn121016.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00023825 ____S () C:\Windows\SysWOW64\scrypt130511.cl
2014-11-07 13:49 - 2013-10-26 20:30 - 00013062 ____S () C:\Windows\SysWOW64\phatk121016.cl
2014-11-07 13:49 - 2013-07-18 16:06 - 00187904 ____S () C:\Windows\SysWOW64\lcpmncnomq.exe
2014-11-07 13:49 - 2013-05-31 16:32 - 00279955 _____ () C:\Windows\libidn-11.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00206309 _____ () C:\Windows\NEWS.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00183382 _____ () C:\Windows\librtmp.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00084992 _____ () C:\Windows\zlib1.dll
2014-11-07 13:49 - 2013-05-31 16:32 - 00064577 _____ () C:\Windows\miner.php
2014-11-07 13:49 - 2013-05-31 16:32 - 00049279 _____ () C:\Windows\API-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00044727 _____ () C:\Windows\diablo130302.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00043810 _____ () C:\Windows\poclbm130302.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00035821 _____ () C:\Windows\COPYING.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00031351 _____ () C:\Windows\README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00030802 _____ () C:\Windows\diakgcn121016.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00024624 _____ () C:\Windows\GPU-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00023825 _____ () C:\Windows\scrypt130511.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00015886 _____ () C:\Windows\windows-build.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00013062 _____ () C:\Windows\phatk121016.cl
2014-11-07 13:49 - 2013-05-31 16:32 - 00011728 _____ () C:\Windows\FPGA-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00011166 _____ () C:\Windows\linux-usb-cgminer.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00009998 _____ () C:\Windows\SCRYPT-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00007530 _____ () C:\Windows\api-example.c
2014-11-07 13:49 - 2013-05-31 16:32 - 00004108 _____ () C:\Windows\ASIC-README.txt
2014-11-07 13:49 - 2013-05-31 16:32 - 00003431 _____ () C:\Windows\API.class
2014-11-07 13:49 - 2013-05-31 16:32 - 00003306 _____ () C:\Windows\API.java
2014-11-07 13:49 - 2013-05-31 16:32 - 00002174 _____ () C:\Windows\api-example.php
2014-11-07 13:49 - 2013-05-31 16:32 - 00000763 _____ () C:\Windows\example.conf
2014-11-07 13:49 - 2013-05-31 16:32 - 00000438 _____ () C:\Windows\AUTHORS.txt
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {08791E3C-EDB9-499C-A20F-9DA55A36E8C6} - \UNELEVATE_18548 No Task File <==== ATTENTION
Task: {914E95F2-2237-4F68-B5B4-D6A1B82A6CA7} - \SPBIW_UpdateTask_Time_313230383936313936302d5b554a6c6c5a23572a415534 No Task File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
C:\Windows\system32\mncnomq.vbe
C:\Windows\system32\mncqnmptp.vbe
C:\Windows\system32\mskipl.vbe
C:\Windows\system32\msxysrlg.vbe
Hosts:
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value deleted successfully.
"HKU\S-1-5-21-2855382574-2868757954-685162649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6194f7fa-5b63-11e4-b74c-74e543f05c84}" => Key deleted successfully.
"HKCR\CLSID\{6194f7fa-5b63-11e4-b74c-74e543f05c84}" => Key not found.
"HKU\S-1-5-21-2855382574-2868757954-685162649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6194f812-5b63-11e4-b74c-74e543f05c84}" => Key deleted successfully.
"HKCR\CLSID\{6194f812-5b63-11e4-b74c-74e543f05c84}" => Key not found.
"HKU\S-1-5-21-2855382574-2868757954-685162649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6194f829-5b63-11e4-b74c-74e543f05c84}" => Key deleted successfully.
"HKCR\CLSID\{6194f829-5b63-11e4-b74c-74e543f05c84}" => Key not found.
"HKU\S-1-5-21-2855382574-2868757954-685162649-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb893064-52ab-11e4-a507-74e543f05c84}" => Key deleted successfully.
"HKCR\CLSID\{cb893064-52ab-11e4-a507-74e543f05c84}" => Key not found.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\translator@dontfollowme.net => Moved successfully.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => Moved successfully.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\{121761af-0fa5-4896-a2a8-cfdbac4e4982} not found.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\ROUAILDE73397174@UXGZI17268980.com not found.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\warnerroberts@hotmail.com not found.
C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\nfj20qwv.default\extensions\sepherdwilbur@aol.com not found.
FF Extension: No Name - {121761af-0fa5-4896-a2a8-cfdbac4e4982} [Not Found] not found.
FF Extension: No Name - ROUAILDE73397174@UXGZI17268980.com [Not Found] not found.
FF Extension: No Name - warnerroberts@hotmail.com [Not Found] not found.
FF Extension: No Name - {746505DC-0E21-4667-97F8-72EA6BCF5EEF} [Not Found] not found.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found.
ArchiveNetScrolling.exe => Service deleted successfully.
DatabaseOSUtility.exe => Service deleted successfully.
FrozenOCRSoftware => Service deleted successfully.
ImportTaskTooltip => Service deleted successfully.
C:\Users\Dominik\Desktop\FRST.txt => Moved successfully.
C:\files.log => Moved successfully.
C:\folders.log => Moved successfully.
C:\zoek => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\runcheck.txt => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\Users\Dominik\Desktop\zoek.exe => Moved successfully.
C:\Users\Dominik\Desktop\AdwCleaner[S0].txt => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Users\Dominik\Downloads\adwcleaner_4.101 (1).exe => Moved successfully.
C:\Users\Dominik\Downloads\adwcleaner_4.101.exe => Moved successfully.
C:\rsit => Moved successfully.
C:\Program Files\trend micro => Moved successfully.
C:\Users\Dominik\Downloads\RSITx64.exe => Moved successfully.
C:\Users\Dominik\Downloads\eavnt32csymsi.exe => Moved successfully.
C:\Users\Dominik\Downloads\eset_nod32_antivirus_live_installer_.exe => Moved successfully.
C:\Users\Dominik\Downloads\esetsmartinstaller_csy.exe => Moved successfully.
C:\Users\Dominik\Downloads\ccsetup419.exe => Moved successfully.
C:\Users\Dominik\AppData\Roaming\mskyjkw.dat => Moved successfully.
C:\Windows\SysWOW64\acumncqnmptp.exe => Moved successfully.
C:\Windows\SysWOW64\dcgmncqnmptp.exe => Moved successfully.
C:\Windows\SysWOW64\lcpmncqnmptp.exe => Moved successfully.
C:\Users\Dominik\rgut => Moved successfully.
C:\Users\Dominik\stut => Moved successfully.
C:\Users\Dominik\AppData\Roaming\msxodbl.dat => Moved successfully.
C:\Windows\SysWOW64\acumncnomq.exe => Moved successfully.
C:\Windows\SysWOW64\libeay32.dll => Moved successfully.
C:\Windows\SysWOW64\dcgmncnomq.exe => Moved successfully.
C:\Windows\SysWOW64\libcurl-4.dll => Moved successfully.
C:\Windows\SysWOW64\ssleay32.dll => Moved successfully.
C:\Windows\SysWOW64\libidn-11.dll => Moved successfully.
C:\Windows\SysWOW64\libssh2.dll => Moved successfully.
C:\Windows\SysWOW64\librtmp.dll => Moved successfully.
C:\Windows\SysWOW64\diablo130302.cl => Moved successfully.
C:\Windows\SysWOW64\poclbm130302.cl => Moved successfully.
C:\Windows\SysWOW64\diakgcn121016.cl => Moved successfully.
C:\Windows\SysWOW64\scrypt130511.cl => Moved successfully.
C:\Windows\SysWOW64\phatk121016.cl => Moved successfully.
C:\Windows\SysWOW64\lcpmncnomq.exe => Moved successfully.
C:\Windows\libidn-11.dll => Moved successfully.
C:\Windows\NEWS.txt => Moved successfully.
C:\Windows\librtmp.dll => Moved successfully.
C:\Windows\zlib1.dll => Moved successfully.
C:\Windows\miner.php => Moved successfully.
C:\Windows\API-README.txt => Moved successfully.
C:\Windows\diablo130302.cl => Moved successfully.
C:\Windows\poclbm130302.cl => Moved successfully.
C:\Windows\COPYING.txt => Moved successfully.
C:\Windows\README.txt => Moved successfully.
C:\Windows\diakgcn121016.cl => Moved successfully.
C:\Windows\GPU-README.txt => Moved successfully.
C:\Windows\scrypt130511.cl => Moved successfully.
C:\Windows\windows-build.txt => Moved successfully.
C:\Windows\phatk121016.cl => Moved successfully.
C:\Windows\FPGA-README.txt => Moved successfully.
C:\Windows\linux-usb-cgminer.txt => Moved successfully.
C:\Windows\SCRYPT-README.txt => Moved successfully.
C:\Windows\api-example.c => Moved successfully.
C:\Windows\ASIC-README.txt => Moved successfully.
C:\Windows\API.class => Moved successfully.
C:\Windows\API.java => Moved successfully.
C:\Windows\api-example.php => Moved successfully.
C:\Windows\example.conf => Moved successfully.
C:\Windows\AUTHORS.txt => Moved successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08791E3C-EDB9-499C-A20F-9DA55A36E8C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08791E3C-EDB9-499C-A20F-9DA55A36E8C6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UNELEVATE_18548" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{914E95F2-2237-4F68-B5B4-D6A1B82A6CA7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{914E95F2-2237-4F68-B5B4-D6A1B82A6CA7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_313230383936313936302d5b554a6c6c5a23572a415534" => Key deleted successfully.
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully.
"C:\Windows\system32\mncnomq.vbe" => File/Directory not found.
"C:\Windows\system32\mncqnmptp.vbe" => File/Directory not found.
"C:\Windows\system32\mskipl.vbe" => File/Directory not found.
"C:\Windows\system32\msxysrlg.vbe" => File/Directory not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 202.7 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Re: Prosím o pomoc s viry
DelFix https://toolslib.net/downloads/finish/2/
- Stahnete a spustte
- Ponechte zatrzitkou pouze u volby Remote disinfection tools
- Kliknete na Run
Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standardPanel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o pomoc s viry
mockrát děkuji za pomoc !!
Re: Prosím o pomoc s viry
Zase nekdy 
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?