VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Stažené breberky

https://forum.viry.cz:443/viewtopic.php?t=145109

Stránka 1 z 1

Stažené breberky

Napsal: 07 črc 2015 11:10
od RomanL2
Dobrý den, kolega hledal něco na netu a stáhl si do počítače asi nějaký malware (změny domácích stránek, vyskakování reklam). Mohli byste se mu na to prosím podívat? Přikládám log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-07-2015
Ran by Admin (administrator) on JOSHUA-PC on 07-07-2015 11:58:49
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Joshua & Admin & Guest)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgwdsvc.exe
(XTab system) C:\Program Files\XTab\ProtectService.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7Debug\mdm.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgemc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgcsrvx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgchsvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG9\avgtray.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(SearchProtect) C:\Program Files\XTab\CmdShell.exe
(XTab system) C:\Program Files\XTab\HPNotify.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVG9_TRAY] => C:\Program Files\AVG\AVG9\avgtray.exe [2079792 2014-12-12] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [USBToolTip] => C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKU\S-1-5-18\...\MountPoints2: {07519efc-b7b1-11df-b366-806e6f6e6963} - D:\autorun.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-page.com/web/?type=ds& ... earchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-page.com/web/?type=ds& ... earchTerms}
HKU\S-1-5-21-2478267369-3852865027-1035928736-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\.DEFAULT -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\.DEFAULT -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG9\avgssie.dll [2010-11-25] (AVG Technologies CZ, s.r.o.)
BHO: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files\XTab\SupTab.dll [2015-07-01] (Thinknice Co. Limited)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09] (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll [2010-09-03] (AVG Technologies CZ, s.r.o.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29C16DF2-85B4-48C1-AF16-BF53AAABC9FD}: [DhcpNameServer] 192.168.1.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.sweet-page.com/?type=sc&ts=1 ... J1NQ802225

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-07] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2013-12-19] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-03] (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-03]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-03]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-03]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-03]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-03]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-03]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()
R2 avg9emc; C:\Program Files\AVG\AVG9\avgemc.exe [921952 2010-09-03] (AVG Technologies CZ, s.r.o.)
R2 avg9wd; C:\Program Files\AVG\AVG9\avgwdsvc.exe [308136 2010-09-03] (AVG Technologies CZ, s.r.o.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IHProtect Service; C:\Program Files\XTab\ProtectService.exe [125056 2015-07-01] (XTab system)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
S2 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)
R1 AvgLdx86; C:\Windows\System32\Drivers\avgldx86.sys [226016 2013-07-23] (AVG Technologies CZ, s.r.o.)
R1 AvgMfx86; C:\Windows\System32\Drivers\avgmfx86.sys [29712 2011-09-13] (AVG Technologies CZ, s.r.o.)
R1 AvgTdiX; C:\Windows\System32\Drivers\avgtdix.sys [243152 2011-05-09] (AVG Technologies CZ, s.r.o.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
R3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation )
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 Ser2pl; system32\DRIVERS\ser2pl.sys [X]
S3 Ser2plx86; system32\DRIVERS\ser2pl.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 11:58 - 2015-07-07 11:59 - 00015948 _____ C:\Users\Admin\Desktop\FRST.txt
2015-07-07 11:58 - 2015-07-07 11:58 - 00000000 ____D C:\FRST
2015-07-07 11:50 - 2015-07-07 11:50 - 00112640 _____ (forum.viry.cz) C:\Users\Admin\Desktop\FRSTLauncher.exe
2015-07-07 11:46 - 2015-07-07 11:46 - 01636352 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2015-07-07 11:26 - 2015-07-07 11:52 - 00000112 _____ C:\Windows\setupact.log
2015-07-07 11:26 - 2015-07-07 11:26 - 00000000 _____ C:\Windows\setuperr.log
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ATI
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Users\Admin\AppData\Local\ATI
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\ProgramData\ATI
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\ProgramData\AMD
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Program Files\AMD AVT
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Program Files\AMD APP
2015-07-07 11:22 - 2015-07-07 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-07-07 11:21 - 2015-07-07 11:21 - 00000000 ____D C:\Program Files\ATI
2015-07-07 11:20 - 2015-07-07 11:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\FastStone
2015-07-07 11:19 - 2015-07-07 11:22 - 00000000 ____D C:\Program Files\ATI Technologies
2015-07-07 11:19 - 2015-07-07 11:19 - 00000000 ____D C:\AMD
2015-07-07 11:15 - 2014-05-08 11:06 - 02742784 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-07 11:15 - 2014-05-08 11:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-07 11:03 - 2012-08-23 16:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-07 11:03 - 2012-08-23 16:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-07 11:03 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-07-07 11:02 - 2013-10-02 02:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-07-07 11:02 - 2013-10-02 02:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-07-07 11:02 - 2013-10-02 02:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-07-07 11:02 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-07-07 11:02 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-07-07 11:02 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-07 11:02 - 2013-10-02 01:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-07-07 11:02 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-07 11:02 - 2013-10-02 01:00 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-07 11:02 - 2013-10-02 00:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-07 11:02 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-07-07 11:02 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-07 11:00 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-07 11:00 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-07 11:00 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-07 11:00 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-07 11:00 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-07 11:00 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-07 11:00 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 02937344 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 02045952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-07 10:59 - 2015-05-09 05:13 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-07 10:59 - 2015-05-09 05:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-07 10:59 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-07 10:59 - 2015-05-09 05:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-07 10:58 - 2015-07-07 11:01 - 109291464 _____ (Advanced Micro Devices, Inc.) C:\Users\Admin\Downloads\13-9-legacy_vista_win7_32_dd_ccc_whql.exe
2015-07-07 10:48 - 2015-07-07 10:51 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-07 10:48 - 2015-07-07 10:48 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-03 11:53 - 2015-07-03 11:53 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-03 11:53 - 2015-07-03 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-03 11:53 - 2015-07-03 11:53 - 00000000 ____D C:\Program Files\CCleaner
2015-07-03 10:38 - 2015-07-03 10:38 - 00000000 ____D C:\Users\Admin\AppData\Local\GHISLER
2015-07-03 10:32 - 2015-07-03 10:32 - 00000000 ____D C:\Users\Admin\SupTab
2015-07-03 10:28 - 2015-07-07 10:55 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieUserList
2015-07-03 10:28 - 2015-07-07 10:55 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieSiteList
2015-07-03 10:28 - 2015-07-07 10:55 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieBrowserModeList
2015-07-03 10:28 - 2015-07-03 10:28 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Macromedia
2015-07-03 10:14 - 2015-07-03 10:14 - 00003408 ____N C:\bootsqm.dat
2015-07-03 09:46 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-03 09:26 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-03 09:26 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-03 09:26 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-03 09:26 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-03 09:26 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-03 09:26 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-03 09:26 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-03 09:26 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-03 09:26 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-03 09:26 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-03 09:26 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-03 09:26 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-03 09:26 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-03 09:26 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-03 09:26 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-03 09:26 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-03 09:26 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-03 09:26 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-03 09:26 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-03 09:26 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-03 09:26 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-03 09:26 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-03 09:26 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-03 09:26 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-03 09:26 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-03 09:26 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-03 09:26 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-03 09:26 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-03 09:26 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-03 09:26 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-03 09:26 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-03 09:26 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-03 09:26 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-03 09:26 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-03 09:26 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-03 09:26 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-03 09:26 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-07-03 09:26 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-07-03 09:26 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-07-03 09:26 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-03 09:26 - 2015-01-28 01:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-07-03 09:21 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-07-03 09:21 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-03 09:21 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-03 09:21 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-03 09:21 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-03 09:21 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-07-03 09:21 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-03 09:21 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-03 09:21 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-03 09:21 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-07-03 09:21 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-03 09:21 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-07-03 09:21 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-07-03 09:21 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-03 09:21 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-07-03 09:21 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-03 09:21 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-07-03 09:21 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-03 09:21 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-07-03 09:21 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-03 09:20 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-07-03 09:20 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-03 09:20 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-03 09:20 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-07-03 09:20 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-03 09:20 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-03 09:20 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-03 09:20 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-03 09:20 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-03 09:20 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-03 09:20 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-03 09:20 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-07-03 09:20 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-07-03 09:20 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-07-03 09:20 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-07-03 09:20 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-07-03 09:20 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-03 08:59 - 2015-07-03 08:59 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Picexa Viewer
2015-07-03 08:58 - 2015-07-03 08:58 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-07-03 08:58 - 2015-07-03 08:58 - 00000000 ____D C:\Program Files\XTab
2015-06-25 14:01 - 2015-07-03 09:25 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Canon
2015-06-25 13:59 - 2015-06-25 13:59 - 06420480 _____ C:\Program Files\GUT1B63.tmp
2015-06-25 13:59 - 2015-06-25 13:59 - 00125104 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-25 13:59 - 2015-06-25 13:59 - 00000000 ____D C:\Program Files\GUM1B14.tmp
2015-06-25 13:58 - 2015-06-25 13:58 - 00000000 ____D C:\Users\Admin\AppData\Local\Google

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-07 11:59 - 2010-09-04 01:17 - 01476238 _____ C:\Windows\WindowsUpdate.log
2015-07-07 11:58 - 2010-09-03 17:38 - 01583470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-07 11:57 - 2010-12-09 23:34 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-07 11:55 - 2009-07-14 06:34 - 00013760 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-07 11:55 - 2009-07-14 06:34 - 00013760 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-07 11:54 - 2010-12-09 23:34 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-07 11:52 - 2014-03-20 22:04 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-07 11:52 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-07 11:43 - 2011-01-25 23:03 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000UA.job
2015-07-07 11:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-07 11:32 - 2014-03-20 21:50 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-07 11:32 - 2014-03-20 21:50 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-07 11:07 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-07 11:07 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-07 10:55 - 2010-09-03 23:48 - 00000000 ____D C:\Windows\system32\Drivers\Avg
2015-07-07 10:49 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2015-07-07 10:48 - 2014-05-08 00:55 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-07 10:48 - 2009-07-14 09:50 - 00000000 ____D C:\Program Files\Windows Journal
2015-07-07 10:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-03 12:26 - 2009-07-14 06:33 - 00447712 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-03 12:00 - 2014-02-08 12:43 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-03 11:53 - 2011-03-19 04:22 - 00000000 ____D C:\Windows\Minidump
2015-07-03 11:53 - 2010-09-04 02:11 - 00000000 ____D C:\Windows\Panther
2015-07-03 10:32 - 2010-10-02 09:31 - 00000000 ____D C:\Users\Admin
2015-07-03 09:40 - 2013-08-14 23:36 - 00000000 ____D C:\Windows\system32\MRT
2015-07-03 09:14 - 2010-09-11 13:53 - 00000000 ____D C:\Program Files\Boris FX, Inc
2015-07-03 09:09 - 2014-05-27 12:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-03 09:01 - 2014-10-06 17:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-03 08:58 - 2010-12-11 20:31 - 00000000 _____ C:\Users\Guest\AppData\Local\prvlcl.dat
2015-07-03 08:57 - 2014-08-06 23:46 - 00000000 ____D C:\ProgramData\IePluginServices
2015-07-03 08:56 - 2014-02-08 12:31 - 00000000 ___RD C:\Users\TEMP\Virtual Machines
2015-07-03 08:55 - 2013-12-23 21:30 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-06-25 13:59 - 2010-10-02 09:34 - 00000000 ____D C:\Users\Admin\Documents\The KMPlayer
2015-06-25 13:58 - 2010-10-02 09:32 - 00000000 ___RD C:\Users\Admin\Virtual Machines
2015-06-25 13:54 - 2011-01-25 23:03 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000Core.job

==================== Files in the root of some directories =======

2015-06-25 13:59 - 2015-06-25 13:59 - 6420480 _____ () C:\Program Files\GUT1B63.tmp
2010-10-03 16:23 - 2013-08-10 02:04 - 0000024 _____ () C:\ProgramData\__FileUploader.log

Files to move or delete:
====================
C:\Users\Joshua\xobglu16.dll
C:\Users\Joshua\xobglu32.dll


Some files in TEMP:
====================
C:\Users\Joshua\AppData\Local\Temp\AutoRun.exe
C:\Users\Joshua\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Joshua\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\Joshua\AppData\Local\Temp\eauninstall.exe
C:\Users\Joshua\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Joshua\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Joshua\AppData\Local\Temp\Myashampoo.exe
C:\Users\Joshua\AppData\Local\Temp\NHL 2003_uninst.exe
C:\Users\Joshua\AppData\Local\Temp\uninstall.exe
C:\Users\Joshua\AppData\Local\Temp\_is2490.exe
C:\Users\Joshua\AppData\Local\Temp\_is370C.exe
C:\Users\Joshua\AppData\Local\Temp\_is5630.exe
C:\Users\Joshua\AppData\Local\Temp\_is9255.exe
C:\Users\Joshua\AppData\Local\Temp\_isA1DA.exe
C:\Users\Joshua\AppData\Local\Temp\_isB6C6.exe
C:\Users\Joshua\AppData\Local\Temp\_isD9C.exe
C:\Users\Joshua\AppData\Local\Temp\_isFAA8.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 11:09




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:596.16 GB) (Free:42.03 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Available physical RAM: 2116.91 MB
Total physical RAM: 3199.12 MB
Percentage of memory in use: 33%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 0F980F97)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000Core.job => C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000UA.job => C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

AlternateDataStreams: C:\ProgramData\TEMP:E7D2A25A

==================== Security Center ==================

AV: AVG Anti-Virus Free (Disabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free (Disabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Admin\Desktop" je 1 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Stažené breberky

Napsal: 08 črc 2015 06:24
od RomanL2
Provedeno, zde log z AdwCleaneru, za ním log z aswMBR:

# AdwCleaner v4.207 - Log vytvořen 07/07/2015 v 15:53:15
# Aktualizováno 21/06/2015 by Xplode
# Databáze : 2015-07-05.2 [Server]
# Operační system : Windows 7 Ultimate Service Pack 1 (x86)
# Uživatelské jméno : Admin - JOSHUA-PC
# Spuštěno z : C:\Users\Admin\Desktop\adwcleaner_4.207.exe
# Nastavení : Čištění

***** [ Služby ] *****

[#] Služba Smazáno : AVG Security Toolbar Service
[#] Služba Smazáno : IHProtect Service

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\apn
Složka Smazáno : C:\ProgramData\AVG Security Toolbar
Složka Smazáno : C:\ProgramData\ICQ\ICQToolbar
Složka Smazáno : C:\ProgramData\IePluginServices
Složka Smazáno : C:\ProgramData\Trymedia
Složka Smazáno : C:\ProgramData\WindowsMangerProtect
Složka Smazáno : C:\ProgramData\IHProtectUpDate
Složka Smazáno : C:\Program Files\ICQ6Toolbar
Složka Smazáno : C:\Program Files\Mobogenie
Složka Smazáno : C:\Program Files\XTab
Složka Smazáno : C:\Windows\system32\config\systemprofile\AppData\Local\AVG Secure Search
Složka Smazáno : C:\Windows\system32\config\systemprofile\AppData\Local\Mobogenie
Složka Smazáno : C:\Windows\system32\config\systemprofile\Documents\Mobogenie
Složka Smazáno : C:\Users\Admin\SupTab
Složka Smazáno : C:\Users\Admin\AppData\LocalLow\AVG Secure Search
Složka Smazáno : C:\Users\Guest\AppData\LocalLow\AskToolbar
Složka Smazáno : C:\Users\Guest\AppData\LocalLow\AVG Secure Search
Složka Smazáno : C:\Users\Joshua\AppData\Local\AskToolbar
Složka Smazáno : C:\Users\Joshua\AppData\LocalLow\AskToolbar
Složka Smazáno : C:\Users\Joshua\AppData\LocalLow\AVG Secure Search
Složka Smazáno : C:\Users\Joshua\AppData\LocalLow\AVG Security Toolbar
Složka Smazáno : C:\Users\Joshua\AppData\LocalLow\Conduit
Složka Smazáno : C:\Users\TEMP\AppData\LocalLow\AVG Secure Search
Složka Smazáno : C:\Users\TEMP\AppData\Roaming\Picexa Viewer
Složka Smazáno : C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Soubor Smazáno : C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
Soubor Smazáno : C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
Soubor Smazáno : C:\Users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
Soubor Smazáno : C:\Users\Guest\AppData\Roaming\GDIPFONTCACHEV1.DAT
Soubor Smazáno : C:\Users\Joshua\AppData\Local\GDIPFONTCACHEV1.DAT
Soubor Smazáno : C:\Users\Joshua\AppData\Roaming\GDIPFONTCACHEV1.DAT
Soubor Smazáno : C:\Users\TEMP\daemonprocess.txt
Soubor Smazáno : C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.icq.com_0.localstorage
Soubor Smazáno : C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.icq.com_0.localstorage-journal
Soubor Smazáno : C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****

Úloha Smazáno : LaunchSignup

***** [ Zástupci ] *****

Zástupce Vyléčeno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Hodnota Smazáno : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Hodnota Smazáno : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Klíč Smazáno : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\iedll.dll
Klíč Smazáno : HKLM\SOFTWARE\Classes\Toolbar.CT2475029
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{726E90BE-DC22-4965-B215-E0784DC26F47}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Data Obnoveno : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}
Klíč Smazáno : HKCU\Software\ICQ\ICQToolbar
Klíč Smazáno : HKLM\SOFTWARE\Conduit
Klíč Smazáno : HKLM\SOFTWARE\DataMngr
Klíč Smazáno : HKLM\SOFTWARE\delta-homesSoftware
Klíč Smazáno : HKLM\SOFTWARE\hdcode
Klíč Smazáno : HKLM\SOFTWARE\ICQ\ICQToolbar
Klíč Smazáno : HKLM\SOFTWARE\SupTab
Klíč Smazáno : HKLM\SOFTWARE\supWindowsMangerProtect
Klíč Smazáno : HKLM\SOFTWARE\sweet-pageSoftware
Klíč Smazáno : HKLM\SOFTWARE\SystemK
Klíč Smazáno : HKLM\SOFTWARE\Trymedia Systems
Klíč Smazáno : HKLM\SOFTWARE\IHProtect
Klíč Smazáno : HKLM\SOFTWARE\PicexaSvc
Klíč Smazáno : HKU\.DEFAULT\Software\AVG Secure Search
Klíč Smazáno : HKU\.DEFAULT\Software\IGearSettings
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sweet-page uninstall
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Google Chrome v43.0.2357.130

[C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Smazáno [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof
[C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Smazáno [Homepage] : hxxp://start.icq.com/sm
[C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Smazáno [Homepage] : hxxp://www.delta-homes.com/?type=hp&ts=1435906 ... J1NQ802225
[C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Smazáno [Startup_URLs] : hxxp://www.delta-homes.com/?type=hp&ts=1435906 ... J1NQ802225
[C:\Users\TEMP\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Smazáno [Default_Search_Provider_Data] : hxxp://search.delta-homes.com/web/?type=ds&ts=1435906678&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=SAMSUNGXHD642JJ_S1AFJ1NQ802225&q={searchTerms}

*************************

AdwCleaner[R0].txt - [12861 bytů] - [07/07/2015 15:51:13]
AdwCleaner[S0].txt - [11308 bytů] - [07/07/2015 15:53:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11367 bytů] ##########
------------------------------------------------------------------------------------------------------------------

aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-07-08 07:04:50
-----------------------------
07:04:50.084 OS Version: Windows 6.1.7601 Service Pack 1
07:04:50.084 Number of processors: 2 586 0xF06
07:04:50.084 ComputerName: JOSHUA-PC UserName: Admin
07:06:03.276 Initialize success
07:06:03.308 VM: initialized successfully
07:06:03.308 VM: Intel CPU supported
07:07:52.424 VM: disk I/O atapi.sys
07:08:10.001 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4
07:08:10.001 Disk 0 Vendor: SAMSUNG_HD642JJ 1AA01112 Size: 610480MB BusType: 3
07:08:10.250 Disk 0 MBR read successfully
07:08:10.250 Disk 0 MBR scan
07:08:10.250 Disk 0 Windows 7 default MBR code
07:08:10.281 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 610469 MB offset 63
07:08:10.281 Disk 0 Boot: NTFS code=2
07:08:10.297 Disk 0 scanning sectors +1250242560
07:08:10.359 Disk 0 scanning C:\Windows\system32\drivers
07:08:36.692 Service scanning
07:09:05.927 Modules scanning
07:09:05.927 Disk 0 trace - called modules:
07:09:05.958 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll intelide.sys PCIIDEX.SYS atapi.sys
07:09:05.958 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8659f648]
07:09:05.974 3 CLASSPNP.SYS[8ca7d59e] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-4[0x86101908]
07:09:05.974 Disk 0 statistics 79508/0/0 @ 1,77 MB/s
07:09:05.989 Scan finished successfully
07:15:14.977 Disk 0 MBR has been saved successfully to "C:\Users\Admin\Desktop\MBR.dat"
07:15:14.977 The log file has been saved successfully to "C:\Users\Admin\Desktop\aswMBR.txt"

Re: Stažené breberky

Napsal: 14 črc 2015 07:39
od RomanL2
Omluvte pauzu, byl jsem pár dní na dovolené. Soubor je podle virustotal.com naprosto čistý (vše zelené), počítač vypadá, že se chová způsobně, přikládám nové logy z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-07-2015
Ran by Admin (administrator) on JOSHUA-PC on 14-07-2015 08:28:58
Running from C:\Users\Admin\Desktop
Loaded Profiles: Joshua & Admin & Guest (Available Profiles: Joshua & Admin & Guest)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7Debug\mdm.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [USBToolTip] => C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3730344 2015-07-07] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\...\Run: [GoogleChromeAutoLaunch_50A9215009AE0931A8FCDF5026E9246D] => C:\Program Files\Google\Chrome\Application\chrome.exe [813896 2015-07-07] (Google Inc.)
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\...\MountPoints2: {6eaafda7-fcb3-11e3-bf93-00125a0fe5ac} - E:\LG_PC_Programs.exe
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [220672 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\...\Run: [Google Update] => C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-12-09] (Google Inc.)
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\...\MountPoints2: {da2e147d-76c3-11e0-a29b-00125a0fe5ac} - I:\NokiaPCIA_Autorun.exe
HKU\S-1-5-18\...\MountPoints2: {07519efc-b7b1-11df-b366-806e6f6e6963} - D:\autorun.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type ... earchTerms}
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1 ... J1NQ802225
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1 ... J1NQ802225
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type ... earchTerms}
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... }&ch_id=sm
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.seznam.cz/
HKU\S-1-5-21-2478267369-3852865027-1035928736-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.cz/
URLSearchHook: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
URLSearchHook: HKU\S-1-5-21-2478267369-3852865027-1035928736-501 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\.DEFAULT -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\.DEFAULT -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b& ... earchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> {5B5FCFAD-31F1-4443-9B31-E33D47EF7A66} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... }&ch_id=sm
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={8146 ... 2013-07-23 11:43:32&v=15.4.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2475029
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> {BAA17246-76A2-4F2C-8863-F0891B1EFB0B} URL = http://search.seznam.cz/?q={searchTerms ... chmodule_2
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004 -> DefaultScope {A335B888-2246-497B-BDBC-DAC82C9498A7} URL = https://www.google.com/search?q={search ... utEncoding?}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004 -> {A335B888-2246-497B-BDBC-DAC82C9498A7} URL = https://www.google.com/search?q={search ... utEncoding?}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-501 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-501 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-501 -> {A7C33E9A-70BC-42B9-86AA-BEE04334D90B} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09] (Sun Microsystems, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-2478267369-3852865027-1035928736-501 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2478267369-3852865027-1035928736-501 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29C16DF2-85B4-48C1-AF16-BF53AAABC9FD}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-07-07] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2013-12-19] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-03] (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak: @tools.google.com/Google Update;version=3 -> C:\Users\Joshua\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-12-10] (Google Inc.)
FF Plugin HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak: @tools.google.com/Google Update;version=9 -> C:\Users\Joshua\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2013-12-10] (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-03]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-03]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-03]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-03]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-03]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-03]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3518376 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [314304 2015-07-07] (AVG Technologies CZ, s.r.o.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
S2 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [231856 2015-06-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [190944 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [29664 2015-05-14] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [207328 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [170464 2015-06-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [213984 2015-05-12] (AVG Technologies CZ, s.r.o.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
R3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation )
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 Ser2pl; system32\DRIVERS\ser2pl.sys [X]
S3 Ser2plx86; system32\DRIVERS\ser2pl.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-14 08:28 - 2015-07-14 08:30 - 00021493 _____ C:\Users\Admin\Desktop\FRST.txt
2015-07-14 08:28 - 2015-07-14 08:28 - 00000000 ____D C:\Users\Admin\Desktop\FRST-OlderVersion
2015-07-14 07:40 - 2015-07-14 07:40 - 00000000 ____D C:\Users\Admin\AppData\Local\GWX
2015-07-14 07:39 - 2015-07-14 08:21 - 00000000 ____D C:\Users\Admin\AppData\Local\Avg2015
2015-07-14 07:39 - 2015-07-14 07:39 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AVG2015
2015-07-14 07:35 - 2015-07-14 07:35 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-14 07:34 - 2015-07-14 07:35 - 00000000 ____D C:\ProgramData\AVG2015
2015-07-14 07:34 - 2015-07-14 07:34 - 00000947 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-07-14 07:34 - 2015-07-14 07:34 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2015-07-14 07:34 - 2015-07-14 07:34 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-07-14 07:34 - 2015-07-14 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-07-14 07:32 - 2015-07-14 07:32 - 00000338 _____ C:\Windows\PFRO.log
2015-07-14 07:30 - 2015-07-14 07:30 - 00000632 _____ C:\Users\Public\Desktop\Total Commander.lnk
2015-07-14 07:30 - 2015-07-14 07:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-07-14 07:28 - 2015-07-14 07:28 - 03788928 _____ (Ghisler Software GmbH) C:\Users\Admin\Downloads\tcmd851ax32.exe
2015-07-14 07:28 - 2015-01-31 05:33 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-14 07:28 - 2015-01-31 05:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-14 07:28 - 2015-01-31 02:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-14 07:28 - 2014-12-11 19:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-08 07:15 - 2015-07-08 07:15 - 00001709 _____ C:\Users\Admin\Desktop\aswMBR.txt
2015-07-08 07:15 - 2015-07-08 07:15 - 00000512 _____ C:\Users\Admin\Desktop\MBR.dat
2015-07-08 07:12 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-07 15:56 - 2015-07-07 15:56 - 00125104 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-07 15:50 - 2015-07-07 15:53 - 00000000 ____D C:\AdwCleaner
2015-07-07 15:47 - 2015-07-07 15:47 - 05200384 _____ (AVAST Software) C:\Users\Admin\Desktop\aswmbr.exe
2015-07-07 15:46 - 2015-07-07 15:46 - 02244096 _____ C:\Users\Admin\Desktop\adwcleaner_4.207.exe
2015-07-07 11:58 - 2015-07-14 08:29 - 00000000 ____D C:\FRST
2015-07-07 11:46 - 2015-07-14 08:28 - 01636864 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2015-07-07 11:26 - 2015-07-14 07:32 - 00000336 _____ C:\Windows\setupact.log
2015-07-07 11:26 - 2015-07-07 11:26 - 00000000 _____ C:\Windows\setuperr.log
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ATI
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Users\Admin\AppData\Local\ATI
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\ProgramData\ATI
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\ProgramData\AMD
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Program Files\AMD AVT
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Program Files\AMD APP
2015-07-07 11:22 - 2015-07-07 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-07-07 11:21 - 2015-07-07 11:21 - 00000000 ____D C:\Program Files\ATI
2015-07-07 11:20 - 2015-07-07 11:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\FastStone
2015-07-07 11:19 - 2015-07-07 11:22 - 00000000 ____D C:\Program Files\ATI Technologies
2015-07-07 11:19 - 2015-07-07 11:19 - 00000000 ____D C:\AMD
2015-07-07 11:03 - 2012-08-23 16:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-07 11:03 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-07-07 11:02 - 2013-10-02 02:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-07-07 11:02 - 2013-10-02 02:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-07-07 11:02 - 2013-10-02 02:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-07-07 11:02 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-07-07 11:02 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-07-07 11:02 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-07 11:02 - 2013-10-02 01:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-07-07 11:02 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-07 11:02 - 2013-10-02 00:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-07 11:02 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-07-07 11:00 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-07 11:00 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-07 11:00 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-07 11:00 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-07 11:00 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-07 11:00 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-07 11:00 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 02937344 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 02045952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-07 10:59 - 2015-05-09 05:13 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-07 10:59 - 2015-05-09 05:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-07 10:59 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-07 10:59 - 2015-05-09 05:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-07 10:58 - 2015-07-07 11:01 - 109291464 _____ (Advanced Micro Devices, Inc.) C:\Users\Admin\Downloads\13-9-legacy_vista_win7_32_dd_ccc_whql.exe
2015-07-07 10:48 - 2015-07-07 10:51 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-07 10:48 - 2015-07-07 10:48 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-03 11:53 - 2015-07-03 11:53 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-03 11:53 - 2015-07-03 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-03 11:53 - 2015-07-03 11:53 - 00000000 ____D C:\Program Files\CCleaner
2015-07-03 10:38 - 2015-07-03 10:38 - 00000000 ____D C:\Users\Admin\AppData\Local\GHISLER
2015-07-03 10:28 - 2015-07-07 10:55 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieUserList
2015-07-03 10:28 - 2015-07-07 10:55 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieSiteList
2015-07-03 10:28 - 2015-07-07 10:55 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieBrowserModeList
2015-07-03 10:28 - 2015-07-03 10:28 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Macromedia
2015-07-03 09:46 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-03 09:26 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-03 09:26 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-03 09:26 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-03 09:26 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-03 09:26 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-03 09:26 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-03 09:26 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-03 09:26 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-03 09:26 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-03 09:26 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-03 09:26 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-03 09:26 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-03 09:26 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-03 09:26 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-03 09:26 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-03 09:26 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-03 09:26 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-03 09:26 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-03 09:26 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-03 09:26 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-03 09:26 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-03 09:26 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-03 09:26 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-03 09:26 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-03 09:26 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-03 09:26 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-03 09:26 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-03 09:26 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-03 09:26 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-03 09:26 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-03 09:26 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-03 09:26 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-03 09:26 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-03 09:26 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-03 09:26 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-03 09:26 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-03 09:26 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-07-03 09:26 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-07-03 09:26 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-07-03 09:26 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-03 09:26 - 2015-01-28 01:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-07-03 09:21 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-07-03 09:21 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-03 09:21 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-03 09:21 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-03 09:21 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-03 09:21 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-07-03 09:21 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-03 09:21 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-03 09:21 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-03 09:21 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-07-03 09:21 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-03 09:21 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-07-03 09:21 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-07-03 09:21 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-03 09:21 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-07-03 09:21 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-03 09:21 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-07-03 09:21 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-03 09:21 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-07-03 09:21 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-03 09:20 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-07-03 09:20 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-03 09:20 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-03 09:20 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-07-03 09:20 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-03 09:20 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-03 09:20 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-03 09:20 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-03 09:20 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-03 09:20 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-03 09:20 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-03 09:20 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-07-03 09:20 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-07-03 09:20 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-07-03 09:20 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-07-03 09:20 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-07-03 09:20 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-06-26 09:49 - 2015-06-26 09:49 - 00231856 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2015-06-25 14:01 - 2015-07-03 09:25 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Canon
2015-06-25 13:59 - 2015-06-25 13:59 - 06420480 _____ C:\Program Files\GUT1B63.tmp
2015-06-25 13:59 - 2015-06-25 13:59 - 00000000 ____D C:\Program Files\GUM1B14.tmp
2015-06-25 13:58 - 2015-06-25 13:58 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2015-06-16 15:54 - 2015-06-16 15:54 - 00207328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-14 08:22 - 2011-07-18 18:25 - 00000000 ____D C:\ProgramData\MFAData
2015-07-14 08:22 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-14 07:54 - 2010-12-09 23:34 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-14 07:45 - 2009-07-14 06:34 - 00013760 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-14 07:45 - 2009-07-14 06:34 - 00013760 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-14 07:43 - 2011-01-25 23:03 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000UA.job
2015-07-14 07:41 - 2010-09-04 01:17 - 01806151 _____ C:\Windows\WindowsUpdate.log
2015-07-14 07:40 - 2010-09-03 17:38 - 01583470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-14 07:39 - 2010-12-09 23:34 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-14 07:35 - 2014-02-07 08:20 - 00000000 ____D C:\Users\TEMP
2015-07-14 07:35 - 2010-09-29 16:57 - 00000000 ____D C:\Users\Guest
2015-07-14 07:35 - 2010-09-03 23:48 - 00000000 ____D C:\Program Files\AVG
2015-07-14 07:35 - 2010-09-03 17:31 - 00000000 ____D C:\Users\Joshua
2015-07-14 07:34 - 2010-01-14 14:07 - 00000000 ___HD C:\$AVG
2015-07-14 07:32 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-14 07:30 - 2008-09-18 07:26 - 00000000 ____D C:\totalcmd
2015-07-14 07:28 - 2010-09-03 23:48 - 00000000 ____D C:\ProgramData\avg9
2015-07-08 14:38 - 2014-03-20 22:04 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-08 08:12 - 2014-02-08 12:43 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-08 07:16 - 2010-10-03 15:37 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2015-07-08 07:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2015-07-07 15:53 - 2014-02-08 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-07 15:53 - 2011-02-04 15:04 - 00000000 ____D C:\ProgramData\ICQ
2015-07-07 15:53 - 2010-10-02 09:31 - 00000000 ____D C:\Users\Admin
2015-07-07 11:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-07 11:32 - 2014-03-20 21:50 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-07 11:32 - 2014-03-20 21:50 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-07 11:07 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-07 11:07 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-07 10:48 - 2014-05-08 00:55 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-07 10:48 - 2009-07-14 09:50 - 00000000 ____D C:\Program Files\Windows Journal
2015-07-07 10:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-03 12:26 - 2009-07-14 06:33 - 00447712 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-03 11:53 - 2011-03-19 04:22 - 00000000 ____D C:\Windows\Minidump
2015-07-03 11:53 - 2010-09-04 02:11 - 00000000 ____D C:\Windows\Panther
2015-07-03 09:40 - 2013-08-14 23:36 - 00000000 ____D C:\Windows\system32\MRT
2015-07-03 09:14 - 2010-09-11 13:53 - 00000000 ____D C:\Program Files\Boris FX, Inc
2015-07-03 09:09 - 2014-05-27 12:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-03 09:01 - 2014-10-06 17:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-03 08:58 - 2010-12-11 20:31 - 00000000 _____ C:\Users\Guest\AppData\Local\prvlcl.dat
2015-07-03 08:56 - 2014-02-08 12:31 - 00000000 ___RD C:\Users\TEMP\Virtual Machines
2015-07-03 08:55 - 2013-12-23 21:30 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-06-25 13:59 - 2010-10-02 09:34 - 00000000 ____D C:\Users\Admin\Documents\The KMPlayer
2015-06-25 13:58 - 2010-10-02 09:32 - 00000000 ___RD C:\Users\Admin\Virtual Machines
2015-06-25 13:54 - 2011-01-25 23:03 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000Core.job

==================== Files in the root of some directories =======

2015-06-25 13:59 - 2015-06-25 13:59 - 6420480 _____ () C:\Program Files\GUT1B63.tmp
2010-10-03 16:23 - 2013-08-10 02:04 - 0000024 _____ () C:\ProgramData\__FileUploader.log

Some files in TEMP:
====================
C:\Users\Joshua\AppData\Local\Temp\AutoRun.exe
C:\Users\Joshua\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Joshua\AppData\Local\Temp\drm_dyndata_7370012.dll
C:\Users\Joshua\AppData\Local\Temp\eauninstall.exe
C:\Users\Joshua\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Joshua\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Joshua\AppData\Local\Temp\Myashampoo.exe
C:\Users\Joshua\AppData\Local\Temp\NHL 2003_uninst.exe
C:\Users\Joshua\AppData\Local\Temp\uninstall.exe
C:\Users\Joshua\AppData\Local\Temp\_is2490.exe
C:\Users\Joshua\AppData\Local\Temp\_is370C.exe
C:\Users\Joshua\AppData\Local\Temp\_is5630.exe
C:\Users\Joshua\AppData\Local\Temp\_is9255.exe
C:\Users\Joshua\AppData\Local\Temp\_isA1DA.exe
C:\Users\Joshua\AppData\Local\Temp\_isB6C6.exe
C:\Users\Joshua\AppData\Local\Temp\_isD9C.exe
C:\Users\Joshua\AppData\Local\Temp\_isFAA8.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-14 08:09

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by Admin at 2015-07-14 08:30:21
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2478267369-3852865027-1035928736-1004 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2478267369-3852865027-1035928736-500 - Administrator - Disabled)
Guest (S-1-5-21-2478267369-3852865027-1035928736-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-2478267369-3852865027-1035928736-1002 - Limited - Enabled)
Joshua (S-1-5-21-2478267369-3852865027-1035928736-1000 - Administrator - Enabled) => C:\Users\TEMP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{B448BC74-1CB7-7A57-3313-5E075AFB413E}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Ashampoo Photo Optimizer 3.12 (HKLM\...\Ashampoo Photo Optimizer 3_is1) (Version: 3.1.2 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer FREE (HKLM\...\Ashampoo Photo Optimizer FREE_is1) (Version: 1.2.0 - ashampoo GmbH & Co. KG)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6086 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4392 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.6086 - AVG Technologies CZ, s.r.o.) Hidden
AVS Video Converter 8 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 8.3.2.533 - Online Media Technologies Ltd.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Corel Applications (HKLM\...\Corel Applications) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - CZ (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Extra Content (HKLM\...\_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version: - Corel Corporation)
CorelDRAW Graphics Suite X5 - Extra Content (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PL (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
CZShare Manager (HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\...\75c0e0ceac8ef0d4) (Version: 0.0.1.26 - CZShare)
FastStone Image Viewer 4.2 (HKLM\...\FastStone Image Viewer) (Version: 4.2 - FastStone Soft)
FinePrint (HKLM\...\FinePrint) (Version: 8.05 - FinePrint Software, LLC)
Free MP3 Cutter 1.01 (HKLM\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: - PolySoft Solutions)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Chrome (HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\...\Google Chrome) (Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
InfoMapa 10.0 (HKLM\...\{4A9494C2-4B51-4D90-8ED4-16EBE93BED1F}) (Version: 10.0.0 - PJsoft s.r.o.)
Java(TM) 6 Update 24 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.240 - Oracle)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.9.0.128 - PandoraTV)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (HKLM\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 32.0.3 (x86 cs)) (Version: 32.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NHL® 09 (HKLM\...\{F2B5A2A7-2DF9-4361-8BD5-362714528B51}) (Version: 2.0.1.0 - Electronic Arts)
NHL™ 09 (HKLM\...\{827B97A9-B347-4110-9F89-37AF2B758F94}) (Version: 2.0.1.0 - Electronic Arts)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.029 - Pinnacle Systems)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle Instant DVD Recorder (HKLM\...\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}) (Version: 2.6.0.118 - Pinnacle Systems)
Pinnacle Instant DVD Recorder (HKLM\...\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}) (Version: 2.00.088 - )
Pinnacle Studio 12 Ultimate Plugins (HKLM\...\{D1860E6E-520E-4380-8433-E58E8F88B473}) (Version: 12.0.0.0 - Pinnacle Systems)
proDAD Heroglyph 2.5 (HKLM\...\proDAD-Heroglyph-2.5) (Version: - )
proDAD Vitascene 1.0 (HKLM\...\proDAD-Vitascene-1.0) (Version: - )
Readon TV Movie Radio Player 7.6.0.0 (HKLM\...\{80074966-5231-428D-9AE7-B7D5D2DC3246}) (Version: 7.6.0 - Readon Technology)
Registrace uživatele zařízení Canon MG4200 series (HKLM\...\Registrace uživatele zařízení Canon MG4200 series) (Version: - Canon Inc.‎)
Satellite TV for PC (HKLM\...\PC Satellite TV_is1) (Version: - )
Stop Paying Cable Bills (HKLM\...\{0A7C2D35-FC71-4DDD-B68D-15ED5572E682}) (Version: 1.0.1 - Stop Paying Cable Bills)
Studio 11 (HKLM\...\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}) (Version: 11.0 - Pinnacle Systems)
Studio 11 (Version: 11.0.0.0 - Pinnacle Systems) Hidden
Studio 11 Bonus DVD (HKLM\...\{45A1BF92-700A-4408-B95E-79F462E3D67D}) (Version: 11.0.0.0 - Pinnacle Systems)
SureThing Express Labeler (HKLM\...\stax-Pinnacle_is1) (Version: - MicroVision Development, Inc.)
Texas Hold'em Poker 3D - Deluxe Edition 1.0 (HKLM\...\{E26DEDC7-1A99-4F8C-9615-6DB112E6495B}_is1) (Version: Texas Hold'em Poker 3D - Deluxe Edition - Play + Smile Marketing GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
TP-LINK Wireless Client Utility (HKLM\...\{71BF8787-A67D-4CBC-9155-22927199F4BB}) (Version: 7.0 - TP-LINK)
Veetle TV 0.9.18 (HKLM\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.10 (HKLM\...\VLC media player) (Version: 1.1.10 - VideoLAN)
Yahoo! Desktop Login (Version: 1.00.0001 - Pinnacle Systems) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004_Classes\CLSID\{5B004CDE-0211-469C-B9B5-0552E7E63917}\InprocServer32 -> C:\Program Files\Pinnacle\Shared Files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH)
CustomCLSID: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004_Classes\CLSID\{77D8C8C7-6B46-4429-B876-DBC006C96EB1}\InprocServer32 -> C:\Program Files\Pinnacle\Shared Files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH)
CustomCLSID: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004_Classes\CLSID\{CD37ED08-860C-4B86-AD25-5587D8386587}\InprocServer32 -> C:\Program Files\Pinnacle\Shared Files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH)

==================== Restore Points =========================

22-03-2015 04:01:45 Windows Update
25-06-2015 14:00:23 Avg Update
25-06-2015 14:01:02 Naplánovaný kontrolní bod
03-07-2015 09:00:05 Removed PandoraTV Toolbar.
03-07-2015 09:28:57 Windows Update
03-07-2015 11:20:33 Windows Update
03-07-2015 12:10:59 Windows Update
03-07-2015 13:15:24 Windows Update
07-07-2015 11:01:07 Windows Update
07-07-2015 11:44:54 Windows Update
08-07-2015 15:27:14 Windows Update
14-07-2015 07:20:51 Avg Update
14-07-2015 07:25:33 Installed AVG 2015
14-07-2015 07:27:13 Removed AVG Free 9.0
14-07-2015 07:30:30 Windows Update
14-07-2015 07:33:15 Installed AVG 2015

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1CE6909D-6BA4-4702-8E3B-F7381B2F9489} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000Core => C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-09] (Google Inc.)
Task: {336C4AAF-BAD7-4893-804A-77430E64E5BD} - System32\Tasks\{55ED30C2-75E3-42E7-B764-D0EC15525B94} => pcalua.exe -a "C:\Users\Joshua\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24EJ76JL\earthsim_install[1].exe" -d C:\Users\Joshua\Desktop
Task: {33DB3DFB-6FB7-4496-B9AD-0747C72227AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {6A9B5982-4909-48E9-8152-1B861432A0C6} - System32\Tasks\{0DA64907-2C47-4018-B773-2C990CFABBDB} => pcalua.exe -a D:\setup.exe -d D:\
Task: {6C04EC08-791E-4EEB-AB97-5E6E2144FAA7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {7DBC1FEF-F9D4-43A3-9EB8-B2BA46CE3339} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {80D92B0E-F560-480A-A0D6-E277D2CEC39F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)
Task: {88DED315-6E25-45D2-8134-F9FCE0F88BCF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000UA => C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-09] (Google Inc.)
Task: {931F5661-BF5D-4F17-B140-A770CBE45104} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000Core.job => C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000UA.job => C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2006-12-04 01:25 - 2006-12-04 01:25 - 00022723 ____N () C:\Windows\System32\sugs1l3.dll
2013-12-23 21:51 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2013-06-18 15:49 - 2013-06-18 15:49 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-29 23:08 - 2013-04-29 23:08 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2008-09-18 07:26 - 2014-04-30 08:51 - 00123536 _____ () C:\totalcmd\wcmzip32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:E7D2A25A

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Control Panel\Desktop\\Wallpaper -> C:\Users\Joshua\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2478267369-3852865027-1035928736-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Control Panel\Desktop\\Wallpaper -> C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{92EB2783-3EBA-41FF-A295-D2217B506B6D}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\RM.exe
FirewallRules: [{1F9B13FF-514E-48DB-ACDB-A9D53CDF29F0}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\RM.exe
FirewallRules: [{0B14A7C1-F0EE-4E52-B349-92A33CBBD8A1}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe
FirewallRules: [{21D8798C-ABD5-41AD-B346-9473E23A258D}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe
FirewallRules: [{A7FCAF32-56E9-42A4-8F2D-039B3348B23A}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe
FirewallRules: [{48EE7967-826A-4702-AEA1-2E36C59063B2}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe
FirewallRules: [{F407ECC7-C086-441F-9665-8602BCE42409}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\umi.exe
FirewallRules: [{C604D864-DFB5-4345-8CA4-24D98F2C6362}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\umi.exe
FirewallRules: [TCP Query User{E40F6F8F-2F68-4AB5-97BC-A04C69F826DB}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{75B616EC-CA99-41EA-AB50-C3F96B044896}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{E9927D1A-3075-4B51-BA6B-184CE1C9E122}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{533A5644-2B02-4658-B91C-A9A59F94CF0E}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{05655F63-4A1B-4743-B62F-B3EAE1A41A3C}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{8F18297D-78F4-41C1-9AAD-2CEE06576E2D}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{CB80FAFE-73D6-4BCA-8BF7-6FF878A56566}] => (Allow) LPort=26675
FirewallRules: [TCP Query User{5591B929-0035-4F35-A47E-1D34ADDB3678}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{F6B3221D-FFCF-4E24-B051-7FA7F9A6F36F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{9B93735F-B0FA-4D2E-A8A4-CC28789C177E}C:\program files\readon technology\readon tv movie radio player 7.6.0.0\internettv.exe] => (Block) C:\program files\readon technology\readon tv movie radio player 7.6.0.0\internettv.exe
FirewallRules: [UDP Query User{8061C8DF-35B6-47DD-A663-1EF1C6C5F75A}C:\program files\readon technology\readon tv movie radio player 7.6.0.0\internettv.exe] => (Block) C:\program files\readon technology\readon tv movie radio player 7.6.0.0\internettv.exe
FirewallRules: [{648B69B2-0075-4A7B-8362-A935BA00C302}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{851BD3C1-3CA0-4B90-9D91-16E8D8C48F0D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{9695372C-C67F-4B29-AF3E-5E23FB9F44FC}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{6DBAF94A-B04C-4FF6-9256-9E533C1E7696}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{455EA08B-5DEC-4346-8D31-AD02F656E130}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{B00D2D1A-BA68-4B3C-BFFB-81974D228890}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{A2C4C9BD-A507-4548-A6BF-BDBC4C9D4743}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{7A1C591C-071F-4150-AABF-616F8D54D0EE}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{C065FF79-F889-45A1-957E-1890051E4D50}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{E03F2E23-2025-4425-8690-E7AD3BE3F08A}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2015 07:33:15 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {b2141046-2288-44d1-86dc-5e75869fbff0}

Error: (07/14/2015 07:30:30 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:27:13 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:25:33 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:20:51 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:20:50 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:20:49 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4f3168d1-04f5-40ca-b8f3-f29c128cdffd}

Error: (07/08/2015 03:27:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {e7c8227a-b99c-49c7-8a2c-92c161a91821}

Error: (07/07/2015 11:44:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {ee679272-c876-4fe2-9f4c-e9e7bfd41180}

Error: (07/07/2015 11:01:07 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {8d7f3064-d37b-4aa7-9b42-29d59cae1bd2}


System errors:
=============
Error: (07/08/2015 03:28:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070308): Security Update for Windows 7 (KB3036493).

Error: (07/08/2015 03:28:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070308): Security Update for Windows 7 (KB3020388).

Error: (07/08/2015 03:28:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070308): Update for Windows 7 (KB2923545).

Error: (07/07/2015 03:53:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Search neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (07/07/2015 03:53:45 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WSearch se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (07/07/2015 03:53:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Windows Media Player Network Sharing neuspěla při spuštění v důsledku následující chyby:
%%1069

Error: (07/07/2015 03:53:45 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba WMPNetworkSvc se nemohla přihlásit jako NT AUTHORITY\NetworkService s aktuálně konfigurovaným heslem z důvodu následující chyby:
%%50

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (07/07/2015 03:53:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (07/07/2015 03:53:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (07/07/2015 03:53:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AVG Free WatchDog byla neočekávaně ukončena. Tento stav nastal již 2krát.


Microsoft Office:
=========================
Error: (07/14/2015 07:33:15 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {b2141046-2288-44d1-86dc-5e75869fbff0}

Error: (07/14/2015 07:30:30 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:27:13 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:25:33 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:20:51 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:20:50 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:20:49 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Přístup byl odepřen.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4f3168d1-04f5-40ca-b8f3-f29c128cdffd}

Error: (07/08/2015 03:27:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {e7c8227a-b99c-49c7-8a2c-92c161a91821}

Error: (07/07/2015 11:44:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {ee679272-c876-4fe2-9f4c-e9e7bfd41180}

Error: (07/07/2015 11:01:07 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {8d7f3064-d37b-4aa7-9b42-29d59cae1bd2}


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
Percentage of memory in use: 43%
Total physical RAM: 3199.12 MB
Available physical RAM: 1803.2 MB
Total Virtual: 6394.49 MB
Available Virtual: 4844.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.16 GB) (Free:41.71 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 0F980F97)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End of log ============================

Re: Stažené breberky

Napsal: 15 črc 2015 09:03
od RomanL2
Tak, provedeno, přikládám požadované logy:

Fix result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by Admin at 2015-07-15 09:49:38 Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Joshua & Admin & Guest)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:

HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\...\Run: [Google Update] => C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2010-12-09] (Google Inc.)

IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?type ... Q802225&q={searchTerms}
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-page.com/?type=hp&ts=1 ... J1NQ802225
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com/?type=hp&ts=1 ... J1NQ802225
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?type ... Q802225&q={searchTerms}
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://search.icq.com/search/results.ph ... }&ch_id=sm
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.seznam.cz/
HKU\S-1-5-21-2478267369-3852865027-1035928736-1004\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.cz/?gws_rd=ssl
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.cz/
URLSearchHook: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
URLSearchHook: HKU\S-1-5-21-2478267369-3852865027-1035928736-501 - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = http://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = http://do-search.com/web/?utm_source=b& ... default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> {5B5FCFAD-31F1-4443-9B31-E33D47EF7A66} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://search.icq.com/search/results.ph ... }&ch_id=sm
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={8146 ... 2013-07-23 11:43:32&v=15.4.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2475029
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> {BAA17246-76A2-4F2C-8863-F0891B1EFB0B} URL = http://search.seznam.cz/?q={searchTerms ... chmodule_2
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004 -> DefaultScope {A335B888-2246-497B-BDBC-DAC82C9498A7} URL = https://www.google.com/search?q={search ... utEncoding?}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004 -> {A335B888-2246-497B-BDBC-DAC82C9498A7} URL = https://www.google.com/search?q={search ... utEncoding?}
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-501 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-501 -> {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKU\S-1-5-21-2478267369-3852865027-1035928736-501 -> {A7C33E9A-70BC-42B9-86AA-BEE04334D90B} URL = http://www.webhledani.cz/results.aspx?i ... earchTerms}

Toolbar: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU\S-1-5-21-2478267369-3852865027-1035928736-501 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKU\S-1-5-21-2478267369-3852865027-1035928736-501 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File


EmptyTemp:

End
*****************

Processes closed successfully.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value not found.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro" => key removed successfully.
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera" => key removed successfully.
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => Error setting value.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Error setting value.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Error setting value.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main\\Search Bar => value not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => Error setting value.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main\\ICQ Search => value not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1004\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Software\Microsoft\Internet Explorer\Main\\Start Page => Error setting value.
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache => value not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages => value not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => value not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\URLSearchHooks\\{855F3B16-6D32-4fe6-8A56-BBB695989046} => value not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} => value not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} => value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" => key removed successfully.
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => key not found.
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}" => key removed successfully.
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => key not found.
HKCR\CLSID\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKCR\CLSID\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key not found.
HKCR\CLSID\{E733165D-CBCF-4FDA-883E-ADEF965B476C} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5B5FCFAD-31F1-4443-9B31-E33D47EF7A66} => key not found.
HKCR\CLSID\{5B5FCFAD-31F1-4443-9B31-E33D47EF7A66} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19} => key not found.
HKCR\CLSID\{6552C7DD-90A4-4387-B795-F8F96747DE19} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found.
HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BAA17246-76A2-4F2C-8863-F0891B1EFB0B} => key not found.
HKCR\CLSID\{BAA17246-76A2-4F2C-8863-F0891B1EFB0B} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
"HKU\S-1-5-21-2478267369-3852865027-1035928736-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A335B888-2246-497B-BDBC-DAC82C9498A7}" => key removed successfully.
HKCR\CLSID\{A335B888-2246-497B-BDBC-DAC82C9498A7} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => key not found.
HKCR\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A7C33E9A-70BC-42B9-86AA-BEE04334D90B} => key not found.
HKCR\CLSID\{A7C33E9A-70BC-42B9-86AA-BEE04334D90B} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => value not found.
HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-1000.bak\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value not found.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => value not found.
HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => key not found.
HKU\S-1-5-21-2478267369-3852865027-1035928736-501\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => value not found.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => key not found.
EmptyTemp: => 2.4 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 09:52:08 ====
------------------------------------------------------------------------------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-07-2015
Ran by Admin (administrator) on JOSHUA-PC on 15-07-2015 09:56:11
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available Profiles: Joshua & Admin & Guest)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7Debug\mdm.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Sun Microsystems, Inc.) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\Google\Update\Install\{5DE23EEC-ED0E-427D-8C0A-0E065E371D4B}\43.0.2357.134_43.0.2357.132_chrome_updater.exe
(Google Inc.) C:\Windows\Temp\CR_0C6C0.tmp\setup.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [USBToolTip] => C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [249064 2010-10-29] (Sun Microsystems, Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3730344 2015-07-07] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-18\...\MountPoints2: {07519efc-b7b1-11df-b366-806e6f6e6963} - D:\autorun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09] (Sun Microsystems, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29C16DF2-85B4-48C1-AF16-BF53AAABC9FD}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-14] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2013-12-19] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-07-03] (Google Inc.)
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-03]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-03]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-03]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-03]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-03]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-03]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3518376 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [314304 2015-07-07] (AVG Technologies CZ, s.r.o.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
S2 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-14] (Microsoft Corporation)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [231856 2015-06-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [190944 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [29664 2015-05-14] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [207328 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [170464 2015-06-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [213984 2015-05-12] (AVG Technologies CZ, s.r.o.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [507136 2006-12-05] (PixArt Imaging Inc.)
R3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation )
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 Ser2pl; system32\DRIVERS\ser2pl.sys [X]
S3 Ser2plx86; system32\DRIVERS\ser2pl.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-15 09:54 - 2015-07-15 09:56 - 00011376 _____ C:\Users\Admin\Desktop\FRST.txt
2015-07-14 08:28 - 2015-07-14 08:28 - 00000000 ____D C:\Users\Admin\Desktop\FRST-OlderVersion
2015-07-14 07:40 - 2015-07-14 07:40 - 00000000 ____D C:\Users\Admin\AppData\Local\GWX
2015-07-14 07:39 - 2015-07-14 08:21 - 00000000 ____D C:\Users\Admin\AppData\Local\Avg2015
2015-07-14 07:39 - 2015-07-14 07:39 - 00000000 ____D C:\Users\Admin\AppData\Roaming\AVG2015
2015-07-14 07:35 - 2015-07-14 07:35 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-14 07:34 - 2015-07-14 07:35 - 00000000 ____D C:\ProgramData\AVG2015
2015-07-14 07:34 - 2015-07-14 07:34 - 00000947 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-07-14 07:34 - 2015-07-14 07:34 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
2015-07-14 07:34 - 2015-07-14 07:34 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-07-14 07:34 - 2015-07-14 07:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-07-14 07:32 - 2015-07-15 09:53 - 00000668 _____ C:\Windows\PFRO.log
2015-07-14 07:30 - 2015-07-14 07:30 - 00000632 _____ C:\Users\Public\Desktop\Total Commander.lnk
2015-07-14 07:30 - 2015-07-14 07:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-07-14 07:28 - 2015-07-14 07:28 - 03788928 _____ (Ghisler Software GmbH) C:\Users\Admin\Downloads\tcmd851ax32.exe
2015-07-14 07:28 - 2015-01-31 05:33 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-14 07:28 - 2015-01-31 05:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-14 07:28 - 2015-01-31 02:48 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-14 07:28 - 2014-12-11 19:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-08 07:15 - 2015-07-08 07:15 - 00001709 _____ C:\Users\Admin\Desktop\aswMBR.txt
2015-07-08 07:15 - 2015-07-08 07:15 - 00000512 _____ C:\Users\Admin\Desktop\MBR.dat
2015-07-08 07:12 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-07 15:56 - 2015-07-07 15:56 - 00125104 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-07 15:50 - 2015-07-07 15:53 - 00000000 ____D C:\AdwCleaner
2015-07-07 15:47 - 2015-07-07 15:47 - 05200384 _____ (AVAST Software) C:\Users\Admin\Desktop\aswmbr.exe
2015-07-07 15:46 - 2015-07-07 15:46 - 02244096 _____ C:\Users\Admin\Desktop\adwcleaner_4.207.exe
2015-07-07 11:58 - 2015-07-15 09:56 - 00000000 ____D C:\FRST
2015-07-07 11:46 - 2015-07-14 08:28 - 01636864 _____ (Farbar) C:\Users\Admin\Desktop\FRST.exe
2015-07-07 11:26 - 2015-07-15 09:53 - 00000448 _____ C:\Windows\setupact.log
2015-07-07 11:26 - 2015-07-07 11:26 - 00000000 _____ C:\Windows\setuperr.log
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ATI
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Users\Admin\AppData\Local\ATI
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\ProgramData\ATI
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\ProgramData\AMD
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Program Files\AMD AVT
2015-07-07 11:23 - 2015-07-07 11:23 - 00000000 ____D C:\Program Files\AMD APP
2015-07-07 11:22 - 2015-07-07 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
2015-07-07 11:21 - 2015-07-07 11:21 - 00000000 ____D C:\Program Files\ATI
2015-07-07 11:20 - 2015-07-07 11:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\FastStone
2015-07-07 11:19 - 2015-07-07 11:22 - 00000000 ____D C:\Program Files\ATI Technologies
2015-07-07 11:19 - 2015-07-07 11:19 - 00000000 ____D C:\AMD
2015-07-07 11:03 - 2012-08-23 16:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-07 11:03 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-07-07 11:02 - 2013-10-02 02:42 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-07-07 11:02 - 2013-10-02 02:32 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-07-07 11:02 - 2013-10-02 02:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-07-07 11:02 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-07-07 11:02 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-07-07 11:02 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-07 11:02 - 2013-10-02 01:45 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-07-07 11:02 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-07 11:02 - 2013-10-02 00:53 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-07 11:02 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-07-07 11:00 - 2015-05-09 20:09 - 00715200 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-07 11:00 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-07 11:00 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-07 11:00 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-07 11:00 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-07 11:00 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-07 11:00 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 02937344 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 02045952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-07 10:59 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-07 10:59 - 2015-05-09 05:13 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-07 10:59 - 2015-05-09 05:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-07 10:59 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-07 10:59 - 2015-05-09 05:13 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-07 10:58 - 2015-07-07 11:01 - 109291464 _____ (Advanced Micro Devices, Inc.) C:\Users\Admin\Downloads\13-9-legacy_vista_win7_32_dd_ccc_whql.exe
2015-07-07 10:48 - 2015-07-07 10:51 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-07 10:48 - 2015-07-07 10:48 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-03 11:53 - 2015-07-03 11:53 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-03 11:53 - 2015-07-03 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-03 11:53 - 2015-07-03 11:53 - 00000000 ____D C:\Program Files\CCleaner
2015-07-03 10:38 - 2015-07-03 10:38 - 00000000 ____D C:\Users\Admin\AppData\Local\GHISLER
2015-07-03 10:28 - 2015-07-07 10:55 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieUserList
2015-07-03 10:28 - 2015-07-07 10:55 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieSiteList
2015-07-03 10:28 - 2015-07-07 10:55 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieBrowserModeList
2015-07-03 10:28 - 2015-07-03 10:28 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Macromedia
2015-07-03 09:46 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-03 09:26 - 2015-06-02 21:35 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-03 09:26 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-03 09:26 - 2015-05-25 19:00 - 02384384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-03 09:26 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-03 09:26 - 2015-05-23 05:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-03 09:26 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-03 09:26 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-03 09:26 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-03 09:26 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-03 09:26 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-03 09:26 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-03 09:26 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-03 09:26 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-03 09:26 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-03 09:26 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-03 09:26 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-03 09:26 - 2015-05-23 05:05 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-03 09:26 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-03 09:26 - 2015-05-23 05:00 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-03 09:26 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-03 09:26 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-03 09:26 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-03 09:26 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-03 09:26 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-03 09:26 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-03 09:26 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-03 09:26 - 2015-05-23 04:38 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-03 09:26 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-03 09:26 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-03 09:26 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-03 09:26 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-03 09:26 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-03 09:26 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-03 09:26 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-03 09:26 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-03 09:26 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-03 09:26 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-03 09:26 - 2015-04-11 05:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-07-03 09:26 - 2015-03-04 06:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-07-03 09:26 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-07-03 09:26 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-03 09:26 - 2015-01-28 01:36 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-07-03 09:21 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-07-03 09:21 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-03 09:21 - 2015-05-25 20:07 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-03 09:21 - 2015-05-25 20:07 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-03 09:21 - 2015-05-25 20:04 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-03 09:21 - 2015-05-25 20:01 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-03 09:21 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-03 09:21 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-07-03 09:21 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-03 09:21 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-03 09:21 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-03 09:21 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-07-03 09:21 - 2015-05-25 18:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-03 09:21 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-07-03 09:21 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-07-03 09:21 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-03 09:21 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-07-03 09:21 - 2015-03-05 06:06 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-03 09:21 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-07-03 09:21 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-03 09:21 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-07-03 09:21 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-03 09:20 - 2015-05-09 05:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-07-03 09:20 - 2015-05-09 05:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-03 09:20 - 2015-05-09 05:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-03 09:20 - 2015-05-09 05:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-07-03 09:20 - 2015-05-09 05:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 05:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 03:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 03:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 03:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-03 09:20 - 2015-05-09 03:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-03 09:20 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-03 09:20 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-03 09:20 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-03 09:20 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-03 09:20 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-03 09:20 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-03 09:20 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-07-03 09:20 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-07-03 09:20 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-07-03 09:20 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-07-03 09:20 - 2015-02-25 05:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-07-03 09:20 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-06-26 09:49 - 2015-06-26 09:49 - 00231856 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2015-06-25 14:01 - 2015-07-03 09:25 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Canon
2015-06-25 13:59 - 2015-06-25 13:59 - 06420480 _____ C:\Program Files\GUT1B63.tmp
2015-06-25 13:59 - 2015-06-25 13:59 - 00000000 ____D C:\Program Files\GUM1B14.tmp
2015-06-25 13:58 - 2015-06-25 13:58 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2015-06-16 15:54 - 2015-06-16 15:54 - 00207328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-15 09:54 - 2010-12-09 23:34 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-15 09:53 - 2010-12-09 23:34 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-15 09:53 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-15 09:52 - 2010-09-04 01:17 - 01880203 _____ C:\Windows\WindowsUpdate.log
2015-07-15 09:52 - 2009-07-14 06:34 - 00013760 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-15 09:52 - 2009-07-14 06:34 - 00013760 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-15 09:48 - 2010-09-03 17:38 - 01583470 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-15 09:46 - 2011-07-18 18:25 - 00000000 ____D C:\ProgramData\MFAData
2015-07-15 09:46 - 2010-09-04 01:18 - 00000000 ____D C:\Work
2015-07-15 09:43 - 2011-01-25 23:03 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000UA.job
2015-07-14 16:16 - 2014-03-20 22:04 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-14 09:32 - 2014-03-20 21:50 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-14 09:32 - 2014-03-20 21:50 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-14 08:22 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-14 07:35 - 2014-02-07 08:20 - 00000000 ____D C:\Users\TEMP
2015-07-14 07:35 - 2010-09-29 16:57 - 00000000 ____D C:\Users\Guest
2015-07-14 07:35 - 2010-09-03 23:48 - 00000000 ____D C:\Program Files\AVG
2015-07-14 07:35 - 2010-09-03 17:31 - 00000000 ____D C:\Users\Joshua
2015-07-14 07:34 - 2010-01-14 14:07 - 00000000 ___HD C:\$AVG
2015-07-14 07:30 - 2008-09-18 07:26 - 00000000 ____D C:\totalcmd
2015-07-14 07:28 - 2010-09-03 23:48 - 00000000 ____D C:\ProgramData\avg9
2015-07-08 08:12 - 2014-02-08 12:43 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-08 07:16 - 2010-10-03 15:37 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2015-07-08 07:06 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\AppCompat
2015-07-07 15:53 - 2014-02-08 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-07 15:53 - 2011-02-04 15:04 - 00000000 ____D C:\ProgramData\ICQ
2015-07-07 15:53 - 2010-10-02 09:31 - 00000000 ____D C:\Users\Admin
2015-07-07 11:36 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-07-07 11:07 - 2009-07-14 06:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-07 11:07 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-07 10:48 - 2014-05-08 00:55 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-07 10:48 - 2009-07-14 09:50 - 00000000 ____D C:\Program Files\Windows Journal
2015-07-07 10:48 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-03 12:26 - 2009-07-14 06:33 - 00447712 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-03 11:53 - 2011-03-19 04:22 - 00000000 ____D C:\Windows\Minidump
2015-07-03 11:53 - 2010-09-04 02:11 - 00000000 ____D C:\Windows\Panther
2015-07-03 09:40 - 2013-08-14 23:36 - 00000000 ____D C:\Windows\system32\MRT
2015-07-03 09:14 - 2010-09-11 13:53 - 00000000 ____D C:\Program Files\Boris FX, Inc
2015-07-03 09:09 - 2014-05-27 12:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-03 09:01 - 2014-10-06 17:42 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-03 08:58 - 2010-12-11 20:31 - 00000000 _____ C:\Users\Guest\AppData\Local\prvlcl.dat
2015-07-03 08:56 - 2014-02-08 12:31 - 00000000 ___RD C:\Users\TEMP\Virtual Machines
2015-07-03 08:55 - 2013-12-23 21:30 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-06-25 13:59 - 2010-10-02 09:34 - 00000000 ____D C:\Users\Admin\Documents\The KMPlayer
2015-06-25 13:58 - 2010-10-02 09:32 - 00000000 ___RD C:\Users\Admin\Virtual Machines
2015-06-25 13:54 - 2011-01-25 23:03 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000Core.job

==================== Files in the root of some directories =======

2015-06-25 13:59 - 2015-06-25 13:59 - 6420480 _____ () C:\Program Files\GUT1B63.tmp
2010-10-03 16:23 - 2013-08-10 02:04 - 0000024 _____ () C:\ProgramData\__FileUploader.log

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-14 08:09

==================== End of log ============================
------------------------------------------------------------------------------------------------------------------
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-07-2015
Ran by Admin at 2015-07-15 09:57:28
Running from C:\Users\Admin\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2478267369-3852865027-1035928736-1004 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2478267369-3852865027-1035928736-500 - Administrator - Disabled)
Guest (S-1-5-21-2478267369-3852865027-1035928736-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-2478267369-3852865027-1035928736-1002 - Limited - Enabled)
Joshua (S-1-5-21-2478267369-3852865027-1035928736-1000 - Administrator - Enabled) => C:\Users\TEMP

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{B448BC74-1CB7-7A57-3313-5E075AFB413E}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Ashampoo Photo Optimizer 3.12 (HKLM\...\Ashampoo Photo Optimizer 3_is1) (Version: 3.1.2 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer FREE (HKLM\...\Ashampoo Photo Optimizer FREE_is1) (Version: 1.2.0 - ashampoo GmbH & Co. KG)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6086 - AVG Technologies CZ, s.r.o.)
AVG 2015 (Version: 15.0.4392 - AVG Technologies CZ, s.r.o.) Hidden
AVG 2015 (Version: 15.0.6086 - AVG Technologies CZ, s.r.o.) Hidden
AVS Video Converter 8 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 8.3.2.533 - Online Media Technologies Ltd.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Corel Applications (HKLM\...\Corel Applications) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - CZ (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Extra Content (HKLM\...\_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}) (Version: - Corel Corporation)
CorelDRAW Graphics Suite X5 - Extra Content (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PL (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
FastStone Image Viewer 4.2 (HKLM\...\FastStone Image Viewer) (Version: 4.2 - FastStone Soft)
FinePrint (HKLM\...\FinePrint) (Version: 8.05 - FinePrint Software, LLC)
Free MP3 Cutter 1.01 (HKLM\...\{847E0734-4457-4B48-BF49-998D1CF2CFA1}_is1) (Version: - PolySoft Solutions)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
InfoMapa 10.0 (HKLM\...\{4A9494C2-4B51-4D90-8ED4-16EBE93BED1F}) (Version: 10.0.0 - PJsoft s.r.o.)
Java(TM) 6 Update 24 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.240 - Oracle)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 3.9.0.128 - PandoraTV)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office XP Professional s aplikací FrontPage (HKLM\...\{90280405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.11 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 cs) (HKLM\...\Mozilla Firefox 32.0.3 (x86 cs)) (Version: 32.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NHL® 09 (HKLM\...\{F2B5A2A7-2DF9-4361-8BD5-362714528B51}) (Version: 2.0.1.0 - Electronic Arts)
NHL™ 09 (HKLM\...\{827B97A9-B347-4110-9F89-37AF2B758F94}) (Version: 2.0.1.0 - Electronic Arts)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.029 - Pinnacle Systems)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle Instant DVD Recorder (HKLM\...\{C1212AE3-DBB9-4365-8473-F8ABC7B06BBB}) (Version: 2.6.0.118 - Pinnacle Systems)
Pinnacle Instant DVD Recorder (HKLM\...\{EF781A5C-58F5-4BFD-87F9-E4F14D382F25}) (Version: 2.00.088 - )
Pinnacle Studio 12 Ultimate Plugins (HKLM\...\{D1860E6E-520E-4380-8433-E58E8F88B473}) (Version: 12.0.0.0 - Pinnacle Systems)
proDAD Heroglyph 2.5 (HKLM\...\proDAD-Heroglyph-2.5) (Version: - )
proDAD Vitascene 1.0 (HKLM\...\proDAD-Vitascene-1.0) (Version: - )
Readon TV Movie Radio Player 7.6.0.0 (HKLM\...\{80074966-5231-428D-9AE7-B7D5D2DC3246}) (Version: 7.6.0 - Readon Technology)
Registrace uživatele zařízení Canon MG4200 series (HKLM\...\Registrace uživatele zařízení Canon MG4200 series) (Version: - Canon Inc.‎)
Satellite TV for PC (HKLM\...\PC Satellite TV_is1) (Version: - )
Stop Paying Cable Bills (HKLM\...\{0A7C2D35-FC71-4DDD-B68D-15ED5572E682}) (Version: 1.0.1 - Stop Paying Cable Bills)
Studio 11 (HKLM\...\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}) (Version: 11.0 - Pinnacle Systems)
Studio 11 (Version: 11.0.0.0 - Pinnacle Systems) Hidden
Studio 11 Bonus DVD (HKLM\...\{45A1BF92-700A-4408-B95E-79F462E3D67D}) (Version: 11.0.0.0 - Pinnacle Systems)
SureThing Express Labeler (HKLM\...\stax-Pinnacle_is1) (Version: - MicroVision Development, Inc.)
Texas Hold'em Poker 3D - Deluxe Edition 1.0 (HKLM\...\{E26DEDC7-1A99-4F8C-9615-6DB112E6495B}_is1) (Version: Texas Hold'em Poker 3D - Deluxe Edition - Play + Smile Marketing GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.51a - Ghisler Software GmbH)
TP-LINK Wireless Client Utility (HKLM\...\{71BF8787-A67D-4CBC-9155-22927199F4BB}) (Version: 7.0 - TP-LINK)
Veetle TV 0.9.18 (HKLM\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.10 (HKLM\...\VLC media player) (Version: 1.1.10 - VideoLAN)
Yahoo! Desktop Login (Version: 1.00.0001 - Pinnacle Systems) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004_Classes\CLSID\{5B004CDE-0211-469C-B9B5-0552E7E63917}\InprocServer32 -> C:\Program Files\Pinnacle\Shared Files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH)
CustomCLSID: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004_Classes\CLSID\{77D8C8C7-6B46-4429-B876-DBC006C96EB1}\InprocServer32 -> C:\Program Files\Pinnacle\Shared Files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH)
CustomCLSID: HKU\S-1-5-21-2478267369-3852865027-1035928736-1004_Classes\CLSID\{CD37ED08-860C-4B86-AD25-5587D8386587}\InprocServer32 -> C:\Program Files\Pinnacle\Shared Files\Filter\MarvinAVRenderer.ax (Pinnacle Systems GmbH)

==================== Restore Points =========================

22-03-2015 04:01:45 Windows Update
25-06-2015 14:00:23 Avg Update
25-06-2015 14:01:02 Naplánovaný kontrolní bod
03-07-2015 09:00:05 Removed PandoraTV Toolbar.
03-07-2015 09:28:57 Windows Update
03-07-2015 11:20:33 Windows Update
03-07-2015 12:10:59 Windows Update
03-07-2015 13:15:24 Windows Update
07-07-2015 11:01:07 Windows Update
07-07-2015 11:44:54 Windows Update
08-07-2015 15:27:14 Windows Update
14-07-2015 07:20:51 Avg Update
14-07-2015 07:25:33 Installed AVG 2015
14-07-2015 07:27:13 Removed AVG Free 9.0
14-07-2015 07:30:30 Windows Update
14-07-2015 07:33:15 Installed AVG 2015

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1CE6909D-6BA4-4702-8E3B-F7381B2F9489} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000Core => C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-09] (Google Inc.)
Task: {336C4AAF-BAD7-4893-804A-77430E64E5BD} - System32\Tasks\{55ED30C2-75E3-42E7-B764-D0EC15525B94} => pcalua.exe -a "C:\Users\Joshua\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\24EJ76JL\earthsim_install[1].exe" -d C:\Users\Joshua\Desktop
Task: {33DB3DFB-6FB7-4496-B9AD-0747C72227AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
Task: {6A9B5982-4909-48E9-8152-1B861432A0C6} - System32\Tasks\{0DA64907-2C47-4018-B773-2C990CFABBDB} => pcalua.exe -a D:\setup.exe -d D:\
Task: {6C04EC08-791E-4EEB-AB97-5E6E2144FAA7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {7DBC1FEF-F9D4-43A3-9EB8-B2BA46CE3339} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {80D92B0E-F560-480A-A0D6-E277D2CEC39F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)
Task: {88DED315-6E25-45D2-8134-F9FCE0F88BCF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000UA => C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe [2010-12-09] (Google Inc.)
Task: {931F5661-BF5D-4F17-B140-A770CBE45104} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-11-01] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000Core.job => C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2478267369-3852865027-1035928736-1000UA.job => C:\Users\Joshua\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2006-12-04 01:25 - 2006-12-04 01:25 - 00022723 ____N () C:\Windows\System32\sugs1l3.dll
2013-12-23 21:51 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2013-06-18 15:49 - 2013-06-18 15:49 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-29 23:08 - 2013-04-29 23:08 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-07-15 09:55 - 2015-07-14 15:00 - 01080912 _____ () C:\Program Files\Google\Update\Install\{5DE23EEC-ED0E-427D-8C0A-0E065E371D4B}\43.0.2357.134_43.0.2357.132_chrome_updater.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:E7D2A25A

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2478267369-3852865027-1035928736-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{92EB2783-3EBA-41FF-A295-D2217B506B6D}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\RM.exe
FirewallRules: [{1F9B13FF-514E-48DB-ACDB-A9D53CDF29F0}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\RM.exe
FirewallRules: [{0B14A7C1-F0EE-4E52-B349-92A33CBBD8A1}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe
FirewallRules: [{21D8798C-ABD5-41AD-B346-9473E23A258D}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\Studio.exe
FirewallRules: [{A7FCAF32-56E9-42A4-8F2D-039B3348B23A}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe
FirewallRules: [{48EE7967-826A-4702-AEA1-2E36C59063B2}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe
FirewallRules: [{F407ECC7-C086-441F-9665-8602BCE42409}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\umi.exe
FirewallRules: [{C604D864-DFB5-4345-8CA4-24D98F2C6362}] => (Allow) C:\Program Files\Pinnacle\Studio 11\programs\umi.exe
FirewallRules: [TCP Query User{E40F6F8F-2F68-4AB5-97BC-A04C69F826DB}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{75B616EC-CA99-41EA-AB50-C3F96B044896}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{E9927D1A-3075-4B51-BA6B-184CE1C9E122}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{533A5644-2B02-4658-B91C-A9A59F94CF0E}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{05655F63-4A1B-4743-B62F-B3EAE1A41A3C}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{8F18297D-78F4-41C1-9AAD-2CEE06576E2D}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{CB80FAFE-73D6-4BCA-8BF7-6FF878A56566}] => (Allow) LPort=26675
FirewallRules: [TCP Query User{5591B929-0035-4F35-A47E-1D34ADDB3678}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{F6B3221D-FFCF-4E24-B051-7FA7F9A6F36F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{9B93735F-B0FA-4D2E-A8A4-CC28789C177E}C:\program files\readon technology\readon tv movie radio player 7.6.0.0\internettv.exe] => (Block) C:\program files\readon technology\readon tv movie radio player 7.6.0.0\internettv.exe
FirewallRules: [UDP Query User{8061C8DF-35B6-47DD-A663-1EF1C6C5F75A}C:\program files\readon technology\readon tv movie radio player 7.6.0.0\internettv.exe] => (Block) C:\program files\readon technology\readon tv movie radio player 7.6.0.0\internettv.exe
FirewallRules: [{648B69B2-0075-4A7B-8362-A935BA00C302}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{851BD3C1-3CA0-4B90-9D91-16E8D8C48F0D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{9695372C-C67F-4B29-AF3E-5E23FB9F44FC}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{6DBAF94A-B04C-4FF6-9256-9E533C1E7696}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{455EA08B-5DEC-4346-8D31-AD02F656E130}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{B00D2D1A-BA68-4B3C-BFFB-81974D228890}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{A2C4C9BD-A507-4548-A6BF-BDBC4C9D4743}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{7A1C591C-071F-4150-AABF-616F8D54D0EE}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{C065FF79-F889-45A1-957E-1890051E4D50}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{E03F2E23-2025-4425-8690-E7AD3BE3F08A}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/14/2015 07:33:15 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {b2141046-2288-44d1-86dc-5e75869fbff0}

Error: (07/14/2015 07:30:30 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:27:13 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:25:33 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:20:51 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:20:50 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:20:49 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4f3168d1-04f5-40ca-b8f3-f29c128cdffd}

Error: (07/08/2015 03:27:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {e7c8227a-b99c-49c7-8a2c-92c161a91821}

Error: (07/07/2015 11:44:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {ee679272-c876-4fe2-9f4c-e9e7bfd41180}

Error: (07/07/2015 11:01:07 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak) došlo k neočekávané chybě. hr= 0x80070539, Struktura ID zabezpečení není platná.
.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {8d7f3064-d37b-4aa7-9b42-29d59cae1bd2}


System errors:
=============
Error: (07/15/2015 09:51:39 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Instalační služba modulů systému Windows, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (07/15/2015 09:50:09 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
%%1056

Error: (07/15/2015 09:50:09 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (07/15/2015 09:49:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Instalační služba modulů systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (07/15/2015 09:49:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (07/15/2015 09:49:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/15/2015 09:49:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (07/15/2015 09:49:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (07/15/2015 09:49:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Canon Inkjet Printer/Scanner/Fax Extended Survey Program byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/15/2015 09:49:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Protexis Licensing V2 byla neočekávaně ukončena. Tento stav nastal již 1krát.


Microsoft Office:
=========================
Error: (07/14/2015 07:33:15 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {b2141046-2288-44d1-86dc-5e75869fbff0}

Error: (07/14/2015 07:30:30 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:27:13 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:25:33 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:20:51 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:20:50 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {df4cbef2-c3ce-4375-834e-5a5574874a68}

Error: (07/14/2015 07:20:49 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Přístup byl odepřen.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4f3168d1-04f5-40ca-b8f3-f29c128cdffd}

Error: (07/08/2015 03:27:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {e7c8227a-b99c-49c7-8a2c-92c161a91821}

Error: (07/07/2015 11:44:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {ee679272-c876-4fe2-9f4c-e9e7bfd41180}

Error: (07/07/2015 11:01:07 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-2478267369-3852865027-1035928736-1000.bak)0x80070539, Struktura ID zabezpečení není platná.


Operace:
Událost OnIdentify
Shromažďování dat modulu pro zápis

Kontext:
Kontext spuštění: Shadow Copy Optimization Writer
ID třídy modulu pro zápis: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Název modulu pro zápis: Shadow Copy Optimization Writer
ID instance modulu pro zápis: {8d7f3064-d37b-4aa7-9b42-29d59cae1bd2}


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 CPU 6300 @ 1.86GHz
Percentage of memory in use: 37%
Total physical RAM: 3199.12 MB
Available physical RAM: 1999.48 MB
Total Virtual: 6394.49 MB
Available Virtual: 5039.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:596.16 GB) (Free:43.67 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 0F980F97)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)

==================== End of log ============================

Re: Stažené breberky

Napsal: 15 črc 2015 14:28
od RomanL2
Počítač se chová způsobně, děkuji za pomoc. Jak jsou teď dovolené, tak mi kamarádi nosí notebooky a PC na "údržbu", ať se jim na to po roce, po dvou podívám, a podle toho to vypadá - to bez vaší pomoci nezvládnu. Ještě jednou děkuji.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz