Zdravím, prosím o kontrolu a případné odhmyzení viz screen. Neustále otravují a vyskakují do obrazu reklamy a ještě mi nejde odinstalovat tiskárna canon. Při odinstalací v přidat odebrat to zahlásí, že je ovladač tiskárny aktuálně používám, ale tiskárnu mám odpojenou , takže nevím co stím.
EDIT:
Prosím o přesun do sekce "Řešení problémů, logy" asi jsem se špatně zařadil.
http://www.image-share.com/ijpg-3038-29.html
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jaruna at 2015-08-25 21:01:32
Microsoft
System drive C: has 30 GB (30%) free of 100 GB
Total RAM: 3982 MB (62% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:01:34, on 25. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\7\plugin.exe
C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\12\plugin.exe
C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\3\plugin.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Jaruna.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.seznam.cz/?clid=22668
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.seznam.cz/?sourceid=quick ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/?clid=22668
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Record Page - {2335267c-dbba-4dd5-a9d0-c4db8e6a75a4} - (no file)
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [CheckNDISPortF0ac74] C:\Program Files (x86)\4G Hostless Modem\4G Hostless Modem\CheckNDISPort_df.exe
O4 - HKLM\..\Run: [CancelAutoPlay_df] "C:\Program Files (x86)\4G Hostless Modem\4G Hostless Modem\CancelAutoPlay_df.exe" run
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do OneNotu - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Odeslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Volání kliknutím v Lyncu - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @oem11.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\Windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service Mgr RecordPage - Unknown owner - C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugincontainer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Mgr RecordPage - Unknown owner - C:\Program Files (x86)\Common Files\87737dd0-ad90-4193-bd48-336966b8d777\updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 8369 bytes
======Listing Processes======
wininit.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 206272426064
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe"
"C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe"
"C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugincontainer.exe"
C:\Windows\system32\svchost.exe -k imgsvc
taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
igfxEM.exe
igfxHK.exe
igfxTray.exe
taskeng.exe {73AC9871-F0B5-40D1-B3C6-55CDB8BFE5D1}
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\system32\GWX\GWX.exe"
"C:\Program Files (x86)\Common Files\87737dd0-ad90-4193-bd48-336966b8d777\updater.exe"
"C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\7\plugin.exe"
"C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\8\plugin.exe"
"C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\2\plugin.exe"
"C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\5\plugin.exe"
"C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\12\plugin.exe"
"C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\6\plugin.exe"
"C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\10\plugin.exe"
"C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\3\plugin.exe" u
"C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\7\plugin.exe"
"C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\12\plugin.exe"
"C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugins\3\plugin.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Internet Explorer\iexplore.exe" -ServerName:DefaultBrowserServer
"C:\Program Files\Internet Explorer\iexplore.exe" SCODEF:1876 CREDAT:267777 /prefetch:1
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4640 CREDAT:267521 /prefetch:2
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 552 560 568 65536 564
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-725886734-121766909-2824906017-10013_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-725886734-121766909-2824906017-10013 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4640 CREDAT:529680 /prefetch:2
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Jaruna\AppData\Local\Microsoft\Windows\INetCache\IE\OD3JA8LM\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\Uninstaller_SkipUac_Jaruna.job - C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe /UninstallExplorer
=========Mozilla firefox=========
ProfilePath - C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "keyword.URL" - "http://search.findwide.com/serp?guid={1 ... _search&k="
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\
google-avast.xml
seznam-avast.xml
yahoo-1.xml
yahoo-2.xml
yahoo-avast.xml
yahoo.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23 218784]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-05 662672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2014-01-23 2333400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2335267c-dbba-4dd5-a9d0-c4db8e6a75a4}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21 153248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-05 565304]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2014-01-21 1728216]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-06-05 5515496]
"CheckNDISPortF0ac74"=C:\Program Files (x86)\4G Hostless Modem\4G Hostless Modem\CheckNDISPort_df.exe [2013-06-04 418048]
"CancelAutoPlay_df"=C:\Program Files (x86)\4G Hostless Modem\4G Hostless Modem\CancelAutoPlay_df.exe [2013-06-04 446720]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SppExtComObj.exe]
"Debugger="C:\Windows\SECOH-QAD.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-08-25 19:44:56 ----D---- C:\rsit
2015-08-25 19:44:56 ----D---- C:\Program Files\trend micro
2015-08-22 18:14:27 ----A---- C:\Windows\system32\mshtml.dll
2015-08-22 18:14:26 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-08-20 11:48:42 ----D---- C:\ProgramData\CanonIJPLM
2015-08-14 13:09:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-08-13 17:26:54 ----HD---- C:\Program Files\CanonBJ
2015-08-13 17:26:43 ----D---- C:\Windows\system32\STRING
2015-08-13 17:26:43 ----A---- C:\Windows\SYSWOW64\CNMNPPM.DLL
2015-08-13 17:26:43 ----A---- C:\Windows\system32\CNMN6UI.DLL
2015-08-13 17:26:43 ----A---- C:\Windows\system32\CNMN6PPM.DLL
2015-08-13 17:25:54 ----D---- C:\Program Files (x86)\Canon
2015-08-12 10:50:36 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:50:36 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:49:20 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-08-12 10:49:20 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 10:49:20 ----A---- C:\Windows\system32\wucltux.dll
2015-08-12 10:49:20 ----A---- C:\Windows\system32\wuaueng.dll
2015-08-12 10:49:20 ----A---- C:\Windows\system32\wuauclt.exe
2015-08-12 10:49:20 ----A---- C:\Windows\system32\wuapi.dll
2015-08-12 10:49:19 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-08-12 10:49:19 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-08-12 10:49:19 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-08-12 10:49:19 ----A---- C:\Windows\system32\wuwebv.dll
2015-08-12 10:49:19 ----A---- C:\Windows\system32\wudriver.dll
2015-08-12 10:49:19 ----A---- C:\Windows\system32\wuapp.exe
2015-08-12 10:48:59 ----A---- C:\Windows\system32\ieframe.dll
2015-08-12 10:48:57 ----A---- C:\Windows\system32\jscript9.dll
2015-08-12 10:48:56 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-08-12 10:48:54 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-08-12 10:48:53 ----A---- C:\Windows\system32\wininet.dll
2015-08-12 10:48:53 ----A---- C:\Windows\system32\ieui.dll
2015-08-12 10:48:52 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-08-12 10:48:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-08-12 10:48:51 ----A---- C:\Windows\system32\actxprxy.dll
2015-08-12 10:48:50 ----A---- C:\Windows\system32\urlmon.dll
2015-08-12 10:48:49 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-08-12 10:48:49 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-08-12 10:48:49 ----A---- C:\Windows\system32\msfeeds.dll
2015-08-12 10:48:49 ----A---- C:\Windows\system32\iertutil.dll
2015-08-12 10:48:48 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2015-08-12 10:48:48 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2015-08-12 10:48:48 ----A---- C:\Windows\system32\webcheck.dll
2015-08-12 10:48:47 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-08-12 10:48:47 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-08-12 10:48:47 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-08-12 10:48:47 ----A---- C:\Windows\system32\vbscript.dll
2015-08-12 10:48:47 ----A---- C:\Windows\system32\jscript.dll
2015-08-12 10:48:47 ----A---- C:\Windows\system32\inetcomm.dll
2015-08-12 10:48:47 ----A---- C:\Windows\system32\iepeers.dll
2015-08-12 10:48:47 ----A---- C:\Windows\system32\ieapfltr.dll
2015-08-12 10:48:46 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-08-12 10:44:56 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-08-12 10:44:56 ----A---- C:\Windows\system32\sysmain.dll
2015-08-12 10:44:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-08-12 10:44:56 ----A---- C:\Windows\system32\ntdll.dll
2015-08-12 10:44:56 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-08-12 10:44:47 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 10:44:45 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2015-08-12 10:43:41 ----A---- C:\Windows\system32\drivers\WdFilter.sys
2015-08-12 10:43:40 ----A---- C:\Windows\system32\drivers\WdNisDrv.sys
2015-08-12 10:43:40 ----A---- C:\Windows\system32\drivers\WdBoot.sys
2015-08-12 10:42:52 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2015-08-12 10:42:52 ----A---- C:\Windows\SYSWOW64\davclnt.dll
2015-08-12 10:42:52 ----A---- C:\Windows\system32\WebClnt.dll
2015-08-12 10:42:52 ----A---- C:\Windows\system32\davclnt.dll
2015-08-12 10:42:52 ----A---- C:\Windows\system32\appraiser.dll
2015-08-12 10:42:51 ----A---- C:\Windows\system32\invagent.dll
2015-08-12 10:42:51 ----A---- C:\Windows\system32\generaltel.dll
2015-08-12 10:42:51 ----A---- C:\Windows\system32\devinv.dll
2015-08-12 10:42:51 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-08-12 10:42:51 ----A---- C:\Windows\system32\aeinv.dll
2015-08-12 10:42:51 ----A---- C:\Windows\system32\acmigration.dll
2015-08-12 10:37:42 ----A---- C:\Windows\system32\csrsrv.dll
2015-08-12 10:37:42 ----A---- C:\Windows\system32\basesrv.dll
2015-08-12 10:37:34 ----A---- C:\Windows\SYSWOW64\netcfgx.dll
2015-08-12 10:37:34 ----A---- C:\Windows\system32\netcfgx.dll
2015-08-12 10:37:34 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-08-12 10:37:30 ----A---- C:\Windows\SYSWOW64\notepad.exe
2015-08-12 10:37:30 ----A---- C:\Windows\system32\notepad.exe
2015-08-12 10:37:30 ----A---- C:\Windows\notepad.exe
2015-08-12 10:37:29 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 10:37:03 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2015-08-12 10:37:03 ----A---- C:\Windows\system32\msxml6.dll
2015-08-12 10:37:03 ----A---- C:\Windows\system32\msxml3.dll
2015-08-12 10:37:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2015-08-12 10:37:03 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2015-08-12 10:37:02 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2015-08-12 10:36:55 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-08-12 10:36:55 ----A---- C:\Windows\system32\mstscax.dll
2015-08-12 10:36:54 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-08-12 10:36:54 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-08-12 10:36:50 ----A---- C:\Windows\system32\win32k.sys
2015-08-12 10:36:49 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2015-08-12 10:36:49 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-08-12 10:36:49 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-08-12 10:36:49 ----A---- C:\Windows\system32\FntCache.dll
2015-08-12 10:36:49 ----A---- C:\Windows\system32\DWrite.dll
2015-08-12 10:36:49 ----A---- C:\Windows\system32\atmlib.dll
2015-08-12 10:36:49 ----A---- C:\Windows\system32\atmfd.dll
2015-08-01 13:53:55 ----A---- C:\Windows\system32\SystemEventsBrokerServer.dll
2015-08-01 13:42:28 ----HD---- C:\Windows\system32\CanonIJ Uninstaller Information
2015-08-01 13:41:19 ----HD---- C:\ProgramData\CanonBJ
2015-08-01 13:41:01 ----A---- C:\Windows\system32\CNMLMAE.DLL
2015-08-01 13:40:32 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll
2015-08-01 13:40:32 ----A---- C:\Windows\SYSWOW64\CNC5200U.dll
2015-08-01 13:40:32 ----A---- C:\Windows\SYSWOW64\CNC5200L.dll
2015-08-01 13:40:31 ----A---- C:\Windows\system32\CNHMCA6.dll
2015-08-01 13:40:31 ----A---- C:\Windows\system32\CNC5200L.dll
2015-08-01 13:40:31 ----A---- C:\Windows\system32\CNC5200I.dll
2015-08-01 13:40:31 ----A---- C:\Windows\system32\CNC5200C.dll
2015-07-30 16:39:34 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-30 16:39:34 ----SD---- C:\Windows\system32\GWX
2015-07-30 16:26:51 ----A---- C:\Windows\system32\WiFiDisplay.dll
2015-07-30 16:26:50 ----A---- C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-07-30 16:26:49 ----A---- C:\Windows\SYSWOW64\DeviceSetupStatusProvider.dll
2015-07-30 16:26:32 ----A---- C:\Windows\SYSWOW64\calc.exe
2015-07-30 16:26:32 ----A---- C:\Windows\system32\calc.exe
2015-07-30 16:26:22 ----A---- C:\Windows\SYSWOW64\winshfhc.dll
2015-07-30 16:26:22 ----A---- C:\Windows\system32\winshfhc.dll
2015-07-30 16:25:39 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-30 16:25:38 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-30 16:25:36 ----A---- C:\Windows\system32\wups2.dll
2015-07-30 16:25:36 ----A---- C:\Windows\system32\wups.dll
2015-07-30 16:24:46 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-30 16:24:46 ----A---- C:\Windows\system32\crypt32.dll
2015-07-30 16:24:36 ----A---- C:\Windows\system32\localspl.dll
2015-07-30 16:24:35 ----A---- C:\Windows\SYSWOW64\puiobj.dll
2015-07-30 16:24:35 ----A---- C:\Windows\system32\win32spl.dll
2015-07-30 16:24:35 ----A---- C:\Windows\system32\puiobj.dll
2015-07-30 16:24:35 ----A---- C:\Windows\system32\compstui.dll
2015-07-30 16:24:31 ----A---- C:\Windows\system32\SystemSettingsDatabase.dll
2015-07-30 16:24:30 ----A---- C:\Windows\system32\SettingsHandlers.dll
2015-07-30 16:24:17 ----A---- C:\Windows\system32\poqexec.exe
2015-07-30 16:24:15 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2015-07-30 16:24:01 ----A---- C:\Windows\system32\drivers\ahcache.sys
2015-07-30 10:47:00 ----A---- C:\Windows\SYSWOW64\msctf.dll
2015-07-30 10:47:00 ----A---- C:\Windows\system32\msctf.dll
2015-07-30 10:46:58 ----A---- C:\Windows\SYSWOW64\rastapi.dll
2015-07-30 10:46:58 ----A---- C:\Windows\system32\rastapi.dll
2015-07-30 10:46:56 ----A---- C:\Windows\system32\drivers\sermouse.sys
2015-07-30 10:46:56 ----A---- C:\Windows\system32\drivers\mouhid.sys
2015-07-30 10:46:56 ----A---- C:\Windows\system32\drivers\mouclass.sys
2015-07-30 10:46:56 ----A---- C:\Windows\system32\drivers\kbdhid.sys
2015-07-30 10:46:56 ----A---- C:\Windows\system32\drivers\kbdclass.sys
2015-07-30 10:46:56 ----A---- C:\Windows\system32\drivers\i8042prt.sys
2015-07-30 10:46:47 ----A---- C:\Windows\SYSWOW64\SHCore.dll
2015-07-30 10:46:47 ----A---- C:\Windows\system32\SHCore.dll
2015-07-30 10:46:35 ----A---- C:\Windows\system32\profsvc.dll
2015-07-30 10:46:34 ----A---- C:\Windows\system32\UtcResources.dll
2015-07-30 10:46:34 ----A---- C:\Windows\system32\diagtrack.dll
2015-07-30 10:46:32 ----A---- C:\Windows\SYSWOW64\dwmcore.dll
2015-07-30 10:46:32 ----A---- C:\Windows\system32\dwmcore.dll
2015-07-30 10:46:30 ----A---- C:\Windows\SYSWOW64\Windows.UI.Input.Inking.dll
2015-07-30 10:46:30 ----A---- C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-07-30 10:46:28 ----A---- C:\Windows\system32\wevtsvc.dll
2015-07-30 10:46:27 ----A---- C:\Windows\SYSWOW64\GeofenceMonitorService.dll
2015-07-30 10:46:27 ----A---- C:\Windows\system32\GeofenceMonitorService.dll
2015-07-30 10:46:21 ----A---- C:\Windows\system32\shell32.dll
2015-07-30 10:46:18 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-07-30 10:46:16 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-07-30 10:46:16 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-07-30 10:46:13 ----A---- C:\Windows\SYSWOW64\SRH.dll
2015-07-30 10:46:13 ----A---- C:\Windows\system32\SRH.dll
2015-07-30 10:46:11 ----A---- C:\Windows\SYSWOW64\dbgeng.dll
2015-07-30 10:46:11 ----A---- C:\Windows\system32\dbgeng.dll
2015-07-30 10:46:10 ----A---- C:\Windows\SYSWOW64\dbghelp.dll
2015-07-30 10:46:10 ----A---- C:\Windows\system32\dbghelp.dll
2015-07-30 10:46:07 ----A---- C:\Windows\system32\drivers\bthport.sys
2015-07-30 10:46:06 ----A---- C:\Windows\system32\drivers\rfcomm.sys
2015-07-30 10:46:06 ----A---- C:\Windows\system32\drivers\hidbth.sys
2015-07-30 10:46:02 ----A---- C:\Windows\system32\drivers\usb8023.sys
2015-07-30 10:46:01 ----A---- C:\Windows\system32\drivers\usb8023x.sys
2015-07-30 10:46:01 ----A---- C:\Windows\system32\drivers\rndismpx.sys
2015-07-30 10:45:58 ----A---- C:\Windows\SYSWOW64\WSShared.dll
2015-07-30 10:45:58 ----A---- C:\Windows\system32\WSShared.dll
2015-07-30 10:45:57 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-30 10:45:57 ----A---- C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-30 10:45:37 ----A---- C:\Windows\SYSWOW64\photowiz.dll
2015-07-30 10:45:37 ----A---- C:\Windows\system32\photowiz.dll
2015-07-30 10:45:13 ----A---- C:\Windows\SYSWOW64\authz.dll
2015-07-30 10:45:13 ----A---- C:\Windows\system32\authz.dll
2015-07-30 10:45:11 ----A---- C:\Windows\system32\drivers\USBHUB3.SYS
2015-07-30 10:45:08 ----A---- C:\Windows\system32\dpapisrv.dll
2015-07-30 10:44:38 ----A---- C:\Windows\system32\drivers\udfs.sys
2015-07-30 10:44:37 ----A---- C:\Windows\SYSWOW64\rgb9rast.dll
2015-07-30 10:44:35 ----A---- C:\Windows\SYSWOW64\PhotoMetadataHandler.dll
2015-07-30 10:44:35 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2015-07-30 10:44:34 ----A---- C:\Windows\system32\drivers\bthhfenum.sys
2015-07-30 10:44:30 ----A---- C:\Windows\SYSWOW64\StorageContextHandler.dll
2015-07-30 10:44:30 ----A---- C:\Windows\system32\StorageContextHandler.dll
2015-07-30 10:43:56 ----A---- C:\Windows\system32\D3DCompiler_47.dll
2015-07-30 10:43:55 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2015-07-30 10:43:55 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2015-07-30 10:43:55 ----A---- C:\Windows\SYSWOW64\D3DCompiler_47.dll
2015-07-30 10:43:55 ----A---- C:\Windows\system32\mfc42u.dll
2015-07-30 10:43:55 ----A---- C:\Windows\system32\mfc42.dll
2015-07-30 10:43:54 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2015-07-30 10:43:54 ----A---- C:\Windows\system32\oleaut32.dll
2015-07-30 10:43:53 ----A---- C:\Windows\system32\sppobjs.dll
2015-07-30 10:41:03 ----A---- C:\Windows\SYSWOW64\UIAutomationCore.dll
2015-07-30 10:41:03 ----A---- C:\Windows\system32\UIAutomationCore.dll
2015-07-30 10:35:31 ----A---- C:\Windows\system32\drivers\USBXHCI.SYS
2015-07-30 10:33:19 ----A---- C:\Windows\system32\fhcpl.dll
2015-07-30 10:33:04 ----A---- C:\Windows\SYSWOW64\eapphost.dll
2015-07-30 10:33:04 ----A---- C:\Windows\SYSWOW64\eappgnui.dll
2015-07-30 10:33:04 ----A---- C:\Windows\SYSWOW64\eappcfg.dll
2015-07-30 10:33:04 ----A---- C:\Windows\SYSWOW64\eapp3hst.dll
2015-07-30 10:33:04 ----A---- C:\Windows\system32\eapphost.dll
2015-07-30 10:33:04 ----A---- C:\Windows\system32\eappgnui.dll
2015-07-30 10:33:04 ----A---- C:\Windows\system32\eappcfg.dll
2015-07-30 10:33:04 ----A---- C:\Windows\system32\eapp3hst.dll
2015-07-30 10:33:03 ----A---- C:\Windows\SYSWOW64\tquery.dll
2015-07-30 10:33:03 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2015-07-30 10:33:03 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2015-07-30 10:33:03 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2015-07-30 10:33:03 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2015-07-30 10:33:03 ----A---- C:\Windows\SYSWOW64\mssph.dll
2015-07-30 10:33:03 ----A---- C:\Windows\system32\tquery.dll
2015-07-30 10:33:03 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2015-07-30 10:33:03 ----A---- C:\Windows\system32\SearchIndexer.exe
2015-07-30 10:33:03 ----A---- C:\Windows\system32\mssvp.dll
2015-07-30 10:33:03 ----A---- C:\Windows\system32\mssrch.dll
2015-07-30 10:33:03 ----A---- C:\Windows\system32\mssphtb.dll
2015-07-30 10:33:03 ----A---- C:\Windows\system32\mssph.dll
2015-07-30 10:33:02 ----A---- C:\Windows\system32\drivers\sdbus.sys
2015-07-30 10:33:02 ----A---- C:\Windows\system32\drivers\dumpsd.sys
2015-07-30 10:33:00 ----A---- C:\Windows\system32\MrmCoreR.dll
2015-07-30 10:33:00 ----A---- C:\Windows\system32\LockScreenContentServer.exe
2015-07-30 10:32:59 ----A---- C:\Windows\SYSWOW64\MrmCoreR.dll
2015-07-30 10:32:57 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-07-30 10:32:57 ----A---- C:\Windows\system32\sdbinst.exe
2015-07-30 10:32:56 ----A---- C:\Windows\SYSWOW64\wpdshext.dll
2015-07-30 10:32:56 ----A---- C:\Windows\system32\wpdshext.dll
2015-07-30 10:32:56 ----A---- C:\Windows\system32\apphelp.dll
2015-07-30 10:32:55 ----A---- C:\Windows\SYSWOW64\msftedit.dll
2015-07-30 10:32:55 ----A---- C:\Windows\system32\msftedit.dll
2015-07-30 10:32:55 ----A---- C:\Windows\explorer.exe
2015-07-30 10:32:54 ----A---- C:\Windows\SYSWOW64\explorer.exe
2015-07-30 10:32:54 ----A---- C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-30 10:32:53 ----A---- C:\Windows\SYSWOW64\Windows.Data.Pdf.dll
2015-07-30 10:32:15 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-07-30 10:32:15 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-30 10:32:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-30 10:32:15 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-30 10:32:15 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2015-07-30 10:32:15 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-30 10:32:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-30 10:32:15 ----A---- C:\Windows\system32\msrating.dll
2015-07-30 10:32:15 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-30 10:32:15 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-30 10:32:15 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-29 16:51:42 ----D---- C:\Windows\system32\appraiser
2015-07-29 16:51:42 ----D---- C:\Windows\Migration
2015-07-29 15:40:19 ----A---- C:\Windows\system32\aepdu.dll
2015-07-29 15:40:18 ----A---- C:\Windows\system32\aepic.dll
2015-07-28 10:49:28 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2015-07-28 10:49:28 ----A---- C:\Windows\system32\scesrv.dll
2015-07-28 10:49:16 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-28 10:49:16 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-28 10:49:16 ----A---- C:\Windows\system32\msi.dll
2015-07-28 10:49:16 ----A---- C:\Windows\system32\authui.dll
2015-07-28 10:49:15 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-28 10:49:15 ----A---- C:\Windows\SYSWOW64\atlthunk.dll
2015-07-28 10:49:15 ----A---- C:\Windows\system32\msiexec.exe
2015-07-28 10:49:11 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-28 10:49:11 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-28 10:49:11 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-28 10:49:11 ----A---- C:\Windows\SYSWOW64\certcli.dll
2015-07-28 10:49:11 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-28 10:49:11 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-28 10:49:11 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-28 10:49:11 ----A---- C:\Windows\system32\kerberos.dll
2015-07-28 10:49:11 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-28 10:49:11 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-28 10:49:11 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-28 10:49:11 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-28 10:49:11 ----A---- C:\Windows\system32\certcli.dll
2015-07-28 10:49:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-28 10:49:04 ----A---- C:\Windows\system32\werdiagcontroller.dll
2015-07-28 10:49:04 ----A---- C:\Windows\system32\TSWbPrxy.exe
2015-07-28 10:49:04 ----A---- C:\Windows\system32\schannel.dll
2015-07-28 10:49:04 ----A---- C:\Windows\system32\audiosrv.dll
2015-07-28 10:49:04 ----A---- C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-28 10:47:50 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-28 10:47:50 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-28 10:47:50 ----A---- C:\Windows\system32\ole32.dll
2015-07-28 10:47:50 ----A---- C:\Windows\system32\gdi32.dll
2015-07-28 10:47:43 ----A---- C:\Windows\system32\drivers\storvsp.sys
======List of files/folders modified in the last 1 month======
2015-08-25 21:00:01 ----D---- C:\Windows\system32\sru
2015-08-25 20:58:49 ----RD---- C:\Program Files (x86)
2015-08-25 20:58:27 ----RD---- C:\Program Files
2015-08-25 20:57:53 ----D---- C:\Windows\Temp
2015-08-25 20:57:52 ----D---- C:\Windows\system32\DriverStore
2015-08-25 20:57:52 ----D---- C:\Windows\system32\catroot
2015-08-25 20:57:52 ----D---- C:\Windows\Inf
2015-08-25 20:57:24 ----D---- C:\Windows\Prefetch
2015-08-25 20:56:43 ----RD---- C:\Windows\System32
2015-08-25 20:53:57 ----D---- C:\Windows\system32\Tasks
2015-08-25 20:46:54 ----D---- C:\Windows\system32\drivers
2015-08-25 20:46:21 ----D---- C:\Windows\system32\config
2015-08-25 20:44:00 ----D---- C:\Windows\Microsoft.NET
2015-08-25 20:22:02 ----D---- C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777
2015-08-25 19:51:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-08-25 16:59:36 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-25 16:58:08 ----HD---- C:\ProgramData
2015-08-25 16:58:07 ----D---- C:\Windows\system32\drivers\etc
2015-08-24 17:49:51 ----D---- C:\Windows\SysWOW64
2015-08-24 17:49:37 ----A---- C:\Windows\Reimage.ini
2015-08-23 16:30:33 ----D---- C:\Program Files (x86)\Opera
2015-08-22 18:43:43 ----D---- C:\Windows\WinSxS
2015-08-22 18:41:09 ----D---- C:\Windows\rescache
2015-08-22 18:14:48 ----D---- C:\Windows\CbsTemp
2015-08-22 18:14:13 ----SHD---- C:\System Volume Information
2015-08-15 12:33:58 ----D---- C:\rei
2015-08-13 11:54:54 ----RD---- C:\Windows\assembly
2015-08-12 13:15:03 ----D---- C:\Program Files\Internet Explorer
2015-08-12 13:15:03 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-12 13:15:02 ----D---- C:\Windows\system32\drivers\cs-CZ
2015-08-12 13:15:02 ----D---- C:\Program Files\Windows Defender
2015-08-12 13:15:02 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-12 13:09:57 ----SD---- C:\Windows\system32\CompatTel
2015-08-12 13:09:57 ----D---- C:\Windows\apppatch
2015-08-12 10:50:30 ----D---- C:\Windows\system32\MRT
2015-08-12 10:43:06 ----A---- C:\Windows\system32\MRT.exe
2015-08-12 10:42:38 ----D---- C:\Windows
2015-08-12 10:35:33 ----D---- C:\Windows\system32\catroot2
2015-08-08 15:55:08 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-08-05 20:04:53 ----D---- C:\Windows\Panther
2015-08-05 19:57:18 ----HD---- C:\$Windows.~BT
2015-08-05 19:30:37 ----D---- C:\Windows\AppReadiness
2015-08-05 19:29:59 ----D---- C:\Windows\Logs
2015-08-04 12:26:21 ----D---- C:\Windows\AppCompat
2015-08-01 13:40:39 ----RSD---- C:\Windows\Media
2015-08-01 13:40:36 ----D---- C:\Windows\twain_32
2015-07-31 12:01:44 ----D---- C:\Windows\SYSWOW64\cs-CZ
2015-07-31 12:01:44 ----D---- C:\Windows\system32\cs-CZ
2015-07-31 12:01:44 ----D---- C:\Windows\PolicyDefinitions
2015-07-31 12:01:43 ----RD---- C:\Windows\ToastData
2015-07-31 12:01:43 ----RD---- C:\Windows\ImmersiveControlPanel
2015-07-31 12:01:42 ----RSD---- C:\Windows\Fonts
2015-07-31 12:01:41 ----D---- C:\Windows\WinStore
2015-07-31 12:01:41 ----D---- C:\Windows\system32\sr-Latn-RS
2015-07-31 12:01:41 ----D---- C:\Windows\system32\sr-Latn-CS
2015-07-31 12:01:40 ----D---- C:\Windows\system32\en-US
2015-07-31 12:01:40 ----D---- C:\Windows\system32\AdvancedInstallers
2015-07-30 16:39:34 ----D---- C:\Program Files\Common Files\microsoft shared
2015-07-30 10:14:09 ----SHD---- C:\Config.Msi
2015-07-29 16:51:42 ----SD---- C:\ProgramData\Microsoft
2015-07-29 16:51:42 ----D---- C:\Windows\system32\wbem
2015-07-29 16:51:38 ----D---- C:\Windows\system32\CodeIntegrity
2015-07-29 16:37:17 ----D---- C:\KMPlayer
2015-07-26 15:19:57 ----D---- C:\Windows\system32\NDF
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-06-05 65736]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-06-05 272248]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-06-05 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-06-05 1047320]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-06-29 442264]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2013-03-04 40344]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2015-06-04 26528]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2013-08-22 71680]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-06-05 29168]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-06-05 89944]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-06-05 137288]
R3 bcbtums;@oem11.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\Windows\system32\drivers\bcbtums.sys [2015-06-04 170712]
R3 BCM43XX;@oem13.inf,%BCM43XX_Service_DispName%;Ovladač síťového adaptéru Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2015-06-04 7549616]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-11-21 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-11-21 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2014-11-21 118272]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-11-21 81920]
R3 HIDSwitch;@oem1.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\Windows\System32\drivers\AsHIDSwitch64.sys [2013-11-04 20280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2015-06-04 3787704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-06-04 4467928]
R3 IntcDAud;@oem12.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-06-04 454416]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-11-04 27032]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSBASTOR;@oem3.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2015-06-04 321792]
R3 RTL8168;@oem10.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2015-06-04 881368]
R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-06-04 34544]
R3 TXEIx64;@oem14.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\Windows\System32\drivers\TXEIx64.sys [2015-06-04 88592]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-11-21 212736]
R3 VClone;VClone; C:\Windows\System32\drivers\VClone.sys [2013-07-24 34816]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2013-08-22 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 btwampfl;@oem11.inf,%btwampfl.ServiceName%;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2015-06-04 185600]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-11-04 38296]
S3 NuidFltr;@oem27.inf,%NuidFltr.SvcDesc%;NUID filter driver; C:\Windows\System32\drivers\NuidFltr.sys [2007-08-31 20392]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; C:\Windows\System32\drivers\usb8023x.sys [2015-04-25 20992]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-11-21 44544]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-06-05 343336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-11-21 38792]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2015-06-04 319080]
R2 ReimageRealTimeProtector;Reimage Real Time Protector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-08-19 7743472]
R2 Service Mgr RecordPage;Service Mgr RecordPage; C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777\plugincontainer.exe [2015-08-25 1198856]
R2 Update Mgr RecordPage;Update Mgr RecordPage; C:\Program Files (x86)\Common Files\87737dd0-ad90-4193-bd48-336966b8d777\updater.exe [2015-08-25 706824]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S2 BcmBtRSupport;@oem11.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\Windows\system32\BtwRSupportService.exe [2015-06-04 2251992]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-11-21 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2015-06-04 280680]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 178760]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu, vyskakují stále reklamy
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu, vyskakují stále reklamy
Zdravim 
Je Vas operacni system legalni?
Je Vas operacni system legalni?Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, vyskakují stále reklamy
Zdravím, ano, byl v koupeném notebooku. Jinak jsem ještě našel , že to co se ukazuje v prohližečích, tak je něco jako Related Searches, ale v odebrat programy to není 
Re: Prosím o kontrolu, vyskakují stále reklamy
V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan, pote na Cleaning
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, vyskakují stále reklamy
# AdwCleaner v5.003 - Logfile created 26/08/2015 at 00:06:24
# Updated 20/08/2015 by Xplode
# Database : 2015-08-25.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Jaruna - JARUNA-NTB
# Running from : C:\Users\Jaruna\Desktop\adwcleaner_5.003.exe
# Option : Cleaning
***** [ Services ] *****
[-] Service Deleted : ReimageRealTimeProtector
[-] Service Deleted : Service Mgr RecordPage
[!] Service Not Deleted : Service Mgr RecordPage
[-] Service Deleted : Update Mgr RecordPage
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Reimage
[-] Folder Deleted : C:\Program Files (x86)\Record Page
[!] Folder Not Deleted : C:\Program Files (x86)\Record Page
[-] Folder Deleted : C:\Program Files (x86)\Common Files\87737dd0-ad90-4193-bd48-336966b8d777
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[-] Folder Deleted : C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777
***** [ Files ] *****
[-] File Deleted : C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_recordpage-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_recordpage-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\user.js
[-] File Deleted : C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\yahoo.xml
[-] File Deleted : C:\Windows\Reimage.ini
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : ReimageUpdater
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKCU\Software\23556fb1360f366337f97c924e76ead3
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D1611ACC-4B10-4B34-8CDE-0AE7B2A270A6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FCDF527-B10C-481D-B214-B09EEA106124}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FCDF527-B10C-481D-B214-B09EEA106124}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2335267C-DBBA-4DD5-A9D0-C4DB8E6A75A4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D1611ACC-4B10-4B34-8CDE-0AE7B2A270A6}
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKCU\Software\reimagerepair
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Record Page
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Record Page
[!] Key Not Deleted : [x64] HKCU\Software\Reimage
[!] Key Not Deleted : [x64] HKCU\Software\TNT2
[!] Key Not Deleted : [x64] HKCU\Software\reimagerepair
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Protector
***** [ Web browsers ] *****
[-] [C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaulturl", "hxxp://us.yhs4.search.yahoo.com/yhs/search");
[-] [C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\prefs.js] [Preference] Deleted : user_pref("keyword.URL", "hxxp://search.findwide.com/serp?guid={1B39404E-5823-4E78-98A4-E6D6FE95E0FD}&action=default_search&k=");
[-] [C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\prefs.js] [Preference] Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 0);
*************************
:: Proxy settings cleared
:: Winsock settings cleared
:: Chrome policies deleted
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7113 bytes] ##########
# Updated 20/08/2015 by Xplode
# Database : 2015-08-25.1 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Jaruna - JARUNA-NTB
# Running from : C:\Users\Jaruna\Desktop\adwcleaner_5.003.exe
# Option : Cleaning
***** [ Services ] *****
[-] Service Deleted : ReimageRealTimeProtector
[-] Service Deleted : Service Mgr RecordPage
[!] Service Not Deleted : Service Mgr RecordPage
[-] Service Deleted : Update Mgr RecordPage
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files\Reimage
[-] Folder Deleted : C:\Program Files (x86)\Record Page
[!] Folder Not Deleted : C:\Program Files (x86)\Record Page
[-] Folder Deleted : C:\Program Files (x86)\Common Files\87737dd0-ad90-4193-bd48-336966b8d777
[-] Folder Deleted : C:\ProgramData\Reimage Protector
[-] Folder Deleted : C:\ProgramData\87737dd0-ad90-4193-bd48-336966b8d777
***** [ Files ] *****
[-] File Deleted : C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_recordpage-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_recordpage-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\user.js
[-] File Deleted : C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\yahoo.xml
[-] File Deleted : C:\Windows\Reimage.ini
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : ReimageUpdater
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key Deleted : HKCU\Software\23556fb1360f366337f97c924e76ead3
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D1611ACC-4B10-4B34-8CDE-0AE7B2A270A6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FCDF527-B10C-481D-B214-B09EEA106124}
[!] Key Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FCDF527-B10C-481D-B214-B09EEA106124}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2335267C-DBBA-4DD5-A9D0-C4DB8E6A75A4}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D1611ACC-4B10-4B34-8CDE-0AE7B2A270A6}
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKCU\Software\reimagerepair
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Record Page
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Record Page
[!] Key Not Deleted : [x64] HKCU\Software\Reimage
[!] Key Not Deleted : [x64] HKCU\Software\TNT2
[!] Key Not Deleted : [x64] HKCU\Software\reimagerepair
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Protector
***** [ Web browsers ] *****
[-] [C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\prefs.js] [Preference] Deleted : user_pref("browser.search.defaulturl", "hxxp://us.yhs4.search.yahoo.com/yhs/search");
[-] [C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\prefs.js] [Preference] Deleted : user_pref("keyword.URL", "hxxp://search.findwide.com/serp?guid={1B39404E-5823-4E78-98A4-E6D6FE95E0FD}&action=default_search&k=");
[-] [C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\prefs.js] [Preference] Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 0);
*************************
:: Proxy settings cleared
:: Winsock settings cleared
:: Chrome policies deleted
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7113 bytes] ##########
Re: Prosím o kontrolu, vyskakují stále reklamy
Dejte log FRST.txt, prilozte i Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, vyskakují stále reklamy
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-08-2015 02
Ran by Jaruna (administrator) on JARUNA-NTB (26-08-2015 00:16:26)
Running from C:\Users\Jaruna\Desktop
Loaded Profiles: Jaruna (Available Profiles: Jaruna)
Platform: Windows 8.1 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(forum.viry.cz) C:\Users\Jaruna\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-05] (Avast Software s.r.o.)
HKLM-x32\...\Run: [CheckNDISPortF0ac74] => C:\Program Files (x86)\4G Hostless Modem\4G Hostless Modem\CheckNDISPort_df.exe [418048 2013-06-04] ()
HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\4G Hostless Modem\4G Hostless Modem\CancelAutoPlay_df.exe [446720 2013-06-04] ()
IFEO\SppExtComObj.exe: [Debugger] C:\Windows\SECOH-QAD.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-05] (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-725886734-121766909-2824906017-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-725886734-121766909-2824906017-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-725886734-121766909-2824906017-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> {1B1B93D8-6020-49A2-AD54-9EF92BA01CC1} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11443
SearchScopes: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> {7A8B0A4C-C4B9-4E68-8095-90F8D4CCE1B6} URL = hxxp://search.findwide.com/serp?guid={1B39404E-5823-4E78-98A4-E6D6FE95E0FD}&action=default_search&k={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-05] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-05] (Avast Software s.r.o.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> No Name - {00011268-E188-40DF-A514-835FCD78B1BF} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.10
Tcpip\..\Interfaces\{790C18C5-ECC6-4593-A14A-13B3F401F6C2}: [DhcpNameServer] 192.168.2.10
Tcpip\..\Interfaces\{E8339AD5-7F04-4571-9E3C-CBE87839B64E}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default
FF NewTab:
FF DefaultSearchEngine: Yahoo:
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo:
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\google-avast.xml [2015-07-24]
FF SearchPlugin: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\seznam-avast.xml [2015-06-22]
FF SearchPlugin: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\yahoo-1.xml [2015-08-25]
FF SearchPlugin: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\yahoo-2.xml [2015-08-25]
FF SearchPlugin: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\yahoo-avast.xml [2015-08-10]
FF Extension: Record Page - C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi [2015-08-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-05]
Chrome:
=======
CHR Profile: C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-18]
CHR Extension: (Google Docs) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-18]
CHR Extension: (Google Drive) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-18]
CHR Extension: (YouTube) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-18]
CHR Extension: (Google Search) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-18]
CHR Extension: (Avast SafePrice) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-06-18]
CHR Extension: (Google Sheets) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-18]
CHR Extension: (Avast Online Security) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-18]
CHR Extension: (Record Page) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgfhaaeheijfpmonfiigkpljdigboana [2015-06-20]
CHR Extension: (Google Wallet) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-18]
CHR Extension: (Gmail) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-05]
Opera:
=======
OPR Extension: (Record Page) - C:\Users\Jaruna\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgfhaaeheijfpmonfiigkpljdigboana [2015-06-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-05] (Avast Software s.r.o.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-06-04] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2015-06-04] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-29] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-05] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-06-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2015-06-04] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-04] (REALiX(tm))
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2015-06-04] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2015-06-04] (Intel Corporation)
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-26 00:16 - 2015-08-26 00:17 - 00013759 _____ C:\Users\Jaruna\Desktop\FRST.txt
2015-08-26 00:15 - 2015-08-26 00:16 - 00000000 ____D C:\FRST
2015-08-26 00:13 - 2015-08-26 00:13 - 00112640 _____ (forum.viry.cz) C:\Users\Jaruna\Desktop\FRSTLauncher.exe
2015-08-26 00:12 - 2015-08-26 00:12 - 02186752 _____ (Farbar) C:\Users\Jaruna\Desktop\FRST64.exe
2015-08-26 00:04 - 2015-08-26 00:06 - 00000000 ____D C:\AdwCleaner
2015-08-26 00:03 - 2015-08-26 00:03 - 01605632 _____ C:\Users\Jaruna\Desktop\adwcleaner_5.003.exe
2015-08-25 19:44 - 2015-08-25 21:01 - 00000000 ____D C:\Program Files\trend micro
2015-08-25 19:44 - 2015-08-25 19:45 - 00000000 ____D C:\rsit
2015-08-25 17:29 - 2015-08-25 17:29 - 00002901 _____ C:\Users\Jaruna\Downloads\certifikat_klienta (1).pfx
2015-08-25 17:06 - 2015-08-25 17:06 - 00021504 ___SH C:\Users\Jaruna\Documents\Thumbs.db
2015-08-25 16:57 - 2015-06-22 13:20 - 00001931 _____ C:\Users\Jaruna\Documents\McAfee Security Scan Plus.lnk
2015-08-25 16:57 - 2015-04-13 13:11 - 00001299 _____ C:\Users\Jaruna\Documents\Ashampoo Burning Studio 15.lnk
2015-08-25 16:57 - 2015-04-13 13:11 - 00000214 _____ C:\Users\Jaruna\Documents\Your Software Deals.url
2015-08-25 16:57 - 2015-02-07 12:19 - 00002019 _____ C:\Users\Jaruna\Documents\Adobe Reader XI.lnk
2015-08-25 16:57 - 2014-12-16 16:19 - 00558592 _____ C:\Users\Jaruna\Documents\Vanoce.pps
2015-08-25 16:57 - 2014-08-26 11:07 - 00001167 _____ C:\Users\Jaruna\Documents\BS.Player PRO.lnk
2015-08-25 16:57 - 2014-04-23 17:20 - 00001129 _____ C:\Users\Jaruna\Documents\Opera.lnk
2015-08-25 16:57 - 2014-01-15 12:08 - 07379811 _____ C:\Users\Jaruna\Documents\HS-Tennis.wmv
2015-08-25 16:57 - 2013-10-08 19:22 - 00001391 _____ C:\Users\Jaruna\Documents\Be-on-road Wizard Android.lnk
2015-08-25 16:57 - 2012-12-12 19:09 - 00005457 _____ C:\Users\Jaruna\Documents\ax_files.xml
2015-08-25 16:57 - 2012-11-29 17:56 - 00001957 _____ C:\Users\Jaruna\Documents\MetaTrader FLOAT.lnk
2015-08-25 16:57 - 2012-06-07 09:44 - 00000989 _____ C:\Users\Jaruna\Documents\Winamp.lnk
2015-08-25 16:52 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\Youcam
2015-08-25 16:52 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\Vyúčtování vody
2015-08-25 16:52 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\Účetnictví BoTe
2015-08-25 16:52 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\Teta Ola
2015-08-25 16:52 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\Televize
2015-08-25 16:52 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\SVJ Brechtova 3
2015-08-25 16:52 - 2015-02-09 14:47 - 03249480 _____ (Unity Technologies ApS) C:\Users\Jaruna\Documents\UnityWebPlayer.exe
2015-08-25 16:52 - 2014-04-23 17:20 - 33675696 _____ (Opera Software ASA) C:\Users\Jaruna\Documents\Opera_1700_int_Setup.exe
2015-08-25 16:52 - 2014-04-23 17:20 - 31213568 _____ (Microsoft Corporation) C:\Users\Jaruna\Documents\IE10-Setup-Seven32.exe
2015-08-25 16:52 - 2014-04-23 17:19 - 24901448 _____ (Mozilla) C:\Users\Jaruna\Documents\seznam-firefox-win32-cs-26.0.0.exe
2015-08-25 16:52 - 2014-03-10 16:24 - 00023271 _____ C:\Users\Jaruna\Documents\SPZ-pojišťovna.htm
2015-08-25 16:52 - 2013-05-18 12:20 - 1293549568 _____ C:\Users\Jaruna\Documents\mydiscimage.iso
2015-08-25 16:52 - 2010-01-01 03:23 - 02713488 _____ (Martin Malík - REALiX ) C:\Users\Jaruna\Documents\hw64_462.exe
2015-08-25 16:52 - 2002-01-03 14:21 - 00568847 _____ (Macromedia, Inc.) C:\Users\Jaruna\Documents\BOWLING.EXE
2015-08-25 16:48 - 2015-08-25 16:48 - 00000000 ____D C:\Users\Jaruna\Downloads\AshampooBurningStudio_2013
2015-08-25 16:48 - 2015-08-25 16:48 - 00000000 ____D C:\Users\Jaruna\Documents\SmartDraw
2015-08-25 16:48 - 2015-08-25 16:48 - 00000000 ____D C:\Users\Jaruna\Documents\Rod Tenorů
2015-08-25 16:48 - 2015-08-25 16:48 - 00000000 ____D C:\Users\Jaruna\Documents\Readon Player
2015-08-25 16:48 - 2015-08-25 16:48 - 00000000 ____D C:\Users\Jaruna\Documents\RACE
2015-08-25 16:48 - 2013-05-16 10:53 - 00001089 _____ C:\Users\Jaruna\Desktop\Dokumenty Jaruna.lnk
2015-08-25 16:47 - 2015-08-25 16:48 - 00000000 ____D C:\Users\Jaruna\Documents\OpenTTD
2015-08-25 16:47 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Documents\NHL09
2015-08-25 16:47 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Documents\marki
2015-08-25 16:47 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Documents\Libor
2015-08-25 16:47 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Documents\Knihy
2015-08-25 16:47 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Documents\Jaruna
2015-08-25 16:45 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Downloads\Ashampoo Burning Studio 11.0.2 Final
2015-08-25 16:43 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Documents\fleska
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\flek!
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Euro Truck Simulator 2
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\eliška
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\DVDVideoSoft
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\default
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\DCIM
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Datová schránka
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Daň z nemovitosti
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\čištění
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Certifikát
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\BoTe s.r.o pošta
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Bluetooth Folder
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Blbinky
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Bankrot
2015-08-25 16:42 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\50 Majka
2015-08-25 16:35 - 2015-08-25 16:35 - 00000000 ____D C:\Users\Jaruna\AppData\Local\GHISLER
2015-08-24 17:58 - 2015-08-25 17:15 - 00002901 _____ C:\Users\Jaruna\Downloads\certifikat_klienta.pfx
2015-08-24 17:37 - 2015-08-24 17:37 - 00842328 _____ (Generic ) C:\Users\Jaruna\Downloads\adobe_flash_player.exe
2015-08-22 18:14 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-22 18:14 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-22 07:54 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\Stavby
2015-08-20 11:48 - 2015-08-25 17:52 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-08-19 17:50 - 2015-08-23 16:49 - 00012102 _____ C:\Users\Jaruna\Documents\Seznam turistických známek.xlsx
2015-08-19 17:50 - 2015-08-19 17:50 - 00000000 ____D C:\Users\Jaruna\Documents\Vlastní šablony Office
2015-08-14 13:09 - 2015-08-15 12:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-13 17:26 - 2015-08-13 17:26 - 00000000 ___HD C:\Program Files\CanonBJ
2015-08-13 17:26 - 2015-08-13 17:26 - 00000000 ____D C:\Windows\system32\STRING
2015-08-13 17:26 - 2010-02-05 03:37 - 00340992 _____ (CANON INC.) C:\Windows\SysWOW64\CNMNPPM.DLL
2015-08-13 17:26 - 2010-02-05 03:37 - 00327680 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL
2015-08-13 17:26 - 2010-02-05 03:37 - 00037376 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL
2015-08-13 17:25 - 2015-08-13 17:26 - 00000000 ____D C:\Program Files (x86)\Canon
2015-08-13 17:02 - 2015-08-13 17:19 - 00000000 ____D C:\Users\Jaruna\Documents\Exekuce
2015-08-12 10:50 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:50 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:49 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 10:49 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 10:49 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 10:49 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 10:49 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 10:49 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 10:49 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 10:49 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 10:49 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 10:49 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 10:49 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 10:49 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 10:49 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 10:48 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 10:48 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 10:48 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 10:48 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 10:48 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 10:48 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 10:48 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-12 10:48 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 10:48 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 10:48 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 10:48 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 10:48 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 10:48 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 10:48 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-12 10:48 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 10:48 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 10:48 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 10:48 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-12 10:48 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 10:48 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 10:48 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 10:48 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 10:48 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 10:48 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 10:48 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-12 10:48 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 10:48 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 10:48 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 10:48 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 10:44 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 10:44 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 10:44 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 10:44 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 10:44 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 10:44 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 10:44 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 10:43 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 10:43 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-12 10:43 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 10:42 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 10:42 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 10:42 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 10:42 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 10:42 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 10:42 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 10:42 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 10:42 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 10:42 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 10:42 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 10:42 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 10:37 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-12 10:37 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-12 10:37 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-12 10:37 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 10:37 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 10:37 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 10:37 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 10:37 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 10:37 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 10:37 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 10:37 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 10:37 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 10:37 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-12 10:37 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 10:37 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 10:36 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 10:36 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 10:36 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 10:36 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 10:36 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 10:36 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 10:36 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 10:36 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 10:36 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 10:36 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 10:36 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 10:36 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-10 17:55 - 2015-08-19 17:52 - 00000000 ____D C:\Users\Jaruna\Documents\Účetnictví
2015-08-05 19:28 - 2015-08-19 17:52 - 00000000 ____D C:\Users\Jaruna\Documents\Voda, pojištění
2015-08-05 19:23 - 2015-08-10 17:41 - 00057344 ___SH C:\Users\Jaruna\Desktop\Thumbs.db
2015-08-01 13:53 - 2015-08-01 13:53 - 00000000 ____D C:\Users\Jaruna\AppData\Local\GWX
2015-08-01 13:53 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-08-01 13:42 - 2015-08-01 13:42 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2015-08-01 13:42 - 2015-08-01 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
2015-08-01 13:41 - 2015-08-01 13:41 - 00000000 ___HD C:\ProgramData\CanonBJ
2015-08-01 13:41 - 2010-08-25 05:00 - 00361472 _____ (CANON INC.) C:\Windows\system32\CNMLMAE.DLL
2015-08-01 13:40 - 2010-03-18 19:26 - 00348672 _____ (CANON INC.) C:\Windows\system32\CNC5200L.dll
2015-08-01 13:40 - 2010-03-18 19:25 - 00307200 _____ (CANON INC.) C:\Windows\SysWOW64\CNC5200L.dll
2015-08-01 13:40 - 2010-03-18 17:13 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNC5200C.dll
2015-08-01 13:40 - 2010-03-18 17:13 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNC5200I.dll
2015-08-01 13:40 - 2010-03-18 17:11 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNC5200U.dll
2015-08-01 13:40 - 2009-11-27 14:29 - 00013056 _____ C:\Windows\SysWOW64\CNC1749D.TBL
2015-08-01 13:40 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2015-08-01 13:40 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2015-08-01 13:38 - 2015-08-01 13:38 - 00000000 ____D C:\Users\Jaruna\AppData\Local\CEF
2015-07-30 16:39 - 2015-07-30 17:53 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-30 16:39 - 2015-07-30 16:39 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-30 16:26 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-30 16:26 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-07-30 16:26 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-07-30 16:26 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-07-30 16:26 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-07-30 16:26 - 2014-11-10 04:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-07-30 16:26 - 2014-11-10 03:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-07-30 16:25 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-30 16:25 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-30 16:25 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-30 16:25 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-30 16:24 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-07-30 16:24 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-07-30 16:24 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-07-30 16:24 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-07-30 16:24 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-07-30 16:24 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-07-30 16:24 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-07-30 16:24 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-07-30 16:24 - 2014-10-31 01:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-30 16:24 - 2014-10-31 01:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-30 16:24 - 2014-10-31 00:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-07-30 16:24 - 2014-10-31 00:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-30 10:47 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-07-30 10:47 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-07-30 10:46 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-30 10:46 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-30 10:46 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-30 10:46 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-30 10:46 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-30 10:46 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-30 10:46 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-30 10:46 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-30 10:46 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-30 10:46 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-30 10:46 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys
2015-07-30 10:46 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-30 10:46 - 2015-04-23 19:01 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rndismpx.sys
2015-07-30 10:46 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-30 10:46 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-30 10:46 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-07-30 10:46 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-07-30 10:46 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-07-30 10:46 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-07-30 10:46 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-07-30 10:46 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-07-30 10:46 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-07-30 10:46 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-07-30 10:46 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-07-30 10:46 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-07-30 10:46 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-07-30 10:46 - 2015-01-30 05:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-07-30 10:46 - 2015-01-30 05:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-07-30 10:46 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-07-30 10:46 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-07-30 10:46 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-30 10:46 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-30 10:46 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-30 10:46 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-30 10:46 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-30 10:46 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-30 10:45 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-30 10:45 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-30 10:45 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-30 10:45 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-30 10:45 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-07-30 10:45 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-07-30 10:45 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-07-30 10:45 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-07-30 10:45 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-07-30 10:45 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-07-30 10:44 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-07-30 10:44 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-07-30 10:44 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-07-30 10:44 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-07-30 10:44 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-07-30 10:44 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-07-30 10:44 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-07-30 10:43 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-07-30 10:43 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-07-30 10:43 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-07-30 10:43 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-07-30 10:43 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-07-30 10:43 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-07-30 10:43 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-30 10:43 - 2014-12-19 10:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-07-30 10:43 - 2014-12-19 10:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-07-30 10:41 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-07-30 10:41 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-07-30 10:35 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-07-30 10:33 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-30 10:33 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-30 10:33 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-30 10:33 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-07-30 10:33 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-07-30 10:33 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-07-30 10:33 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-07-30 10:33 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-07-30 10:33 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-07-30 10:33 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-07-30 10:33 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-07-30 10:33 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-07-30 10:33 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-07-30 10:33 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-07-30 10:33 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-07-30 10:33 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-07-30 10:33 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-07-30 10:33 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-07-30 10:33 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-07-30 10:33 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-07-30 10:33 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-07-30 10:33 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-07-30 10:33 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-07-30 10:33 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-07-30 10:33 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-07-30 10:33 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-07-30 10:33 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-07-30 10:33 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-07-30 10:32 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-30 10:32 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-30 10:32 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-30 10:32 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-30 10:32 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-30 10:32 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-30 10:32 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-30 10:32 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-30 10:32 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-30 10:32 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-30 10:32 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-30 10:32 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-30 10:32 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-30 10:32 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-30 10:32 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-30 10:32 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-30 10:32 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-30 10:32 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-30 10:32 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-30 10:32 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-30 10:32 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-07-30 10:32 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-30 10:32 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-07-30 10:32 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-07-30 10:32 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-07-30 10:32 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-07-29 16:51 - 2015-08-12 13:09 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-29 15:40 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-29 15:40 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-28 10:49 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-28 10:49 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-28 10:49 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-28 10:49 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-28 10:49 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-28 10:49 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-28 10:49 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-28 10:49 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-28 10:49 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-28 10:49 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-28 10:49 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-28 10:49 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-28 10:49 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-28 10:49 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-28 10:49 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-28 10:49 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-28 10:49 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-28 10:49 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-28 10:49 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-28 10:49 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-28 10:49 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-28 10:49 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-28 10:49 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-28 10:49 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-28 10:49 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-07-28 10:49 - 2014-12-12 04:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-28 10:49 - 2014-12-09 05:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-07-28 10:49 - 2014-12-09 03:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-07-28 10:47 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-28 10:47 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-28 10:47 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-28 10:47 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-28 10:47 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-26 00:12 - 2015-06-04 20:58 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-725886734-121766909-2824906017-1001
2015-08-26 00:09 - 2015-06-04 20:53 - 01936597 _____ C:\Windows\WindowsUpdate.log
2015-08-26 00:07 - 2014-11-20 21:43 - 00021086 _____ C:\Windows\PFRO.log
2015-08-26 00:07 - 2013-08-22 16:46 - 00023110 _____ C:\Windows\setupact.log
2015-08-26 00:07 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-26 00:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-25 23:57 - 2015-06-15 14:03 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-25 20:57 - 2015-06-05 19:59 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-25 19:51 - 2014-11-21 06:54 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-25 19:51 - 2014-11-21 06:10 - 00739924 _____ C:\Windows\system32\perfh005.dat
2015-08-25 19:51 - 2014-11-21 06:10 - 00151610 _____ C:\Windows\system32\perfc005.dat
2015-08-25 16:59 - 2015-07-24 21:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-23 16:30 - 2015-06-12 13:08 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-22 18:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-22 18:14 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-21 19:36 - 2015-06-04 20:53 - 00000000 ____D C:\Users\Jaruna
2015-08-20 22:03 - 2015-06-04 20:53 - 00000000 ____D C:\Users\Jaruna\AppData\Local\Packages
2015-08-19 12:52 - 2015-06-12 13:08 - 00003834 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434107314
2015-08-19 12:52 - 2015-06-12 13:08 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-15 12:13 - 2015-07-25 13:10 - 00011490 _____ C:\Windows\system32\ScanResults.xml
2015-08-15 12:09 - 2015-07-24 20:59 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-08-12 16:51 - 2013-08-22 16:44 - 00482280 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 13:15 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 13:15 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 13:15 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 13:15 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 13:15 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-12 13:09 - 2014-11-21 14:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 10:57 - 2015-06-15 14:03 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 10:50 - 2015-06-20 08:13 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 10:43 - 2015-06-20 08:13 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 10:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 10:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 12:22 - 2015-07-24 21:00 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-10 12:22 - 2015-07-24 21:00 - 00001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-08 15:55 - 2014-11-21 14:33 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2014-11-21 14:33 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-05 20:04 - 2015-06-04 21:42 - 00000000 ____D C:\Windows\Panther
2015-08-05 19:57 - 2015-07-10 18:24 - 00000000 ___HD C:\$Windows.~BT
2015-08-05 19:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-04 12:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppCompat
2015-08-01 13:57 - 2015-06-04 20:53 - 00000000 ____D C:\Users\Jaruna\AppData\Local\VirtualStore
2015-08-01 13:40 - 2013-08-22 17:36 - 00000000 __RSD C:\Windows\Media
2015-08-01 13:38 - 2015-06-15 14:03 - 00000000 ____D C:\Users\Jaruna\AppData\Local\Adobe
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sr-Latn-RS
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-31 12:01 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-30 16:39 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-29 16:37 - 2015-06-04 21:43 - 00000000 ____D C:\KMPlayer
==================== Files in the root of some directories =======
2015-06-05 19:21 - 2015-06-05 20:03 - 0000905 _____ () C:\Users\Jaruna\AppData\Roaming\svchost.exe.tmp
2015-06-04 21:21 - 2015-06-04 21:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Jaruna\AppData\Local\Temp\KMPAddedCode_KMP_adpageopen_Step1.exe
C:\Users\Jaruna\AppData\Local\Temp\KMP_3.9.1.136.exe
C:\Users\Jaruna\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Jaruna\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Jaruna\AppData\Local\Temp\sqlite3.dll
C:\Users\Jaruna\AppData\Local\Temp\Uninstall.exe
C:\Users\Jaruna\AppData\Local\Temp\{076ABA6B-9FDB-4009-BF17-972C4A1CB786}.dll
C:\Users\Jaruna\AppData\Local\Temp\{19E0BD80-60EA-4437-AEC1-CC583CDE92EB}.dll
C:\Users\Jaruna\AppData\Local\Temp\{2082595E-903D-4C55-A1E2-94F5669E7131}.dll
C:\Users\Jaruna\AppData\Local\Temp\{20A324CF-151A-457F-8868-3B5281F4ED31}.dll
C:\Users\Jaruna\AppData\Local\Temp\{2B8E9ED3-731B-4146-A65F-8551A065C0EE}.dll
C:\Users\Jaruna\AppData\Local\Temp\{34B853D4-547D-4FF2-A9D1-BF9093290A5F}.dll
C:\Users\Jaruna\AppData\Local\Temp\{42C4B420-D320-458C-B45F-505B25852B59}.dll
C:\Users\Jaruna\AppData\Local\Temp\{49D0C982-3C11-45CC-A6E8-95F0ACFB9D7D}.dll
C:\Users\Jaruna\AppData\Local\Temp\{4D49E6A5-3483-4069-AC85-9D066AF8A740}.dll
C:\Users\Jaruna\AppData\Local\Temp\{5164E605-42CA-4719-9341-E28A78E01DAC}.dll
C:\Users\Jaruna\AppData\Local\Temp\{584E6583-FD2B-4D95-9281-E8B190DCA926}.dll
C:\Users\Jaruna\AppData\Local\Temp\{59290F75-EC3D-4D02-AD6E-92B9605FA4D3}.dll
C:\Users\Jaruna\AppData\Local\Temp\{61D6B1BC-9F5F-490E-87C1-AB2D51AB8520}.dll
C:\Users\Jaruna\AppData\Local\Temp\{6DB7CEF8-2CD3-464F-AD26-38C3E2CA815E}.dll
C:\Users\Jaruna\AppData\Local\Temp\{703F83E3-86A2-425E-87C1-F0662829656F}.dll
C:\Users\Jaruna\AppData\Local\Temp\{707A4F7B-8C72-4CB6-B57F-F8DD54E88866}.dll
C:\Users\Jaruna\AppData\Local\Temp\{7173129E-D4E8-4ACC-A3D9-852DFDA6E7B5}.dll
C:\Users\Jaruna\AppData\Local\Temp\{741BB573-92B5-423F-B428-31A4D6D23CE9}.dll
C:\Users\Jaruna\AppData\Local\Temp\{77835078-EB9D-4AAA-9579-D976AC7FEA3C}.dll
C:\Users\Jaruna\AppData\Local\Temp\{814D7ED5-5D73-44F3-B08C-B3DEE65ED2DF}.dll
C:\Users\Jaruna\AppData\Local\Temp\{825FEE8C-CE35-4BE0-A1E9-4032BE14D764}.dll
C:\Users\Jaruna\AppData\Local\Temp\{868A429D-0165-4E7B-A0BA-A747E36C9330}.dll
C:\Users\Jaruna\AppData\Local\Temp\{871D5493-9CF0-4010-8DA9-3AEE29261983}.dll
C:\Users\Jaruna\AppData\Local\Temp\{8DE17442-E33B-4E65-8321-1EEC1C38D8F1}.dll
C:\Users\Jaruna\AppData\Local\Temp\{91AAA9DB-7279-4C1C-9D23-F856B6C3D95D}.dll
C:\Users\Jaruna\AppData\Local\Temp\{91E1E86A-2E49-404F-8B35-51350ECFB8F4}.dll
C:\Users\Jaruna\AppData\Local\Temp\{94089750-9E73-4717-9D8A-A4F013C70809}.dll
C:\Users\Jaruna\AppData\Local\Temp\{A1FAB697-1F9A-4121-81AB-521C8F1CC387}.dll
C:\Users\Jaruna\AppData\Local\Temp\{A3A75AE1-2236-4B78-9786-888C68BA3E44}.dll
C:\Users\Jaruna\AppData\Local\Temp\{A3BEA125-F3D8-43F5-B6E1-FD6D03F63390}.dll
C:\Users\Jaruna\AppData\Local\Temp\{A4DE8DCE-4D94-4FE7-BD6A-AE531B264811}.dll
C:\Users\Jaruna\AppData\Local\Temp\{A52C7991-67C5-48B1-AACB-57AD0591AC7E}.dll
C:\Users\Jaruna\AppData\Local\Temp\{AA59F9B2-1B6C-4D52-91DF-0D88D34CD488}.dll
C:\Users\Jaruna\AppData\Local\Temp\{B9264ECF-FAA0-4D5D-A383-10EEAA0FC781}.dll
C:\Users\Jaruna\AppData\Local\Temp\{BCBCD544-2897-484E-BF31-B4838CA0E72E}.dll
C:\Users\Jaruna\AppData\Local\Temp\{BE3262E9-05EC-49E7-96B5-607B52B67CEF}.dll
C:\Users\Jaruna\AppData\Local\Temp\{C251F9F7-5635-4CE7-8000-7121F5D615A5}.dll
C:\Users\Jaruna\AppData\Local\Temp\{C724692D-83AE-488A-8FED-DF6A0226CF43}.dll
C:\Users\Jaruna\AppData\Local\Temp\{CD8A8201-CD67-4994-8FF3-E374BCBBB817}.dll
C:\Users\Jaruna\AppData\Local\Temp\{CF45F060-E386-4A10-A75D-C108B8CEDA16}.dll
C:\Users\Jaruna\AppData\Local\Temp\{D17D58C7-34EF-45BF-9919-A14E093D77FF}.dll
C:\Users\Jaruna\AppData\Local\Temp\{D3958D0B-AE64-4E3F-99D7-D6DDA44DCC75}.dll
C:\Users\Jaruna\AppData\Local\Temp\{D48BD4C6-77E8-4C45-9D8A-940CD86E2A81}.dll
C:\Users\Jaruna\AppData\Local\Temp\{D611AEFC-4E45-43D7-8517-02D91287432D}.dll
C:\Users\Jaruna\AppData\Local\Temp\{D8B55DE8-C35C-4496-B6A3-70646FF3552C}.dll
C:\Users\Jaruna\AppData\Local\Temp\{DB88C190-DBA6-4586-A6E9-F22B850E559B}.dll
C:\Users\Jaruna\AppData\Local\Temp\{DEDD27CF-B749-42FD-8213-0A58DA0123F2}.dll
C:\Users\Jaruna\AppData\Local\Temp\{E85A70EE-C7D0-4367-ACEA-61C601C06C42}.dll
C:\Users\Jaruna\AppData\Local\Temp\{E8D98AEC-36A3-4484-8A94-1D3A27940320}.dll
C:\Users\Jaruna\AppData\Local\Temp\{EAF73FAD-D402-4D85-A623-9F3076CE5201}.dll
C:\Users\Jaruna\AppData\Local\Temp\{EDB3432A-5F7E-478E-95A8-2D7EFCA21C09}.dll
C:\Users\Jaruna\AppData\Local\Temp\{F11E17CE-1B44-45D7-BE79-59A6A64E269F}.dll
C:\Users\Jaruna\AppData\Local\Temp\{F1EE2E9D-6890-4F11-940C-610B36ABA6BD}.dll
C:\Users\Jaruna\AppData\Local\Temp\{F6DAE64D-102C-4E32-8D79-7DDAC3C20589}.dll
C:\Users\Jaruna\AppData\Local\Temp\{F94C4CCA-7252-428F-896B-598B602E18DD}.dll
C:\Users\Jaruna\AppData\Local\Temp\{FA787E4E-4ED2-49F5-B4E4-A21CBFA004E2}.dll
C:\Users\Jaruna\AppData\Local\Temp\{FC48C090-8DC4-46EB-B4F5-AC847A692164}.dll
C:\Users\Jaruna\AppData\Local\Temp\{FDE0EFC6-9115-4110-A263-0682C174F248}.dll
C:\Users\Jaruna\AppData\Local\Temp\{FE105680-9435-4C84-A5B2-489D6C29642A}.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-17 12:06
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:97.66 GB) (Free:29.5 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:368.1 GB) (Free:367.5 GB) NTFS
Available physical RAM: 2916.53 MB
Total physical RAM: 3982.48 MB
Percentage of memory in use: 26%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FD490E17)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Jaruna.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jaruna\Desktop" je 41 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Jaruna (administrator) on JARUNA-NTB (26-08-2015 00:16:26)
Running from C:\Users\Jaruna\Desktop
Loaded Profiles: Jaruna (Available Profiles: Jaruna)
Platform: Windows 8.1 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(forum.viry.cz) C:\Users\Jaruna\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-05] (Avast Software s.r.o.)
HKLM-x32\...\Run: [CheckNDISPortF0ac74] => C:\Program Files (x86)\4G Hostless Modem\4G Hostless Modem\CheckNDISPort_df.exe [418048 2013-06-04] ()
HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\4G Hostless Modem\4G Hostless Modem\CancelAutoPlay_df.exe [446720 2013-06-04] ()
IFEO\SppExtComObj.exe: [Debugger] C:\Windows\SECOH-QAD.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-06-05] (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/?clid=22668
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-725886734-121766909-2824906017-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-725886734-121766909-2824906017-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-725886734-121766909-2824906017-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> {1B1B93D8-6020-49A2-AD54-9EF92BA01CC1} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=11443
SearchScopes: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> {7A8B0A4C-C4B9-4E68-8095-90F8D4CCE1B6} URL = hxxp://search.findwide.com/serp?guid={1B39404E-5823-4E78-98A4-E6D6FE95E0FD}&action=default_search&k={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-06-05] (Avast Software s.r.o.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-05] (Avast Software s.r.o.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> No Name - {00011268-E188-40DF-A514-835FCD78B1BF} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.10
Tcpip\..\Interfaces\{790C18C5-ECC6-4593-A14A-13B3F401F6C2}: [DhcpNameServer] 192.168.2.10
Tcpip\..\Interfaces\{E8339AD5-7F04-4571-9E3C-CBE87839B64E}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default
FF NewTab:
FF DefaultSearchEngine: Yahoo:
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo:
FF Homepage: hxxp://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-01-21] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\google-avast.xml [2015-07-24]
FF SearchPlugin: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\seznam-avast.xml [2015-06-22]
FF SearchPlugin: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\yahoo-1.xml [2015-08-25]
FF SearchPlugin: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\yahoo-2.xml [2015-08-25]
FF SearchPlugin: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\searchplugins\yahoo-avast.xml [2015-08-10]
FF Extension: Record Page - C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi [2015-08-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-05]
Chrome:
=======
CHR Profile: C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-18]
CHR Extension: (Google Docs) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-18]
CHR Extension: (Google Drive) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-18]
CHR Extension: (YouTube) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-18]
CHR Extension: (Google Search) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-18]
CHR Extension: (Avast SafePrice) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-06-18]
CHR Extension: (Google Sheets) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-18]
CHR Extension: (Avast Online Security) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-18]
CHR Extension: (Record Page) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgfhaaeheijfpmonfiigkpljdigboana [2015-06-20]
CHR Extension: (Google Wallet) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-18]
CHR Extension: (Gmail) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-18]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-06-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-05]
Opera:
=======
OPR Extension: (Record Page) - C:\Users\Jaruna\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgfhaaeheijfpmonfiigkpljdigboana [2015-06-12]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-05] (Avast Software s.r.o.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-06-04] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319080 2015-06-04] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-06-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-06-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-06-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-06-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-06-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-29] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-06-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-06-05] ()
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-06-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2015-06-04] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-06-04] (REALiX(tm))
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2015-06-04] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2015-06-04] (Intel Corporation)
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-26 00:16 - 2015-08-26 00:17 - 00013759 _____ C:\Users\Jaruna\Desktop\FRST.txt
2015-08-26 00:15 - 2015-08-26 00:16 - 00000000 ____D C:\FRST
2015-08-26 00:13 - 2015-08-26 00:13 - 00112640 _____ (forum.viry.cz) C:\Users\Jaruna\Desktop\FRSTLauncher.exe
2015-08-26 00:12 - 2015-08-26 00:12 - 02186752 _____ (Farbar) C:\Users\Jaruna\Desktop\FRST64.exe
2015-08-26 00:04 - 2015-08-26 00:06 - 00000000 ____D C:\AdwCleaner
2015-08-26 00:03 - 2015-08-26 00:03 - 01605632 _____ C:\Users\Jaruna\Desktop\adwcleaner_5.003.exe
2015-08-25 19:44 - 2015-08-25 21:01 - 00000000 ____D C:\Program Files\trend micro
2015-08-25 19:44 - 2015-08-25 19:45 - 00000000 ____D C:\rsit
2015-08-25 17:29 - 2015-08-25 17:29 - 00002901 _____ C:\Users\Jaruna\Downloads\certifikat_klienta (1).pfx
2015-08-25 17:06 - 2015-08-25 17:06 - 00021504 ___SH C:\Users\Jaruna\Documents\Thumbs.db
2015-08-25 16:57 - 2015-06-22 13:20 - 00001931 _____ C:\Users\Jaruna\Documents\McAfee Security Scan Plus.lnk
2015-08-25 16:57 - 2015-04-13 13:11 - 00001299 _____ C:\Users\Jaruna\Documents\Ashampoo Burning Studio 15.lnk
2015-08-25 16:57 - 2015-04-13 13:11 - 00000214 _____ C:\Users\Jaruna\Documents\Your Software Deals.url
2015-08-25 16:57 - 2015-02-07 12:19 - 00002019 _____ C:\Users\Jaruna\Documents\Adobe Reader XI.lnk
2015-08-25 16:57 - 2014-12-16 16:19 - 00558592 _____ C:\Users\Jaruna\Documents\Vanoce.pps
2015-08-25 16:57 - 2014-08-26 11:07 - 00001167 _____ C:\Users\Jaruna\Documents\BS.Player PRO.lnk
2015-08-25 16:57 - 2014-04-23 17:20 - 00001129 _____ C:\Users\Jaruna\Documents\Opera.lnk
2015-08-25 16:57 - 2014-01-15 12:08 - 07379811 _____ C:\Users\Jaruna\Documents\HS-Tennis.wmv
2015-08-25 16:57 - 2013-10-08 19:22 - 00001391 _____ C:\Users\Jaruna\Documents\Be-on-road Wizard Android.lnk
2015-08-25 16:57 - 2012-12-12 19:09 - 00005457 _____ C:\Users\Jaruna\Documents\ax_files.xml
2015-08-25 16:57 - 2012-11-29 17:56 - 00001957 _____ C:\Users\Jaruna\Documents\MetaTrader FLOAT.lnk
2015-08-25 16:57 - 2012-06-07 09:44 - 00000989 _____ C:\Users\Jaruna\Documents\Winamp.lnk
2015-08-25 16:52 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\Youcam
2015-08-25 16:52 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\Vyúčtování vody
2015-08-25 16:52 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\Účetnictví BoTe
2015-08-25 16:52 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\Teta Ola
2015-08-25 16:52 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\Televize
2015-08-25 16:52 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\SVJ Brechtova 3
2015-08-25 16:52 - 2015-02-09 14:47 - 03249480 _____ (Unity Technologies ApS) C:\Users\Jaruna\Documents\UnityWebPlayer.exe
2015-08-25 16:52 - 2014-04-23 17:20 - 33675696 _____ (Opera Software ASA) C:\Users\Jaruna\Documents\Opera_1700_int_Setup.exe
2015-08-25 16:52 - 2014-04-23 17:20 - 31213568 _____ (Microsoft Corporation) C:\Users\Jaruna\Documents\IE10-Setup-Seven32.exe
2015-08-25 16:52 - 2014-04-23 17:19 - 24901448 _____ (Mozilla) C:\Users\Jaruna\Documents\seznam-firefox-win32-cs-26.0.0.exe
2015-08-25 16:52 - 2014-03-10 16:24 - 00023271 _____ C:\Users\Jaruna\Documents\SPZ-pojišťovna.htm
2015-08-25 16:52 - 2013-05-18 12:20 - 1293549568 _____ C:\Users\Jaruna\Documents\mydiscimage.iso
2015-08-25 16:52 - 2010-01-01 03:23 - 02713488 _____ (Martin Malík - REALiX ) C:\Users\Jaruna\Documents\hw64_462.exe
2015-08-25 16:52 - 2002-01-03 14:21 - 00568847 _____ (Macromedia, Inc.) C:\Users\Jaruna\Documents\BOWLING.EXE
2015-08-25 16:48 - 2015-08-25 16:48 - 00000000 ____D C:\Users\Jaruna\Downloads\AshampooBurningStudio_2013
2015-08-25 16:48 - 2015-08-25 16:48 - 00000000 ____D C:\Users\Jaruna\Documents\SmartDraw
2015-08-25 16:48 - 2015-08-25 16:48 - 00000000 ____D C:\Users\Jaruna\Documents\Rod Tenorů
2015-08-25 16:48 - 2015-08-25 16:48 - 00000000 ____D C:\Users\Jaruna\Documents\Readon Player
2015-08-25 16:48 - 2015-08-25 16:48 - 00000000 ____D C:\Users\Jaruna\Documents\RACE
2015-08-25 16:48 - 2013-05-16 10:53 - 00001089 _____ C:\Users\Jaruna\Desktop\Dokumenty Jaruna.lnk
2015-08-25 16:47 - 2015-08-25 16:48 - 00000000 ____D C:\Users\Jaruna\Documents\OpenTTD
2015-08-25 16:47 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Documents\NHL09
2015-08-25 16:47 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Documents\marki
2015-08-25 16:47 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Documents\Libor
2015-08-25 16:47 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Documents\Knihy
2015-08-25 16:47 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Documents\Jaruna
2015-08-25 16:45 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Downloads\Ashampoo Burning Studio 11.0.2 Final
2015-08-25 16:43 - 2015-08-25 16:47 - 00000000 ____D C:\Users\Jaruna\Documents\fleska
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\flek!
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Euro Truck Simulator 2
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\eliška
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\DVDVideoSoft
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\default
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\DCIM
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Datová schránka
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Daň z nemovitosti
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\čištění
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Certifikát
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\BoTe s.r.o pošta
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Bluetooth Folder
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Blbinky
2015-08-25 16:43 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\Bankrot
2015-08-25 16:42 - 2015-08-25 16:43 - 00000000 ____D C:\Users\Jaruna\Documents\50 Majka
2015-08-25 16:35 - 2015-08-25 16:35 - 00000000 ____D C:\Users\Jaruna\AppData\Local\GHISLER
2015-08-24 17:58 - 2015-08-25 17:15 - 00002901 _____ C:\Users\Jaruna\Downloads\certifikat_klienta.pfx
2015-08-24 17:37 - 2015-08-24 17:37 - 00842328 _____ (Generic ) C:\Users\Jaruna\Downloads\adobe_flash_player.exe
2015-08-22 18:14 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-22 18:14 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-22 07:54 - 2015-08-25 16:52 - 00000000 ____D C:\Users\Jaruna\Documents\Stavby
2015-08-20 11:48 - 2015-08-25 17:52 - 00000000 ____D C:\ProgramData\CanonIJPLM
2015-08-19 17:50 - 2015-08-23 16:49 - 00012102 _____ C:\Users\Jaruna\Documents\Seznam turistických známek.xlsx
2015-08-19 17:50 - 2015-08-19 17:50 - 00000000 ____D C:\Users\Jaruna\Documents\Vlastní šablony Office
2015-08-14 13:09 - 2015-08-15 12:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-13 17:26 - 2015-08-13 17:26 - 00000000 ___HD C:\Program Files\CanonBJ
2015-08-13 17:26 - 2015-08-13 17:26 - 00000000 ____D C:\Windows\system32\STRING
2015-08-13 17:26 - 2010-02-05 03:37 - 00340992 _____ (CANON INC.) C:\Windows\SysWOW64\CNMNPPM.DLL
2015-08-13 17:26 - 2010-02-05 03:37 - 00327680 _____ (CANON INC.) C:\Windows\system32\CNMN6PPM.DLL
2015-08-13 17:26 - 2010-02-05 03:37 - 00037376 _____ (CANON INC.) C:\Windows\system32\CNMN6UI.DLL
2015-08-13 17:25 - 2015-08-13 17:26 - 00000000 ____D C:\Program Files (x86)\Canon
2015-08-13 17:02 - 2015-08-13 17:19 - 00000000 ____D C:\Users\Jaruna\Documents\Exekuce
2015-08-12 10:50 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:50 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 10:49 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 10:49 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 10:49 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 10:49 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 10:49 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 10:49 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 10:49 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 10:49 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 10:49 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 10:49 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 10:49 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 10:49 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 10:49 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 10:48 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 10:48 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 10:48 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 10:48 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 10:48 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 10:48 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 10:48 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-12 10:48 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 10:48 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 10:48 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 10:48 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 10:48 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 10:48 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 10:48 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-12 10:48 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 10:48 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 10:48 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 10:48 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-12 10:48 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 10:48 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 10:48 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 10:48 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 10:48 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 10:48 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 10:48 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-12 10:48 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 10:48 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 10:48 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 10:48 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 10:44 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 10:44 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 10:44 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 10:44 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 10:44 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 10:44 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 10:44 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 10:43 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 10:43 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-12 10:43 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 10:42 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 10:42 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 10:42 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 10:42 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 10:42 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 10:42 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 10:42 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 10:42 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 10:42 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 10:42 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 10:42 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 10:37 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-12 10:37 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-12 10:37 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-12 10:37 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 10:37 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 10:37 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 10:37 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 10:37 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 10:37 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 10:37 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 10:37 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 10:37 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 10:37 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-12 10:37 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 10:37 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 10:36 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 10:36 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 10:36 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 10:36 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 10:36 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 10:36 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 10:36 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 10:36 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 10:36 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 10:36 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 10:36 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 10:36 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-10 17:55 - 2015-08-19 17:52 - 00000000 ____D C:\Users\Jaruna\Documents\Účetnictví
2015-08-05 19:28 - 2015-08-19 17:52 - 00000000 ____D C:\Users\Jaruna\Documents\Voda, pojištění
2015-08-05 19:23 - 2015-08-10 17:41 - 00057344 ___SH C:\Users\Jaruna\Desktop\Thumbs.db
2015-08-01 13:53 - 2015-08-01 13:53 - 00000000 ____D C:\Users\Jaruna\AppData\Local\GWX
2015-08-01 13:53 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-08-01 13:42 - 2015-08-01 13:42 - 00000000 ___HD C:\Windows\system32\CanonIJ Uninstaller Information
2015-08-01 13:42 - 2015-08-01 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5200 series
2015-08-01 13:41 - 2015-08-01 13:41 - 00000000 ___HD C:\ProgramData\CanonBJ
2015-08-01 13:41 - 2010-08-25 05:00 - 00361472 _____ (CANON INC.) C:\Windows\system32\CNMLMAE.DLL
2015-08-01 13:40 - 2010-03-18 19:26 - 00348672 _____ (CANON INC.) C:\Windows\system32\CNC5200L.dll
2015-08-01 13:40 - 2010-03-18 19:25 - 00307200 _____ (CANON INC.) C:\Windows\SysWOW64\CNC5200L.dll
2015-08-01 13:40 - 2010-03-18 17:13 - 01354240 _____ (CANON INC.) C:\Windows\system32\CNC5200C.dll
2015-08-01 13:40 - 2010-03-18 17:13 - 00112128 _____ (CANON INC.) C:\Windows\system32\CNC5200I.dll
2015-08-01 13:40 - 2010-03-18 17:11 - 00106496 _____ (CANON INC.) C:\Windows\SysWOW64\CNC5200U.dll
2015-08-01 13:40 - 2009-11-27 14:29 - 00013056 _____ C:\Windows\SysWOW64\CNC1749D.TBL
2015-08-01 13:40 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2015-08-01 13:40 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2015-08-01 13:38 - 2015-08-01 13:38 - 00000000 ____D C:\Users\Jaruna\AppData\Local\CEF
2015-07-30 16:39 - 2015-07-30 17:53 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-30 16:39 - 2015-07-30 16:39 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-30 16:26 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-30 16:26 - 2015-02-03 01:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-07-30 16:26 - 2015-02-03 01:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-07-30 16:26 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-07-30 16:26 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-07-30 16:26 - 2014-11-10 04:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-07-30 16:26 - 2014-11-10 03:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-07-30 16:25 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-30 16:25 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-30 16:25 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-30 16:25 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-30 16:24 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-07-30 16:24 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-07-30 16:24 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-07-30 16:24 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-07-30 16:24 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-07-30 16:24 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-07-30 16:24 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-07-30 16:24 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-07-30 16:24 - 2014-10-31 01:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-30 16:24 - 2014-10-31 01:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-30 16:24 - 2014-10-31 00:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-07-30 16:24 - 2014-10-31 00:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-30 10:47 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-07-30 10:47 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-07-30 10:46 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-30 10:46 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-30 10:46 - 2015-05-11 20:17 - 01201664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-07-30 10:46 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-30 10:46 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-30 10:46 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-30 10:46 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-30 10:46 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-30 10:46 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-30 10:46 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-30 10:46 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023x.sys
2015-07-30 10:46 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-30 10:46 - 2015-04-23 19:01 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rndismpx.sys
2015-07-30 10:46 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-30 10:46 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-30 10:46 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-07-30 10:46 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-07-30 10:46 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-07-30 10:46 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-07-30 10:46 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-07-30 10:46 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-07-30 10:46 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-07-30 10:46 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-07-30 10:46 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-07-30 10:46 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-07-30 10:46 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-07-30 10:46 - 2015-01-30 05:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-07-30 10:46 - 2015-01-30 05:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-07-30 10:46 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-07-30 10:46 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-07-30 10:46 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-30 10:46 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-30 10:46 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-30 10:46 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-30 10:46 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-30 10:46 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-30 10:45 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-30 10:45 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-30 10:45 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-30 10:45 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-30 10:45 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-07-30 10:45 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-07-30 10:45 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-07-30 10:45 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-07-30 10:45 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-07-30 10:45 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-07-30 10:44 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-07-30 10:44 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-07-30 10:44 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-07-30 10:44 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-07-30 10:44 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-07-30 10:44 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-07-30 10:44 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-07-30 10:43 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-07-30 10:43 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-07-30 10:43 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-07-30 10:43 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-07-30 10:43 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-07-30 10:43 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-07-30 10:43 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-30 10:43 - 2014-12-19 10:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-07-30 10:43 - 2014-12-19 10:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-07-30 10:41 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-07-30 10:41 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-07-30 10:35 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-07-30 10:33 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-30 10:33 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-30 10:33 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-30 10:33 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-07-30 10:33 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-07-30 10:33 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-07-30 10:33 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-07-30 10:33 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-07-30 10:33 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-07-30 10:33 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-07-30 10:33 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-07-30 10:33 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-07-30 10:33 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-07-30 10:33 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-07-30 10:33 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-07-30 10:33 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-07-30 10:33 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-07-30 10:33 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-07-30 10:33 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-07-30 10:33 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-07-30 10:33 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-07-30 10:33 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-07-30 10:33 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-07-30 10:33 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-07-30 10:33 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-07-30 10:33 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-07-30 10:33 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-07-30 10:33 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-07-30 10:32 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-30 10:32 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-30 10:32 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-30 10:32 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-30 10:32 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-30 10:32 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-30 10:32 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-30 10:32 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-30 10:32 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-30 10:32 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-30 10:32 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-30 10:32 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-30 10:32 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-30 10:32 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-30 10:32 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-30 10:32 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-30 10:32 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-30 10:32 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-30 10:32 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-30 10:32 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-30 10:32 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-07-30 10:32 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-30 10:32 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-07-30 10:32 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-07-30 10:32 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-07-30 10:32 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-07-29 16:51 - 2015-08-12 13:09 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-29 15:40 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-29 15:40 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-28 10:49 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-28 10:49 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-28 10:49 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-28 10:49 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-28 10:49 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-28 10:49 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-28 10:49 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-28 10:49 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-28 10:49 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-28 10:49 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-28 10:49 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-28 10:49 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-28 10:49 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-28 10:49 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-28 10:49 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-28 10:49 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-28 10:49 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-28 10:49 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-28 10:49 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-28 10:49 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-28 10:49 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-28 10:49 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-28 10:49 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-28 10:49 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-28 10:49 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-07-28 10:49 - 2014-12-12 04:04 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-28 10:49 - 2014-12-09 05:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-07-28 10:49 - 2014-12-09 03:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-07-28 10:47 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-28 10:47 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-28 10:47 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-28 10:47 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-28 10:47 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-08-26 00:12 - 2015-06-04 20:58 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-725886734-121766909-2824906017-1001
2015-08-26 00:09 - 2015-06-04 20:53 - 01936597 _____ C:\Windows\WindowsUpdate.log
2015-08-26 00:07 - 2014-11-20 21:43 - 00021086 _____ C:\Windows\PFRO.log
2015-08-26 00:07 - 2013-08-22 16:46 - 00023110 _____ C:\Windows\setupact.log
2015-08-26 00:07 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-26 00:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-25 23:57 - 2015-06-15 14:03 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-25 20:57 - 2015-06-05 19:59 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-25 19:51 - 2014-11-21 06:54 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-25 19:51 - 2014-11-21 06:10 - 00739924 _____ C:\Windows\system32\perfh005.dat
2015-08-25 19:51 - 2014-11-21 06:10 - 00151610 _____ C:\Windows\system32\perfc005.dat
2015-08-25 16:59 - 2015-07-24 21:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-23 16:30 - 2015-06-12 13:08 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-22 18:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-22 18:14 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-21 19:36 - 2015-06-04 20:53 - 00000000 ____D C:\Users\Jaruna
2015-08-20 22:03 - 2015-06-04 20:53 - 00000000 ____D C:\Users\Jaruna\AppData\Local\Packages
2015-08-19 12:52 - 2015-06-12 13:08 - 00003834 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434107314
2015-08-19 12:52 - 2015-06-12 13:08 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-15 12:13 - 2015-07-25 13:10 - 00011490 _____ C:\Windows\system32\ScanResults.xml
2015-08-15 12:09 - 2015-07-24 20:59 - 00000464 _____ C:\Windows\system32\ScannerSettings
2015-08-12 16:51 - 2013-08-22 16:44 - 00482280 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 13:15 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 13:15 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 13:15 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 13:15 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 13:15 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-12 13:09 - 2014-11-21 14:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 10:57 - 2015-06-15 14:03 - 00003802 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 10:50 - 2015-06-20 08:13 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 10:43 - 2015-06-20 08:13 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 10:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 10:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-10 12:22 - 2015-07-24 21:00 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-10 12:22 - 2015-07-24 21:00 - 00001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-08 15:55 - 2014-11-21 14:33 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2014-11-21 14:33 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-05 20:04 - 2015-06-04 21:42 - 00000000 ____D C:\Windows\Panther
2015-08-05 19:57 - 2015-07-10 18:24 - 00000000 ___HD C:\$Windows.~BT
2015-08-05 19:30 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-04 12:26 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppCompat
2015-08-01 13:57 - 2015-06-04 20:53 - 00000000 ____D C:\Users\Jaruna\AppData\Local\VirtualStore
2015-08-01 13:40 - 2013-08-22 17:36 - 00000000 __RSD C:\Windows\Media
2015-08-01 13:38 - 2015-06-15 14:03 - 00000000 ____D C:\Users\Jaruna\AppData\Local\Adobe
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sr-Latn-RS
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sr-Latn-CS
2015-07-31 12:01 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-31 12:01 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-30 16:39 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-29 16:37 - 2015-06-04 21:43 - 00000000 ____D C:\KMPlayer
==================== Files in the root of some directories =======
2015-06-05 19:21 - 2015-06-05 20:03 - 0000905 _____ () C:\Users\Jaruna\AppData\Roaming\svchost.exe.tmp
2015-06-04 21:21 - 2015-06-04 21:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Jaruna\AppData\Local\Temp\KMPAddedCode_KMP_adpageopen_Step1.exe
C:\Users\Jaruna\AppData\Local\Temp\KMP_3.9.1.136.exe
C:\Users\Jaruna\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Jaruna\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Jaruna\AppData\Local\Temp\sqlite3.dll
C:\Users\Jaruna\AppData\Local\Temp\Uninstall.exe
C:\Users\Jaruna\AppData\Local\Temp\{076ABA6B-9FDB-4009-BF17-972C4A1CB786}.dll
C:\Users\Jaruna\AppData\Local\Temp\{19E0BD80-60EA-4437-AEC1-CC583CDE92EB}.dll
C:\Users\Jaruna\AppData\Local\Temp\{2082595E-903D-4C55-A1E2-94F5669E7131}.dll
C:\Users\Jaruna\AppData\Local\Temp\{20A324CF-151A-457F-8868-3B5281F4ED31}.dll
C:\Users\Jaruna\AppData\Local\Temp\{2B8E9ED3-731B-4146-A65F-8551A065C0EE}.dll
C:\Users\Jaruna\AppData\Local\Temp\{34B853D4-547D-4FF2-A9D1-BF9093290A5F}.dll
C:\Users\Jaruna\AppData\Local\Temp\{42C4B420-D320-458C-B45F-505B25852B59}.dll
C:\Users\Jaruna\AppData\Local\Temp\{49D0C982-3C11-45CC-A6E8-95F0ACFB9D7D}.dll
C:\Users\Jaruna\AppData\Local\Temp\{4D49E6A5-3483-4069-AC85-9D066AF8A740}.dll
C:\Users\Jaruna\AppData\Local\Temp\{5164E605-42CA-4719-9341-E28A78E01DAC}.dll
C:\Users\Jaruna\AppData\Local\Temp\{584E6583-FD2B-4D95-9281-E8B190DCA926}.dll
C:\Users\Jaruna\AppData\Local\Temp\{59290F75-EC3D-4D02-AD6E-92B9605FA4D3}.dll
C:\Users\Jaruna\AppData\Local\Temp\{61D6B1BC-9F5F-490E-87C1-AB2D51AB8520}.dll
C:\Users\Jaruna\AppData\Local\Temp\{6DB7CEF8-2CD3-464F-AD26-38C3E2CA815E}.dll
C:\Users\Jaruna\AppData\Local\Temp\{703F83E3-86A2-425E-87C1-F0662829656F}.dll
C:\Users\Jaruna\AppData\Local\Temp\{707A4F7B-8C72-4CB6-B57F-F8DD54E88866}.dll
C:\Users\Jaruna\AppData\Local\Temp\{7173129E-D4E8-4ACC-A3D9-852DFDA6E7B5}.dll
C:\Users\Jaruna\AppData\Local\Temp\{741BB573-92B5-423F-B428-31A4D6D23CE9}.dll
C:\Users\Jaruna\AppData\Local\Temp\{77835078-EB9D-4AAA-9579-D976AC7FEA3C}.dll
C:\Users\Jaruna\AppData\Local\Temp\{814D7ED5-5D73-44F3-B08C-B3DEE65ED2DF}.dll
C:\Users\Jaruna\AppData\Local\Temp\{825FEE8C-CE35-4BE0-A1E9-4032BE14D764}.dll
C:\Users\Jaruna\AppData\Local\Temp\{868A429D-0165-4E7B-A0BA-A747E36C9330}.dll
C:\Users\Jaruna\AppData\Local\Temp\{871D5493-9CF0-4010-8DA9-3AEE29261983}.dll
C:\Users\Jaruna\AppData\Local\Temp\{8DE17442-E33B-4E65-8321-1EEC1C38D8F1}.dll
C:\Users\Jaruna\AppData\Local\Temp\{91AAA9DB-7279-4C1C-9D23-F856B6C3D95D}.dll
C:\Users\Jaruna\AppData\Local\Temp\{91E1E86A-2E49-404F-8B35-51350ECFB8F4}.dll
C:\Users\Jaruna\AppData\Local\Temp\{94089750-9E73-4717-9D8A-A4F013C70809}.dll
C:\Users\Jaruna\AppData\Local\Temp\{A1FAB697-1F9A-4121-81AB-521C8F1CC387}.dll
C:\Users\Jaruna\AppData\Local\Temp\{A3A75AE1-2236-4B78-9786-888C68BA3E44}.dll
C:\Users\Jaruna\AppData\Local\Temp\{A3BEA125-F3D8-43F5-B6E1-FD6D03F63390}.dll
C:\Users\Jaruna\AppData\Local\Temp\{A4DE8DCE-4D94-4FE7-BD6A-AE531B264811}.dll
C:\Users\Jaruna\AppData\Local\Temp\{A52C7991-67C5-48B1-AACB-57AD0591AC7E}.dll
C:\Users\Jaruna\AppData\Local\Temp\{AA59F9B2-1B6C-4D52-91DF-0D88D34CD488}.dll
C:\Users\Jaruna\AppData\Local\Temp\{B9264ECF-FAA0-4D5D-A383-10EEAA0FC781}.dll
C:\Users\Jaruna\AppData\Local\Temp\{BCBCD544-2897-484E-BF31-B4838CA0E72E}.dll
C:\Users\Jaruna\AppData\Local\Temp\{BE3262E9-05EC-49E7-96B5-607B52B67CEF}.dll
C:\Users\Jaruna\AppData\Local\Temp\{C251F9F7-5635-4CE7-8000-7121F5D615A5}.dll
C:\Users\Jaruna\AppData\Local\Temp\{C724692D-83AE-488A-8FED-DF6A0226CF43}.dll
C:\Users\Jaruna\AppData\Local\Temp\{CD8A8201-CD67-4994-8FF3-E374BCBBB817}.dll
C:\Users\Jaruna\AppData\Local\Temp\{CF45F060-E386-4A10-A75D-C108B8CEDA16}.dll
C:\Users\Jaruna\AppData\Local\Temp\{D17D58C7-34EF-45BF-9919-A14E093D77FF}.dll
C:\Users\Jaruna\AppData\Local\Temp\{D3958D0B-AE64-4E3F-99D7-D6DDA44DCC75}.dll
C:\Users\Jaruna\AppData\Local\Temp\{D48BD4C6-77E8-4C45-9D8A-940CD86E2A81}.dll
C:\Users\Jaruna\AppData\Local\Temp\{D611AEFC-4E45-43D7-8517-02D91287432D}.dll
C:\Users\Jaruna\AppData\Local\Temp\{D8B55DE8-C35C-4496-B6A3-70646FF3552C}.dll
C:\Users\Jaruna\AppData\Local\Temp\{DB88C190-DBA6-4586-A6E9-F22B850E559B}.dll
C:\Users\Jaruna\AppData\Local\Temp\{DEDD27CF-B749-42FD-8213-0A58DA0123F2}.dll
C:\Users\Jaruna\AppData\Local\Temp\{E85A70EE-C7D0-4367-ACEA-61C601C06C42}.dll
C:\Users\Jaruna\AppData\Local\Temp\{E8D98AEC-36A3-4484-8A94-1D3A27940320}.dll
C:\Users\Jaruna\AppData\Local\Temp\{EAF73FAD-D402-4D85-A623-9F3076CE5201}.dll
C:\Users\Jaruna\AppData\Local\Temp\{EDB3432A-5F7E-478E-95A8-2D7EFCA21C09}.dll
C:\Users\Jaruna\AppData\Local\Temp\{F11E17CE-1B44-45D7-BE79-59A6A64E269F}.dll
C:\Users\Jaruna\AppData\Local\Temp\{F1EE2E9D-6890-4F11-940C-610B36ABA6BD}.dll
C:\Users\Jaruna\AppData\Local\Temp\{F6DAE64D-102C-4E32-8D79-7DDAC3C20589}.dll
C:\Users\Jaruna\AppData\Local\Temp\{F94C4CCA-7252-428F-896B-598B602E18DD}.dll
C:\Users\Jaruna\AppData\Local\Temp\{FA787E4E-4ED2-49F5-B4E4-A21CBFA004E2}.dll
C:\Users\Jaruna\AppData\Local\Temp\{FC48C090-8DC4-46EB-B4F5-AC847A692164}.dll
C:\Users\Jaruna\AppData\Local\Temp\{FDE0EFC6-9115-4110-A263-0682C174F248}.dll
C:\Users\Jaruna\AppData\Local\Temp\{FE105680-9435-4C84-A5B2-489D6C29642A}.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-17 12:06
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:97.66 GB) (Free:29.5 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:368.1 GB) (Free:367.5 GB) NTFS
Available physical RAM: 2916.53 MB
Total physical RAM: 3982.48 MB
Percentage of memory in use: 26%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FD490E17)
Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Jaruna.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Jaruna\Desktop" je 41 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (6.62 KiB) Staženo 92 x
Re: Prosím o kontrolu, vyskakují stále reklamy
- Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
- ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
- znovu spustte FRST a kliknete na Fix
- po restartu bude na plose ulozen fixlog, jehoz obsah mi vlozte do pristi odpovedi
Kód: Vybrat vše
Start CloseProcesses: File: C:\Users\Jaruna\AppData\Roaming\svchost.exe.tmp File: C:\Windows\SECOH-QAD.exe File: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi IFEO\SppExtComObj.exe: [Debugger] C:\Windows\SECOH-QAD.exe GroupPolicy: Group Policy on Chrome detected <======= ATTENTION HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = SearchScopes: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> {7A8B0A4C-C4B9-4E68-8095-90F8D4CCE1B6} URL = hxxp://search.findwide.com/serp?guid={1B39404E-5823-4E78-98A4-E6D6FE95E0FD}&action=default_search&k={searchTerms} FF DefaultSearchEngine: Yahoo: FF SearchEngineOrder.1: Yahoo! (Avast) FF SelectedSearchEngine: Yahoo: FF Extension: Record Page - C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi [2015-08-25] CHR Extension: (Record Page) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgfhaaeheijfpmonfiigkpljdigboana [2015-06-20] OPR Extension: (Record Page) - C:\Users\Jaruna\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgfhaaeheijfpmonfiigkpljdigboana [2015-06-12] S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X] 2015-08-26 00:13 - 2015-08-26 00:13 - 00112640 _____ (forum.viry.cz) C:\Users\Jaruna\Desktop\FRSTLauncher.exe 2015-08-26 00:04 - 2015-08-26 00:06 - 00000000 ____D C:\AdwCleaner 2015-08-26 00:03 - 2015-08-26 00:03 - 01605632 _____ C:\Users\Jaruna\Desktop\adwcleaner_5.003.exe 2015-08-25 19:44 - 2015-08-25 21:01 - 00000000 ____D C:\Program Files\trend micro 2015-08-25 19:44 - 2015-08-25 19:45 - 00000000 ____D C:\rsit 2015-08-25 16:57 - 2015-06-22 13:20 - 00001931 _____ C:\Users\Jaruna\Documents\McAfee Security Scan Plus.lnk 2015-06-05 19:21 - 2015-06-05 20:03 - 0000905 _____ () C:\Users\Jaruna\AppData\Roaming\svchost.exe.tmp 2015-06-04 21:21 - 2015-06-04 21:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Task: {75ED0F21-F713-4172-9089-02B0B7E6DC8A} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano Final\TriggerKMS.exe FirewallRules: [{72FFF049-8BD3-411E-A259-EFF0EA267E0C}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{7EB6D6E0-C31E-47A7-9646-59EB4223F1F2}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe FirewallRules: [{586EC201-CBD9-4EDA-8061-A6BE748F881E}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{6AEB4010-55B4-4120-B45C-AEDD61EEB947}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{65A4D14E-8346-4AEE-8693-DD6176ACB33A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{04E4272F-F758-4F21-8E24-AB89BA28335F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{667CB19C-9CD9-4C0F-9DB7-4DDB3C11BC85}] => (Allow) C:\Users\Jaruna\AppData\Roaming\svchost.exe FirewallRules: [{EBB59507-4BAD-4464-BE3C-3E7F3E0E26FC}] => (Allow) C:\Users\Jaruna\AppData\Roaming\svchost.exe FirewallRules: [{4DB076BB-7ED8-432A-9E33-BB5AEFE9CB43}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{9F0624F9-0145-4F3E-856E-C7F8A9646601}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe FirewallRules: [{B968880C-4100-4373-97EF-7A3BCCA7FF85}] => (Allow) C:\Users\Jaruna\AppData\Local\Temp\nsj670D.tmp\Installer-10296835.exe FirewallRules: [{8A5129D8-DEB7-4F25-940B-4A66EE2E8953}] => (Allow) C:\Users\Jaruna\AppData\Local\Temp\nsj670D.tmp\Installer-10296835.exe FirewallRules: [{528AE3A6-1AAA-4760-8C66-9CACFA1905DB}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe FirewallRules: [{7BACAF98-A654-4CF3-832D-0C146402572C}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe C:\Program Files\KMSpico C:\Program Files\KMSnano Final Hosts: EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, vyskakují stále reklamy
Fix result of Farbar Recovery Scan Tool (x64) Version:25-08-2015 02
Ran by Jaruna (2015-08-26 00:34:23) Run:1
Running from C:\Users\Jaruna\Desktop
Loaded Profiles: Jaruna (Available Profiles: Jaruna)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
File: C:\Users\Jaruna\AppData\Roaming\svchost.exe.tmp
File: C:\Windows\SECOH-QAD.exe
File: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi
IFEO\SppExtComObj.exe: [Debugger] C:\Windows\SECOH-QAD.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> {7A8B0A4C-C4B9-4E68-8095-90F8D4CCE1B6} URL = hxxp://search.findwide.com/serp?guid={1B39404E-5823-4E78-98A4-E6D6FE95E0FD}&action=default_search&k={searchTerms}
FF DefaultSearchEngine: Yahoo:
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo:
FF Extension: Record Page - C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi [2015-08-25]
CHR Extension: (Record Page) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgfhaaeheijfpmonfiigkpljdigboana [2015-06-20]
OPR Extension: (Record Page) - C:\Users\Jaruna\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgfhaaeheijfpmonfiigkpljdigboana [2015-06-12]
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]
2015-08-26 00:13 - 2015-08-26 00:13 - 00112640 _____ (forum.viry.cz) C:\Users\Jaruna\Desktop\FRSTLauncher.exe
2015-08-26 00:04 - 2015-08-26 00:06 - 00000000 ____D C:\AdwCleaner
2015-08-26 00:03 - 2015-08-26 00:03 - 01605632 _____ C:\Users\Jaruna\Desktop\adwcleaner_5.003.exe
2015-08-25 19:44 - 2015-08-25 21:01 - 00000000 ____D C:\Program Files\trend micro
2015-08-25 19:44 - 2015-08-25 19:45 - 00000000 ____D C:\rsit
2015-08-25 16:57 - 2015-06-22 13:20 - 00001931 _____ C:\Users\Jaruna\Documents\McAfee Security Scan Plus.lnk
2015-06-05 19:21 - 2015-06-05 20:03 - 0000905 _____ () C:\Users\Jaruna\AppData\Roaming\svchost.exe.tmp
2015-06-04 21:21 - 2015-06-04 21:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Task: {75ED0F21-F713-4172-9089-02B0B7E6DC8A} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano Final\TriggerKMS.exe
FirewallRules: [{72FFF049-8BD3-411E-A259-EFF0EA267E0C}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{7EB6D6E0-C31E-47A7-9646-59EB4223F1F2}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{586EC201-CBD9-4EDA-8061-A6BE748F881E}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{6AEB4010-55B4-4120-B45C-AEDD61EEB947}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{65A4D14E-8346-4AEE-8693-DD6176ACB33A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{04E4272F-F758-4F21-8E24-AB89BA28335F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{667CB19C-9CD9-4C0F-9DB7-4DDB3C11BC85}] => (Allow) C:\Users\Jaruna\AppData\Roaming\svchost.exe
FirewallRules: [{EBB59507-4BAD-4464-BE3C-3E7F3E0E26FC}] => (Allow) C:\Users\Jaruna\AppData\Roaming\svchost.exe
FirewallRules: [{4DB076BB-7ED8-432A-9E33-BB5AEFE9CB43}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{9F0624F9-0145-4F3E-856E-C7F8A9646601}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{B968880C-4100-4373-97EF-7A3BCCA7FF85}] => (Allow) C:\Users\Jaruna\AppData\Local\Temp\nsj670D.tmp\Installer-10296835.exe
FirewallRules: [{8A5129D8-DEB7-4F25-940B-4A66EE2E8953}] => (Allow) C:\Users\Jaruna\AppData\Local\Temp\nsj670D.tmp\Installer-10296835.exe
FirewallRules: [{528AE3A6-1AAA-4760-8C66-9CACFA1905DB}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{7BACAF98-A654-4CF3-832D-0C146402572C}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
C:\Program Files\KMSpico
C:\Program Files\KMSnano Final
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
========================= File: C:\Users\Jaruna\AppData\Roaming\svchost.exe.tmp ========================
File not signed
MD5: B05367632CC50CB7AB443359BE2AA931
Creation and modification date: 2015-06-05 19:21 - 2015-06-05 20:03
Size: 0000905
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Windows\SECOH-QAD.exe ========================
File not signed
MD5: 38DE5B216C33833AF710E88F7F64FC98
Creation and modification date: 2015-06-05 19:13 - 2015-06-05 19:13
Size: 0004608
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi ========================
File not signed
MD5: 1BAABEBB4F456350E88B3ECB8FE6C54C
Creation and modification date: 2015-08-25 17:24 - 2015-06-11 13:12
Size: 0006935
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe" => key removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKU\S-1-5-21-725886734-121766909-2824906017-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7A8B0A4C-C4B9-4E68-8095-90F8D4CCE1B6}" => key removed successfully
HKCR\CLSID\{7A8B0A4C-C4B9-4E68-8095-90F8D4CCE1B6} => key not found.
Firefox DefaultSearchEngine removed successfully
Firefox SearchEngineOrder.1 removed successfully
Firefox SelectedSearchEngine removed successfully
C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi => moved successfully
C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgfhaaeheijfpmonfiigkpljdigboana => moved successfully
C:\Users\Jaruna\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgfhaaeheijfpmonfiigkpljdigboana => moved successfully
WinDivert1.1 => service removed successfully
C:\Users\Jaruna\Desktop\FRSTLauncher.exe => moved successfully
C:\AdwCleaner => moved successfully
"C:\Users\Jaruna\Desktop\adwcleaner_5.003.exe" => File/Folder not found.
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Jaruna\Documents\McAfee Security Scan Plus.lnk => moved successfully
C:\Users\Jaruna\AppData\Roaming\svchost.exe.tmp => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{75ED0F21-F713-4172-9089-02B0B7E6DC8A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75ED0F21-F713-4172-9089-02B0B7E6DC8A}" => key removed successfully
C:\Windows\System32\Tasks\Trigger KMS Activation => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{72FFF049-8BD3-411E-A259-EFF0EA267E0C} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7EB6D6E0-C31E-47A7-9646-59EB4223F1F2} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{586EC201-CBD9-4EDA-8061-A6BE748F881E} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6AEB4010-55B4-4120-B45C-AEDD61EEB947} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{65A4D14E-8346-4AEE-8693-DD6176ACB33A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04E4272F-F758-4F21-8E24-AB89BA28335F} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{667CB19C-9CD9-4C0F-9DB7-4DDB3C11BC85} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EBB59507-4BAD-4464-BE3C-3E7F3E0E26FC} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4DB076BB-7ED8-432A-9E33-BB5AEFE9CB43} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F0624F9-0145-4F3E-856E-C7F8A9646601} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B968880C-4100-4373-97EF-7A3BCCA7FF85} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A5129D8-DEB7-4F25-940B-4A66EE2E8953} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{528AE3A6-1AAA-4760-8C66-9CACFA1905DB} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BACAF98-A654-4CF3-832D-0C146402572C} => value removed successfully
"C:\Program Files\KMSpico" => File/Folder not found.
"C:\Program Files\KMSnano Final" => File/Folder not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 802.1 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 00:35:08 ====
Ran by Jaruna (2015-08-26 00:34:23) Run:1
Running from C:\Users\Jaruna\Desktop
Loaded Profiles: Jaruna (Available Profiles: Jaruna)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
File: C:\Users\Jaruna\AppData\Roaming\svchost.exe.tmp
File: C:\Windows\SECOH-QAD.exe
File: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi
IFEO\SppExtComObj.exe: [Debugger] C:\Windows\SECOH-QAD.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-725886734-121766909-2824906017-1001 -> {7A8B0A4C-C4B9-4E68-8095-90F8D4CCE1B6} URL = hxxp://search.findwide.com/serp?guid={1B39404E-5823-4E78-98A4-E6D6FE95E0FD}&action=default_search&k={searchTerms}
FF DefaultSearchEngine: Yahoo:
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo:
FF Extension: Record Page - C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi [2015-08-25]
CHR Extension: (Record Page) - C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgfhaaeheijfpmonfiigkpljdigboana [2015-06-20]
OPR Extension: (Record Page) - C:\Users\Jaruna\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgfhaaeheijfpmonfiigkpljdigboana [2015-06-12]
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]
2015-08-26 00:13 - 2015-08-26 00:13 - 00112640 _____ (forum.viry.cz) C:\Users\Jaruna\Desktop\FRSTLauncher.exe
2015-08-26 00:04 - 2015-08-26 00:06 - 00000000 ____D C:\AdwCleaner
2015-08-26 00:03 - 2015-08-26 00:03 - 01605632 _____ C:\Users\Jaruna\Desktop\adwcleaner_5.003.exe
2015-08-25 19:44 - 2015-08-25 21:01 - 00000000 ____D C:\Program Files\trend micro
2015-08-25 19:44 - 2015-08-25 19:45 - 00000000 ____D C:\rsit
2015-08-25 16:57 - 2015-06-22 13:20 - 00001931 _____ C:\Users\Jaruna\Documents\McAfee Security Scan Plus.lnk
2015-06-05 19:21 - 2015-06-05 20:03 - 0000905 _____ () C:\Users\Jaruna\AppData\Roaming\svchost.exe.tmp
2015-06-04 21:21 - 2015-06-04 21:21 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Task: {75ED0F21-F713-4172-9089-02B0B7E6DC8A} - System32\Tasks\Trigger KMS Activation => C:\Program Files\KMSnano Final\TriggerKMS.exe
FirewallRules: [{72FFF049-8BD3-411E-A259-EFF0EA267E0C}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{7EB6D6E0-C31E-47A7-9646-59EB4223F1F2}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{586EC201-CBD9-4EDA-8061-A6BE748F881E}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{6AEB4010-55B4-4120-B45C-AEDD61EEB947}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{65A4D14E-8346-4AEE-8693-DD6176ACB33A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{04E4272F-F758-4F21-8E24-AB89BA28335F}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{667CB19C-9CD9-4C0F-9DB7-4DDB3C11BC85}] => (Allow) C:\Users\Jaruna\AppData\Roaming\svchost.exe
FirewallRules: [{EBB59507-4BAD-4464-BE3C-3E7F3E0E26FC}] => (Allow) C:\Users\Jaruna\AppData\Roaming\svchost.exe
FirewallRules: [{4DB076BB-7ED8-432A-9E33-BB5AEFE9CB43}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{9F0624F9-0145-4F3E-856E-C7F8A9646601}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{B968880C-4100-4373-97EF-7A3BCCA7FF85}] => (Allow) C:\Users\Jaruna\AppData\Local\Temp\nsj670D.tmp\Installer-10296835.exe
FirewallRules: [{8A5129D8-DEB7-4F25-940B-4A66EE2E8953}] => (Allow) C:\Users\Jaruna\AppData\Local\Temp\nsj670D.tmp\Installer-10296835.exe
FirewallRules: [{528AE3A6-1AAA-4760-8C66-9CACFA1905DB}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{7BACAF98-A654-4CF3-832D-0C146402572C}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
C:\Program Files\KMSpico
C:\Program Files\KMSnano Final
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
========================= File: C:\Users\Jaruna\AppData\Roaming\svchost.exe.tmp ========================
File not signed
MD5: B05367632CC50CB7AB443359BE2AA931
Creation and modification date: 2015-06-05 19:21 - 2015-06-05 20:03
Size: 0000905
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Windows\SECOH-QAD.exe ========================
File not signed
MD5: 38DE5B216C33833AF710E88F7F64FC98
Creation and modification date: 2015-06-05 19:13 - 2015-06-05 19:13
Size: 0004608
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
========================= File: C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi ========================
File not signed
MD5: 1BAABEBB4F456350E88B3ECB8FE6C54C
Creation and modification date: 2015-08-25 17:24 - 2015-06-11 13:12
Size: 0006935
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product Name:
Description:
File Version:
Product Version:
Copyright:
====== End of File: ======
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\SppExtComObj.exe" => key removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
"HKU\S-1-5-21-725886734-121766909-2824906017-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7A8B0A4C-C4B9-4E68-8095-90F8D4CCE1B6}" => key removed successfully
HKCR\CLSID\{7A8B0A4C-C4B9-4E68-8095-90F8D4CCE1B6} => key not found.
Firefox DefaultSearchEngine removed successfully
Firefox SearchEngineOrder.1 removed successfully
Firefox SelectedSearchEngine removed successfully
C:\Users\Jaruna\AppData\Roaming\Mozilla\Firefox\Profiles\us83ubzv.default\Extensions\{6b9c5c6a-ad65-4ca5-a180-a8fded39b2fd}.xpi => moved successfully
C:\Users\Jaruna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgfhaaeheijfpmonfiigkpljdigboana => moved successfully
C:\Users\Jaruna\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgfhaaeheijfpmonfiigkpljdigboana => moved successfully
WinDivert1.1 => service removed successfully
C:\Users\Jaruna\Desktop\FRSTLauncher.exe => moved successfully
C:\AdwCleaner => moved successfully
"C:\Users\Jaruna\Desktop\adwcleaner_5.003.exe" => File/Folder not found.
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Jaruna\Documents\McAfee Security Scan Plus.lnk => moved successfully
C:\Users\Jaruna\AppData\Roaming\svchost.exe.tmp => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{75ED0F21-F713-4172-9089-02B0B7E6DC8A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75ED0F21-F713-4172-9089-02B0B7E6DC8A}" => key removed successfully
C:\Windows\System32\Tasks\Trigger KMS Activation => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Trigger KMS Activation" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{72FFF049-8BD3-411E-A259-EFF0EA267E0C} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7EB6D6E0-C31E-47A7-9646-59EB4223F1F2} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{586EC201-CBD9-4EDA-8061-A6BE748F881E} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6AEB4010-55B4-4120-B45C-AEDD61EEB947} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{65A4D14E-8346-4AEE-8693-DD6176ACB33A} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{04E4272F-F758-4F21-8E24-AB89BA28335F} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{667CB19C-9CD9-4C0F-9DB7-4DDB3C11BC85} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EBB59507-4BAD-4464-BE3C-3E7F3E0E26FC} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4DB076BB-7ED8-432A-9E33-BB5AEFE9CB43} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F0624F9-0145-4F3E-856E-C7F8A9646601} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B968880C-4100-4373-97EF-7A3BCCA7FF85} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8A5129D8-DEB7-4F25-940B-4A66EE2E8953} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{528AE3A6-1AAA-4760-8C66-9CACFA1905DB} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7BACAF98-A654-4CF3-832D-0C146402572C} => value removed successfully
"C:\Program Files\KMSpico" => File/Folder not found.
"C:\Program Files\KMSnano Final" => File/Folder not found.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 802.1 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 00:35:08 ====
Re: Prosím o kontrolu, vyskakují stále reklamy
Reklamy stale vyskakuji nebo muzeme zacit pouzite nastroje uklizet?
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, vyskakují stále reklamy
Reklamy jsou pryč jak z IE , tak i z Firefoxu 
můžem poklidit...
Ještě by poprosil jesi by byla rada jak odinstalovat ovladače od tiskárny canon, když dám odebrat, tak na mě vyletí hláška viz screen, tiskárna je odpojená od NB.
http://imgworld.cz/UYrigyCFqd.jpg
můžem poklidit...Ještě by poprosil jesi by byla rada jak odinstalovat ovladače od tiskárny canon, když dám odebrat, tak na mě vyletí hláška viz screen, tiskárna je odpojená od NB.
http://imgworld.cz/UYrigyCFqd.jpg
Re: Prosím o kontrolu, vyskakují stále reklamy
Zkuste ovladac odinstalovat v nouzovem rezimu, pripadne pouzijte Revo Uninstaller.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, vyskakují stále reklamy
To mě také napadlo, ale když držím po restartu F8, tak se mi bohužel nenabídnou možnosti spuštění v nouzáku
Jestli je to tím , že je zavaděč UEFI.....nevím, je to novej ASUS
Dá se ještě nějak jinak vyvolat nouzák, když mi nereaguje F8?
Jestli je to tím , že je zavaděč UEFI.....nevím, je to novej ASUS
Dá se ještě nějak jinak vyvolat nouzák, když mi nereaguje F8?
Re: Prosím o kontrolu, vyskakují stále reklamy
Pokud neni anglictina prekazka http://www.redmondpie.com/how-to-boot-i ... ode-guide/
pripadne s prekladem pomuzu.
pripadne s prekladem pomuzu.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o kontrolu, vyskakují stále reklamy
Šel jsem na to podle tohoto návodu http://support.hp.com/cz-cs/document/c03530768#AbT0 a v nouzáku mi to zase napíše pokud chci odebrat "Canon MG5200 series MP Drivers"
tohle: http://imgworld.cz/lnXSHUDKrN.jpg
A pokud chci odinstalovat v normálním režimu tak píše tohle http://imgworld.cz/UYrigyCFqd.jpg anejhorší je, že to píše i když by chtěl z CD nainstalovat znovu, takže jsem v pasti a nevím jak se toho zbavit. Je to ovladač ke tarší tískárně, ktérý jsem nainstaloval do win 8 a pak jsem zjistil, že mi nejde skenr a tak, takže si stáhnu nové ovladače a software pro win 8, ale nevím jak se zbavit tohto co se tam tak drží no.
tohle: http://imgworld.cz/lnXSHUDKrN.jpg
A pokud chci odinstalovat v normálním režimu tak píše tohle http://imgworld.cz/UYrigyCFqd.jpg anejhorší je, že to píše i když by chtěl z CD nainstalovat znovu, takže jsem v pasti a nevím jak se toho zbavit. Je to ovladač ke tarší tískárně, ktérý jsem nainstaloval do win 8 a pak jsem zjistil, že mi nejde skenr a tak, takže si stáhnu nové ovladače a software pro win 8, ale nevím jak se zbavit tohto co se tam tak drží no.
Naposledy upravil(a) Farin dne 26 srp 2015 06:57, celkem upraveno 4 x.
Přispějete na provoz fóra?
