Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Flash USB - antivir detekuje virus

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
meiilax
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 27 čer 2004 09:13

Flash USB - antivir detekuje virus

#1 Příspěvek od meiilax »

Dobrý den,

omylem jsem spustil neznámý soubor .vbs, který je zjevně zavirovaný. Avast mi začal hekticky několikrát za sekundu hlásit útok, vše pravděpodobně směrem k flash USB např. takto:
Avast Štít souborového systému zablokoval útok. Žádná další akce není nutná.
Objekt: N:\P12545121d.lnk
Infekce: LNK:Jenxcus-D [Trj]
Akce: Přesunout do truhly
Proces: C:\Windows\SysWOW64\wscript.exe

a takto u různých souborů na N:\ - N:\ je USB flash. Jakmile vyndán flešku, přestane to, jakmile jí zandám, opět Avast detekuje útoky. Díky moc za pomoc. Milan

Tady je log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Milan at 2015-10-20 11:23:01
Microsoft Windows 10 Pro
System drive C: has 196 GB (39%) free of 500 GB
Total RAM: 8140 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:23:06, on 20.10.2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\WINDOWS\SYSWOW64\WSCRIPT.EXE
C:\WINDOWS\SYSWOW64\WSCRIPT.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Required\AdobeQTServer.exe
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Milan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 127.0.0 sams.nikonimaging.com
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: DebugBar BHO - {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} - C:\Program Files (x86)\Core Services\DebugBar\DebugInfoBar.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O3 - Toolbar: DebugBar (Toolbar) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files (x86)\Core Services\DebugBar\DebugToolBar.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [Navigraph FMS Data Manager] C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe -autostart
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BP2CFD205NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Steam] "F:\Games\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cubase 7 serial crack Keygen 2015 ] wscript.exe //B "C:\Users\Milan\AppData\Local\Temp\cubase 7 serial crack Keygen 2015 .vbs"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: cubase 7 serial crack Keygen 2015 .vbs
O4 - Startup: Sledovat výstrahy inkoustu - .lnk = ?
O4 - Startup: Sledovat výstrahy inkoustu - HP Photosmart 5510 series (Síť).lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Inspect Element with DebugBar - res://C:\Program Files (x86)\Core Services\DebugBar\DebugInfoBar.dll/247
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apache22_php52 - Apache Software Foundation - C:\web\Apache Software Foundation\Apache2.2\bin\httpd.exe
O23 - Service: Apache24VC10_php53 - Apache Software Foundation - C:\web\Apache Software Foundation\Apache2.4_VC10\bin\httpd.exe
O23 - Service: Apache24_php56 - Apache Software Foundation - C:\web\Apache Software Foundation\Apache2.4\bin\httpd.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MySQL5 - Unknown owner - C:\web\MySQL\MySQL.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\SysWOW64\nlssrv32.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - F:\Games\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WTService - Unknown owner - C:\WINDOWS\system32\atwtusb.exe (file missing)

--
End of file - 16668 bytes

======Listing Processes======







C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\WINDOWS\system32\nvvsvc.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\WINDOWS\System32\spoolsv.exe
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
dashost.exe {9cbb8230-e12b-4275-95350864aa8d0f8c}
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
C:\WINDOWS\SysWOW64\nlssrv32.exe
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\atwtusb.exe -s
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 40ae05ef-e8c0-472b-b46d-e8bbd1d36d10 1
\??\C:\WINDOWS\system32\conhost.exe 0x4

"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --ran-launcher
"C:\Program Files (x86)\Opera\32.0.1948.69\opera.exe" --type=gpu-process --channel="888.49.316124918\893577712" --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=5928 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,26,51,55,61 --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=10.18.13.5382 --with-feature:installer-experiment-test=off --with-feature:installer-ui-stats=off --crash-reporter-pid=5928 --ignored=" --type=renderer " /prefetch:822062411
taskeng.exe {D56C3E8D-0ACB-4050-9DC5-0892F500DD2D}

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session
C:\WINDOWS\system32\atwtusb.exe
sihost.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
/QuitInfo:0000000000000FD8;00000000000013F0;
/loadhooks /Parent:0000000000000678
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Microsoft Device Center\ipoint.exe"
"C:\Program Files\Microsoft Device Center\itype.exe"
"C:\Windows\System32\AtwtusbIcon.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\WINDOWS\SYSWOW64\WSCRIPT.EXE" "C:\Users\Milan\AppData\Local\Temp\cubase 7 serial crack Keygen 2015 .vbs"
"C:\WINDOWS\SYSWOW64\WSCRIPT.EXE" "C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cubase 7 serial crack Keygen 2015 .vbs"
"C:\WINDOWS\system32\RunDll32.exe" "C:\Program Files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN1BP2CFD205NR;CONNECTION=NW;MONITOR=1;
"C:\WINDOWS\system32\RunDll32.exe" "C:\Program Files\HP\HP Photosmart 5510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN1BP2CFD205NR;CONNECTION=NW;MONITOR=1;
"C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe"
"C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe" -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"fontdrvhost.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="9852.0.430283046\1819193950" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,12,20,45,55 --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=10.18.13.5382 --ignored=" --type=renderer " /prefetch:822062411
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledInitialReceiveWindow64KB/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="9852.1.778354449\807517685" --font-cache-shared-handle=2424 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledInitialReceiveWindow64KB/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="9852.2.191442250\1257870168" --font-cache-shared-handle=2768 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledInitialReceiveWindow64KB/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="9852.3.706188575\1885449068" --font-cache-shared-handle=2792 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledInitialReceiveWindow64KB/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="9852.4.178890482\1640747940" --font-cache-shared-handle=3052 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledInitialReceiveWindow64KB/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="9852.5.1056696751\2022252127" --font-cache-shared-handle=3116 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledInitialReceiveWindow64KB/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="9852.6.1601789659\1309586190" --font-cache-shared-handle=3240 /prefetch:673131151
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="9852.8.1506912122\734153783" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c529c496-ed0e-466c-8544-efc2cfcc0b9f -SystemEventPortName:HostProcess-991ca5a9-7877-4228-9e40-0d61917ac1ba -IoCancelEventPortName:HostProcess-9993d4a4-5ef9-470b-9fc7-c4564966ded4 -NonStateChangingEventPortName:HostProcess-f2b11028-15d3-44b4-b7cc-a061d97712d3 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ef48ac84-c9bb-40d0-a304-8ab2e09502ed -DeviceGroupId:WpdFsGroup
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
"C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Required\AdobeQTServer.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" "-launchedbycsxs"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe671_ Global\UsGthrCtrlFltPipeMssGthrPipe671 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 624 612 628 8192 616
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Default/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/EnableSessionCrashedBubbleUI/Enabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledInitialReceiveWindow64KB/RefreshTokenDeviceId/Enabled/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Disabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_01/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Default/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="9852.11.598079447\1655040764" --font-cache-shared-handle=3380 /prefetch:673131151
"C:\Users\Milan\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-649847758-3809949159-3738805346-1000Core.job - C:\Users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-649847758-3809949159-3738805346-1000UA.job - C:\Users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\txlqgp5i.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe� Flash� Player 19.0.0.185 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe� Flash� Player 19.0.0.185 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL


C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\txlqgp5i.default\searchplugins\
google-avast.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04 219304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69FC0024-10EB-480A-BBF2-3BF4E78E17B1}]
DebugBar BHO - C:\Program Files (x86)\Core Services\DebugBar\DebugInfoBar.x64.dll [2015-03-03 5715456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-13 551520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-19 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11 2340472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-13 212576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04 153768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69FC0024-10EB-480A-BBF2-3BF4E78E17B1}]
DebugBar BHO - C:\Program Files (x86)\Core Services\DebugBar\DebugInfoBar.dll [2015-03-03 4363776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-19 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12 1733240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}
{3E1201F4-1707-409F-BB45-A5F192381DA0} - DebugBar (Toolbar) - C:\Program Files (x86)\Core Services\DebugBar\DebugToolBar.x64.dll [2015-03-03 1005056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{3E1201F4-1707-409F-BB45-A5F192381DA0} - DebugBar (Toolbar) - C:\Program Files (x86)\Core Services\DebugBar\DebugToolBar.dll [2015-03-03 808448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-12-06 7506136]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"IntelliPoint"=c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26 2004584]
"IntelliType Pro"=c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26 1464928]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"AtwtusbIcon"=C:\WINDOWS\system32\AtwtusbIcon.exe [2012-09-10 3593728]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe []
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe []
"Persistence"=C:\WINDOWS\system32\igfxpers.exe []
"Start WingMan Profiler"=C:\Program Files\Logitech\Gaming Software\LWEMon.exe [2010-06-14 190536]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2015-06-03 1571696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HP Photosmart 5510 series (NET)"=C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2012-10-17 2573416]
"Steam"=F:\Games\Steam\steam.exe [2015-08-19 2899136]
"Google Update"=C:\Users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27 144200]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-06-01 8358680]
"OneDrive"=C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-09-15 405584]
"cubase 7 serial crack Keygen 2015 "=wscript.exe //B C:\Users\Milan\AppData\Local\Temp\cubase 7 serial crack Keygen 2015 .vbs []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenterCount]
C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [2012-03-26 872448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5]
C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MacroKeyManager]
WTMKM.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Apache Servers.lnk]
C:\web\APACHE~1\Apache2.2\bin\APACHE~1.EXE [2012-02-01 35328]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"ControlCenterCount"=C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [2012-03-26 872448]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
""= []
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2014-09-18 3476432]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2013-12-27 570880]
"Navigraph FMS Data Manager"=C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe [2014-06-03 1006576]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-10-02 421888]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-09-19 6134544]

C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
cubase 7 serial crack Keygen 2015 .vbs
Sledovat výstrahy inkoustu - .lnk - C:\WINDOWS\system32\RunDll32.exe
Sledovat výstrahy inkoustu - HP Photosmart 5510 series (Síť).lnk - C:\WINDOWS\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1
"ConsentPromptBehaviorAdmin"=0
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-10-20 11:23:01 ----D---- C:\rsit
2015-10-20 11:23:01 ----D---- C:\Program Files\trend micro
2015-10-13 20:41:30 ----D---- C:\8cfd8b2949f25862cadbabf4a2
2015-10-05 21:33:28 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-10-01 20:46:12 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-10-01 20:46:10 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 20:46:09 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2015-10-01 20:46:09 ----A---- C:\WINDOWS\system32\edgehtml.dll
2015-10-01 20:46:08 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-10-01 20:46:06 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-10-01 20:46:04 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2015-10-01 20:46:04 ----A---- C:\WINDOWS\system32\BingMaps.dll
2015-10-01 20:46:03 ----A---- C:\WINDOWS\SYSWOW64\mos.dll
2015-10-01 20:46:03 ----A---- C:\WINDOWS\system32\windows.storage.dll
2015-10-01 20:46:03 ----A---- C:\WINDOWS\system32\mos.dll
2015-10-01 20:46:02 ----A---- C:\WINDOWS\SYSWOW64\BingMaps.dll
2015-10-01 20:46:01 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 20:46:01 ----A---- C:\WINDOWS\system32\Chakra.dll
2015-10-01 20:46:00 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 20:45:59 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2015-10-01 20:45:59 ----A---- C:\WINDOWS\system32\mfcore.dll
2015-10-01 20:45:58 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 20:45:58 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 20:45:57 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2015-10-01 20:45:57 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 20:45:57 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 20:45:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2015-10-01 20:45:56 ----A---- C:\WINDOWS\system32\wininet.dll
2015-10-01 20:45:55 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2015-10-01 20:45:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Logon.dll
2015-10-01 20:45:53 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-10-01 20:45:53 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-10-01 20:45:53 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2015-10-01 20:45:53 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2015-10-01 20:45:52 ----A---- C:\WINDOWS\system32\wlansvc.dll
2015-10-01 20:45:52 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 20:45:52 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-10-01 20:45:52 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-10-01 20:45:51 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2015-10-01 20:45:51 ----A---- C:\WINDOWS\system32\winmde.dll
2015-10-01 20:45:51 ----A---- C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 20:45:51 ----A---- C:\WINDOWS\system32\UserDataService.dll
2015-10-01 20:45:51 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 20:45:50 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2015-10-01 20:45:50 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 20:45:50 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 20:45:50 ----A---- C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 20:45:50 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 20:45:49 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2015-10-01 20:45:49 ----A---- C:\WINDOWS\system32\wwansvc.dll
2015-10-01 20:45:49 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 20:45:49 ----A---- C:\WINDOWS\system32\Unistore.dll
2015-10-01 20:45:49 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 20:45:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2015-10-01 20:45:48 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2015-10-01 20:45:48 ----A---- C:\WINDOWS\SYSWOW64\RemoteNaturalLanguage.dll
2015-10-01 20:45:48 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-10-01 20:45:48 ----A---- C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 20:45:48 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 20:45:48 ----A---- C:\WINDOWS\system32\mfsvr.dll
2015-10-01 20:45:48 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 20:45:47 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2015-10-01 20:45:47 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2015-10-01 20:45:47 ----A---- C:\WINDOWS\system32\RDXService.dll
2015-10-01 20:45:47 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 20:45:47 ----A---- C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 20:45:47 ----A---- C:\WINDOWS\system32\esent.dll
2015-10-01 20:45:47 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 20:45:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 20:45:46 ----A---- C:\WINDOWS\system32\wpx.dll
2015-10-01 20:45:46 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 20:45:46 ----A---- C:\WINDOWS\system32\ContactApis.dll
2015-10-01 20:45:45 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2015-10-01 20:45:45 ----A---- C:\WINDOWS\system32\mfds.dll
2015-10-01 20:45:45 ----A---- C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 20:45:45 ----A---- C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 20:45:44 ----A---- C:\WINDOWS\SYSWOW64\MapControlCore.dll
2015-10-01 20:45:44 ----A---- C:\WINDOWS\system32\wmpmde.dll
2015-10-01 20:45:44 ----A---- C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 20:45:44 ----A---- C:\WINDOWS\system32\drivers\Wdf01000.sys
2015-10-01 20:45:44 ----A---- C:\WINDOWS\system32\bisrv.dll
2015-10-01 20:45:43 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2015-10-01 20:45:43 ----A---- C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 20:45:43 ----A---- C:\WINDOWS\system32\win32kfull.sys
2015-10-01 20:45:43 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 20:45:43 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 20:45:43 ----A---- C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 20:45:42 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2015-10-01 20:45:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 20:45:42 ----A---- C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 20:45:42 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 20:45:42 ----A---- C:\WINDOWS\system32\NotificationController.dll
2015-10-01 20:45:42 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 20:45:42 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 20:45:41 ----A---- C:\WINDOWS\SYSWOW64\WWanAPI.dll
2015-10-01 20:45:41 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2015-10-01 20:45:41 ----A---- C:\WINDOWS\SYSWOW64\directmanipulation.dll
2015-10-01 20:45:41 ----A---- C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 20:45:41 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 20:45:41 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 20:45:41 ----A---- C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 20:45:40 ----A---- C:\WINDOWS\SYSWOW64\VEEventDispatcher.dll
2015-10-01 20:45:40 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2015-10-01 20:45:40 ----A---- C:\WINDOWS\SYSWOW64\JpMapControl.dll
2015-10-01 20:45:40 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2015-10-01 20:45:40 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 20:45:40 ----A---- C:\WINDOWS\system32\audiosrv.dll
2015-10-01 20:45:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.dll
2015-10-01 20:45:39 ----A---- C:\WINDOWS\SYSWOW64\SettingSyncHost.exe
2015-10-01 20:45:39 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2015-10-01 20:45:39 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2015-10-01 20:45:39 ----A---- C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 20:45:39 ----A---- C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 20:45:39 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 20:45:38 ----A---- C:\WINDOWS\SYSWOW64\Unistore.dll
2015-10-01 20:45:38 ----A---- C:\WINDOWS\SYSWOW64\SensorsApi.dll
2015-10-01 20:45:38 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2015-10-01 20:45:38 ----A---- C:\WINDOWS\system32\winlogon.exe
2015-10-01 20:45:38 ----A---- C:\WINDOWS\system32\ncsi.dll
2015-10-01 20:45:37 ----A---- C:\WINDOWS\SYSWOW64\MessagingDataModel2.dll
2015-10-01 20:45:37 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 20:45:37 ----A---- C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 20:45:37 ----A---- C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 20:45:37 ----A---- C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 20:45:37 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2015-10-01 20:45:37 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2015-10-01 20:45:37 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2015-10-01 20:45:36 ----A---- C:\WINDOWS\SYSWOW64\hevcdecoder.dll
2015-10-01 20:45:36 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2015-10-01 20:45:36 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 20:45:36 ----A---- C:\WINDOWS\system32\mf.dll
2015-10-01 20:45:36 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 20:45:36 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 20:45:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 20:45:35 ----A---- C:\WINDOWS\SYSWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 20:45:35 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 20:45:35 ----A---- C:\WINDOWS\system32\psmsrv.dll
2015-10-01 20:45:35 ----A---- C:\WINDOWS\system32\provengine.dll
2015-10-01 20:45:35 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 20:45:35 ----A---- C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 20:45:35 ----A---- C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 20:45:34 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2015-10-01 20:45:34 ----A---- C:\WINDOWS\system32\wwanconn.dll
2015-10-01 20:45:34 ----A---- C:\WINDOWS\system32\wuuhext.dll
2015-10-01 20:45:34 ----A---- C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 20:45:34 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2015-10-01 20:45:33 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2015-10-01 20:45:33 ----A---- C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 20:45:33 ----A---- C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 20:45:33 ----A---- C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 20:45:33 ----A---- C:\WINDOWS\system32\pnidui.dll
2015-10-01 20:45:33 ----A---- C:\WINDOWS\system32\MapsStore.dll
2015-10-01 20:45:32 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 20:45:32 ----A---- C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-01 20:45:32 ----A---- C:\WINDOWS\system32\cloudAP.dll
2015-10-01 20:45:31 ----A---- C:\WINDOWS\system32\win32kbase.sys
2015-10-01 20:45:31 ----A---- C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 20:45:31 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 20:45:31 ----A---- C:\WINDOWS\system32\mfps.dll
2015-10-01 20:45:30 ----A---- C:\WINDOWS\SYSWOW64\ContactApis.dll
2015-10-01 20:45:30 ----A---- C:\WINDOWS\system32\omadmclient.exe
2015-10-01 20:45:30 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 20:45:30 ----A---- C:\WINDOWS\system32\ChatApis.dll
2015-10-01 20:45:30 ----A---- C:\WINDOWS\system32\drivers\pdc.sys
2015-10-01 20:45:29 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2015-10-01 20:45:29 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2015-10-01 20:45:29 ----A---- C:\WINDOWS\system32\wwanmm.dll
2015-10-01 20:45:29 ----A---- C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 20:45:29 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 20:45:29 ----A---- C:\WINDOWS\system32\drivers\buttonconverter.sys
2015-10-01 20:45:29 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-10-01 20:45:28 ----A---- C:\WINDOWS\SYSWOW64\ChatApis.dll
2015-10-01 20:45:28 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 20:45:28 ----A---- C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 20:45:28 ----A---- C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 20:45:28 ----A---- C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 20:45:28 ----A---- C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 20:45:28 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2015-10-01 20:45:27 ----A---- C:\WINDOWS\SYSWOW64\EmailApis.dll
2015-10-01 20:45:27 ----A---- C:\WINDOWS\SYSWOW64\AppointmentApis.dll
2015-10-01 20:45:27 ----A---- C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 20:45:27 ----A---- C:\WINDOWS\system32\omadmapi.dll
2015-10-01 20:45:27 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 20:45:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.Speech.Pal.dll
2015-10-01 20:45:26 ----A---- C:\WINDOWS\system32\EmailApis.dll
2015-10-01 20:45:26 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-10-01 20:45:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-01 20:45:25 ----A---- C:\WINDOWS\system32\syncutil.dll
2015-10-01 20:45:25 ----A---- C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 20:45:25 ----A---- C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 20:45:24 ----A---- C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 20:45:23 ----A---- C:\WINDOWS\system32\wwancfg.dll
2015-10-01 20:45:22 ----A---- C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 20:45:22 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 20:45:22 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2015-10-01 20:45:22 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-10-01 20:45:22 ----A---- C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 20:45:21 ----A---- C:\WINDOWS\SYSWOW64\UserDataAccountApis.dll
2015-10-01 20:45:21 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2015-10-01 20:45:21 ----A---- C:\WINDOWS\system32\wpnapps.dll
2015-10-01 20:45:21 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 20:45:21 ----A---- C:\WINDOWS\system32\netcenter.dll
2015-10-01 20:45:21 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 20:45:21 ----A---- C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 20:45:21 ----A---- C:\WINDOWS\system32\AudioEng.dll
2015-10-01 20:45:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2015-10-01 20:45:20 ----A---- C:\WINDOWS\SYSWOW64\PhoneCallHistoryApis.dll
2015-10-01 20:45:20 ----A---- C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 20:45:20 ----A---- C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 20:45:20 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 20:45:20 ----A---- C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 20:45:19 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2015-10-01 20:45:19 ----A---- C:\WINDOWS\SYSWOW64\MapConfiguration.dll
2015-10-01 20:45:19 ----A---- C:\WINDOWS\SYSWOW64\CallHistoryClient.dll
2015-10-01 20:45:19 ----A---- C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 20:45:19 ----A---- C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-01 20:45:19 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 20:45:19 ----A---- C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 20:45:18 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2015-10-01 20:45:18 ----A---- C:\WINDOWS\system32\provops.dll
2015-10-01 20:45:18 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 20:45:18 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 20:45:17 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2015-10-01 20:45:17 ----A---- C:\WINDOWS\SYSWOW64\netcenter.dll
2015-10-01 20:45:17 ----A---- C:\WINDOWS\system32\nlasvc.dll
2015-10-01 20:45:15 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 20:45:15 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 20:45:15 ----A---- C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 20:45:15 ----A---- C:\WINDOWS\system32\dmcsps.dll
2015-10-01 20:45:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 20:45:14 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 20:45:14 ----A---- C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 20:45:14 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 20:45:13 ----A---- C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 20:45:13 ----A---- C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 20:45:13 ----A---- C:\WINDOWS\system32\configmanager2.dll
2015-09-30 18:22:03 ----RD---- C:\Program Files (x86)\Skype
2015-09-27 10:13:04 ----D---- C:\Program Files\Stellarium

======List of files/folders modified in the last 1 month======

2015-10-20 11:23:01 ----RD---- C:\Program Files
2015-10-20 11:21:35 ----D---- C:\WINDOWS\Prefetch
2015-10-20 11:21:34 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-10-20 11:21:31 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-20 11:20:00 ----D---- C:\WINDOWS\System32
2015-10-20 11:20:00 ----D---- C:\WINDOWS\INF
2015-10-20 11:20:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-20 11:14:01 ----D---- C:\WINDOWS\Temp
2015-10-20 11:14:01 ----D---- C:\WINDOWS\system32\Tasks
2015-10-20 11:13:21 ----D---- C:\WINDOWS\system32\sru
2015-10-20 11:12:25 ----A---- C:\WINDOWS\win.ini
2015-10-20 07:15:41 ----A---- C:\Users\Milan\AppData\Roaming\ISOWorkshop.ini
2015-10-19 21:50:49 ----D---- C:\Program Files (x86)\1AVCapture
2015-10-19 21:50:48 ----D---- C:\WINDOWS\SysWOW64
2015-10-19 20:29:49 ----D---- C:\Users\Milan\AppData\Roaming\vlc
2015-10-19 19:46:04 ----D---- C:\WINDOWS\Microsoft.NET
2015-10-18 21:24:28 ----D---- C:\WINDOWS\AppReadiness
2015-10-18 11:28:28 ----SHD---- C:\System Volume Information
2015-10-18 01:04:26 ----D---- C:\WINDOWS\CbsTemp
2015-10-17 20:55:15 ----HD---- C:\Program Files\WindowsApps
2015-10-14 18:32:59 ----D---- C:\WINDOWS\system32\config
2015-10-14 12:26:37 ----SD---- C:\Users\Milan\AppData\Roaming\Microsoft
2015-10-14 12:22:36 ----D---- C:\Users\Milan\AppData\Roaming\FileZilla
2015-10-14 12:19:25 ----SHD---- C:\WINDOWS\Installer
2015-10-14 12:19:15 ----D---- C:\ProgramData\Microsoft Help
2015-10-13 20:52:29 ----D---- C:\WINDOWS\WinSxS
2015-10-13 20:50:54 ----D---- C:\WINDOWS\system32\MRT
2015-10-13 20:41:34 ----A---- C:\WINDOWS\system32\MRT.exe
2015-10-13 19:31:44 ----D---- C:\WINDOWS\system32\catroot2
2015-10-11 19:26:38 ----D---- C:\Windows.old
2015-10-09 13:31:46 ----D---- C:\ProgramData\NVIDIA
2015-10-08 22:29:26 ----D---- C:\Users\Milan\AppData\Roaming\Audacity
2015-10-08 21:48:01 ----RSD---- C:\WINDOWS\assembly
2015-10-07 19:45:28 ----D---- C:\WINDOWS\system32\NDF
2015-10-07 18:29:19 ----D---- C:\temp
2015-10-07 16:22:08 ----D---- C:\WINDOWS\system32\DriverStore
2015-10-06 19:30:45 ----D---- C:\WINDOWS\rescache
2015-10-05 21:31:46 ----D---- C:\WINDOWS\system32\drivers
2015-10-05 21:30:17 ----SD---- C:\WINDOWS\SYSWOW64\F12
2015-10-05 21:30:17 ----D---- C:\WINDOWS\SYSWOW64\migration
2015-10-05 21:30:13 ----SD---- C:\WINDOWS\system32\F12
2015-10-05 21:30:13 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2015-10-05 21:30:13 ----D---- C:\WINDOWS\system32\SystemResetPlatform
2015-10-05 21:30:13 ----D---- C:\WINDOWS\system32\migration
2015-10-05 21:30:12 ----D---- C:\WINDOWS\system32\appraiser
2015-10-05 21:30:00 ----RD---- C:\WINDOWS\PurchaseDialog
2015-10-05 21:30:00 ----D---- C:\WINDOWS\Provisioning
2015-10-05 21:29:59 ----D---- C:\WINDOWS\L2Schemas
2015-10-05 21:29:59 ----D---- C:\WINDOWS\AppPatch
2015-10-01 18:14:56 ----D---- C:\web
2015-09-30 22:22:14 ----D---- C:\Users\Milan\AppData\Roaming\Skype
2015-09-30 18:22:04 ----D---- C:\Program Files (x86)\Common Files
2015-09-30 18:22:03 ----RD---- C:\Program Files (x86)
2015-09-30 18:22:02 ----D---- C:\ProgramData\Skype
2015-09-30 12:13:18 ----D---- C:\Program Files (x86)\Opera
2015-09-27 10:13:31 ----D---- C:\Users\Milan\AppData\Roaming\Stellarium
2015-09-27 10:13:10 ----D---- C:\ProgramData\Package Cache
2015-09-25 11:31:11 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2015-09-25 11:28:16 ----D---- C:\Program Files\Microsoft Office 15
2015-09-24 15:53:09 ----D---- C:\WINDOWS\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\WINDOWS\system32\drivers\aswRvrt.sys [2015-09-19 65224]
R0 aswVmm;avast! VM Monitor; C:\WINDOWS\system32\drivers\aswVmm.sys [2015-09-19 274808]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2015-09-19 93528]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2015-09-19 1049880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2015-09-19 448968]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-07-10 8192]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2009-07-27 90544]
R2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys [2008-06-27 88632]
R2 aswHwid;avast! HardwareID; C:\WINDOWS\system32\drivers\aswHwid.sys [2015-09-19 28656]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2015-09-19 90968]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2015-09-19 153744]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]
R2 TurboB;Turbo Boost UI Monitor driver; C:\WINDOWS\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
R3 athur;@oem33.inf,%ATHR.Service.DispName%;Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\System32\drivers\athurx.sys [2010-01-05 1847296]
R3 dc3d;@oem19.inf,%dc3d.SvcDesc%;MS Hardware Device Detection Driver; C:\WINDOWS\system32\DRIVERS\dc3d.sys [2012-06-26 52320]
R3 chdrvr01;@oem31.inf,%CHDRVR01.SvcDesc%;chdrvr01; C:\WINDOWS\System32\drivers\chdrvr01.sys [2012-08-25 248496]
R3 chdrvr02;@oem23.inf,%CHDRVR02.SvcDesc%;chdrvr02; C:\WINDOWS\System32\drivers\chdrvr02.sys [2012-08-25 11440]
R3 chdrvr03;@oem42.inf,%CHDRVR03.SvcDesc%;chdrvr03; C:\WINDOWS\System32\drivers\chdrvr03.sys [2012-08-25 24240]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2013-12-10 3771352]
R3 iwdbus;@oem20.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2013-09-26 27032]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MBfilt;MBfilt; C:\WINDOWS\system32\drivers\MBfilt64.sys [2009-11-18 32344]
R3 MEIx64;@oem57.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2013-09-17 99288]
R3 moufiltr;@oem58.inf,%WalMoufiltr.Desc%;Tablet Mouse Filter Driver; C:\WINDOWS\System32\drivers\moufiltr.sys [2009-03-08 7680]
R3 NuidFltr;@oem2.inf,%NuidFltr.SvcDesc%;NUID filter driver; C:\WINDOWS\System32\drivers\NuidFltr.sys [2012-06-26 23648]
R3 NVHDA;@oem64.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2015-08-29 206152]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2015-08-29 11151488]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;@oem15.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 Point64;@oem40.inf,%point64.SvcDesc%;Microsoft Mouse and Keyboard Center Filter Driver; C:\WINDOWS\System32\drivers\point64.sys [2012-06-26 46176]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-10 587264]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\WINDOWS\system32\DRIVERS\serscan.sys [2015-07-10 12800]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]
S3 FARMNTIO;FARMNTIO; \??\c:\windows\system32\drivers\farmntio.sys [2012-01-11 24664]
S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2013-09-26 39320]
S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]
S3 NTIOLib_1_0_1;NTIOLib_1_0_1; \??\C:\Program Files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [2009-10-06 14136]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [2010-10-22 14136]
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC; \??\C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [2012-11-09 13368]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-09-07 934752]
S3 TabletFilter;Tablet Driver; C:\WINDOWS\System32\drivers\TabletFilter.sys [2012-08-15 7680]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-19 146600]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2015-09-11 2774104]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 DfSdkS;Defragmentation-Service; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe [2009-08-24 544768]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-03 1152656]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-17 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-17 390616]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\WINDOWS\SysWOW64\nlssrv32.exe [2011-02-15 66560]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2015-08-07 937592]
R2 OneSyncSvc_Session9;Hostitel synchronizace_Session9; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-05-28 410768]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 OneSyncSvc_Session16;Hostitel synchronizace_Session16; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2015-02-09 72704]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Apache22_php52;Apache22_php52; C:\web\Apache Software Foundation\Apache2.2\bin\httpd.exe [2012-02-01 18432]
S3 Apache24_php56;Apache24_php56; C:\web\Apache Software Foundation\Apache2.4\bin\httpd.exe [2015-07-22 29184]
S3 Apache24VC10_php53;Apache24VC10_php53; C:\web\Apache Software Foundation\Apache2.4_VC10\bin\httpd.exe [2015-07-12 22528]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2015-01-16 1044816]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2011-08-30 160256]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-10-20 147624]
S3 MySQL5;MySQL5; C:\web\MySQL\MySQL Server 5.5\bin\mysqld --defaults-file=C:\web\MySQL\MySQL Server 5.5\my.ini MySQL5 []
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]
S3 Origin Client Service;Origin Client Service; F:\Games\Origin\OriginClientService.exe [2014-12-26 1903472]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-08-13 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session16;Data kontaktů_Session16; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 PimIndexMaintenanceSvc_Session9;Data kontaktů_Session9; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-09-07 1031680]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-19 838336]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S4 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2014-09-18 1723856]

-----------------EOF-----------------
Přílohy
vir.jpg
vir.jpg (110.25 KiB) Zobrazeno 4775 x
Nahoru
meiilax
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 27 čer 2004 09:13

Re: Flash USB - antivir detekuje virus

#2 Příspěvek od meiilax »

Tady ještě FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-10-2015
Ran by Milan (administrator) on MILAN-PC (20-10-2015 12:09:16)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfSdkS64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\atwtusb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
() C:\Windows\System32\atwtusb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
() C:\Windows\System32\AtwtusbIcon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\regedit.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [AtwtusbIcon] => C:\WINDOWS\system32\AtwtusbIcon.exe [3593728 2012-09-10] ()
HKLM\...\Run: [IgfxTray] => "C:\WINDOWS\system32\igfxtray.exe"
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenterCount] => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3476432 2014-09-18] (Micro-Star International)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM-x32\...\Run: [Navigraph FMS Data Manager] => C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe [1006576 2014-06-03] (Navigraph)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-19] (AVAST Software)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [Steam] => F:\Games\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [Google Update] => C:\Users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [cubase 7 serial crack Keygen 2015 ] => wscript.exe //B "C:\Users\Milan\AppData\Local\Temp\cubase 7 serial crack Keygen 2015 .vbs" <===== ATTENTION
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Policies\system: [DisableLockWorkstation] 0
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-19] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-09]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cubase 7 serial crack Keygen 2015 .vbs [2015-10-20] ()
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - .lnk [2013-03-24]
ShortcutTarget: Sledovat výstrahy inkoustu - .lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Photosmart 5510 series (Síť).lnk [2014-02-03]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Photosmart 5510 series (Síť).lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{3915bc1b-4d7d-4165-93b9-73dffb579dfe}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: DebugBar BHO -> {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} -> C:\Program Files (x86)\Core Services\DebugBar\DebugInfoBar.x64.dll [2015-03-03] (Core Services)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-13] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-19] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-13] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO-x32: DebugBar BHO -> {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} -> C:\Program Files (x86)\Core Services\DebugBar\DebugInfoBar.dll [2015-03-03] (Core Services)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-19] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - DebugBar (Toolbar) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files (x86)\Core Services\DebugBar\DebugToolBar.x64.dll [2015-03-03] (Core Services)
Toolbar: HKLM-x32 - DebugBar (Toolbar) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files (x86)\Core Services\DebugBar\DebugToolBar.dll [2015-03-03] (Core Services)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\txlqgp5i.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-24] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-24] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-649847758-3809949159-3738805346-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Milan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-649847758-3809949159-3738805346-1000: @talk.google.com/O1DPlugin -> C:\Users\Milan\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-649847758-3809949159-3738805346-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Milan\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-649847758-3809949159-3738805346-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Milan\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Milan\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Milan\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\txlqgp5i.default\searchplugins\google-avast.xml [2015-01-25]
FF Extension: Firebug - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\txlqgp5i.default\Extensions\firebug@software.joehewitt.com.xpi [2013-01-17]
FF Extension: SEOProfesional - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\txlqgp5i.default\Extensions\seo@profesional.xpi [2013-01-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-19] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> op
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-09-24]
CHR Extension: (Avast Online Security) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-19]
CHR Extension: (NetBeans Connector) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2015-08-21]
CHR Extension: (PHP Docs-to-go) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlilmganaobieaclflbciblffhaagnip [2014-10-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2014-10-20]
CHR Extension: (RSS Feed Reader) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2014-10-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-09-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-09] (Adobe Systems) [File not signed]
S3 Apache22_php52; C:\web\Apache Software Foundation\Apache2.2\bin\httpd.exe [18432 2012-02-01] (Apache Software Foundation) [File not signed]
S3 Apache24VC10_php53; C:\web\Apache Software Foundation\Apache2.4_VC10\bin\httpd.exe [22528 2015-07-12] (Apache Software Foundation) [File not signed]
S3 Apache24_php56; C:\web\Apache Software Foundation\Apache2.4\bin\httpd.exe [29184 2015-07-22] (Apache Software Foundation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-19] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1723856 2014-09-18] (Micro-Star International)
S3 MySQL5; C:\web\MySQL\MySQL Server 5.5\my.ini [8905 2012-09-28] () [File not signed]
R2 nlsX86cc; C:\WINDOWS\SysWOW64\nlssrv32.exe [66560 2011-02-15] (Nalpeiron Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
U2 OneSyncSvc_Session16; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 Origin Client Service; F:\Games\Origin\OriginClientService.exe [1903472 2014-12-26] (Electronic Arts)
U3 PimIndexMaintenanceSvc_Session16; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
U3 UnistoreSvc_Session16; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session16; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R2 WTService; C:\WINDOWS\system32\atwtusb.exe [581120 2012-09-20] () [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-19] (AVAST Software)
R1 epp64; C:\EEK\bin\epp64.sys [136456 2015-10-20] (Emsisoft GmbH)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [24664 2012-01-11] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 moufiltr; C:\Windows\System32\drivers\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
S3 NTIOLib_1_0_1; C:\Program Files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [14136 2009-10-06] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 TabletFilter; C:\Windows\System32\drivers\TabletFilter.sys [7680 2012-08-15] (Windows (R) Win 7 DDK provider)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 vhidmini; C:\Windows\System32\drivers\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-20 12:09 - 2015-10-20 12:09 - 00029442 _____ C:\Users\Milan\Desktop\FRST.txt
2015-10-20 12:08 - 2015-10-20 12:08 - 02196992 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2015-10-20 11:50 - 2015-10-20 11:50 - 00016148 _____ C:\WINDOWS\system32\MILAN-PC_Milan_HistoryPrediction.bin
2015-10-20 11:47 - 2015-10-20 11:47 - 00001018 _____ C:\EamClean.log
2015-10-20 11:38 - 2015-10-20 11:38 - 00000786 _____ C:\Users\Milan\Desktop\Start Emsisoft Emergency Kit.lnk
2015-10-20 11:37 - 2015-10-20 11:38 - 00000000 ____D C:\EEK
2015-10-20 11:37 - 2015-10-20 11:37 - 168970712 _____ C:\Users\Milan\Downloads\EmsisoftEmergencyKit.exe
2015-10-20 11:23 - 2015-10-20 12:04 - 00000000 ____D C:\Program Files\trend micro
2015-10-20 11:23 - 2015-10-20 11:23 - 00000000 ____D C:\rsit
2015-10-20 11:22 - 2015-10-20 11:22 - 01222144 _____ C:\Users\Milan\Downloads\RSITx64.exe
2015-10-20 07:26 - 2015-10-20 07:26 - 00000000 ____D C:\Users\Milan\Desktop\cubase-7-serial-crack-Keygen-2015-
2015-10-20 07:16 - 2015-10-20 07:25 - 00000000 ____D C:\Users\Milan\Desktop\cubase
2015-10-19 20:16 - 2015-10-19 23:25 - 1321357312 _____ C:\Users\Milan\Downloads\Cubase_7.0.5_DVD1.iso
2015-10-19 20:15 - 2015-10-19 20:15 - 00004230 _____ C:\Users\Milan\Desktop\cubase-7-serial-crack-Keygen-2015-.rar
2015-10-18 19:09 - 2015-10-19 22:05 - 1156097807 _____ C:\Users\Milan\Downloads\Pro_Tools_11.3.0_Win.zip
2015-10-14 17:34 - 2015-10-14 17:46 - 142487875 _____ C:\Users\Milan\Downloads\YouPorn - BLACKED Business Blonde Anikka Albrite Ass Fucked By a BBC.mp4
2015-10-14 17:33 - 2015-10-14 17:37 - 49066499 _____ C:\Users\Milan\Downloads\YouPorn - TUSHY Riley Reid First Double Penetration.mp4
2015-10-14 12:32 - 2015-10-14 12:40 - 68180383 _____ C:\Users\Milan\Downloads\YouPorn - The hairiest pussy I ve ever seen.mp4
2015-10-14 12:24 - 2015-10-14 12:24 - 30881775 _____ C:\Users\Milan\Downloads\932-Uzemni_plan_Vintirov (1).zip
2015-10-13 20:41 - 2015-10-13 20:50 - 00000000 ____D C:\8cfd8b2949f25862cadbabf4a2
2015-10-13 19:58 - 2015-10-10 09:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-13 19:58 - 2015-10-10 08:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-13 19:58 - 2015-10-10 08:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-13 19:58 - 2015-10-06 05:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-13 19:58 - 2015-10-06 04:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-13 19:58 - 2015-10-01 06:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-13 19:58 - 2015-10-01 06:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-13 19:58 - 2015-10-01 06:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-13 19:58 - 2015-10-01 06:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-13 19:58 - 2015-10-01 06:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-13 19:58 - 2015-10-01 05:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-13 19:58 - 2015-09-25 06:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-13 19:58 - 2015-09-25 06:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-13 19:58 - 2015-09-25 05:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-13 19:58 - 2015-09-25 05:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-13 19:58 - 2015-09-25 05:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-13 19:58 - 2015-09-25 05:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-13 19:58 - 2015-09-25 05:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-13 19:58 - 2015-09-25 05:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-13 19:58 - 2015-09-25 05:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-13 19:58 - 2015-09-25 05:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-13 19:58 - 2015-09-25 05:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-13 19:58 - 2015-09-25 05:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-13 19:58 - 2015-09-25 05:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-13 19:58 - 2015-09-25 05:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-13 19:58 - 2015-09-25 05:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-13 19:58 - 2015-09-25 05:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-13 19:58 - 2015-09-25 05:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-13 19:58 - 2015-09-25 05:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-13 19:58 - 2015-09-25 05:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:58 - 2015-09-25 05:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-13 19:58 - 2015-09-25 05:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-13 19:58 - 2015-09-25 05:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-13 19:58 - 2015-09-25 05:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-13 19:58 - 2015-09-25 05:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-13 19:58 - 2015-09-25 05:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-13 19:58 - 2015-09-25 05:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-13 19:58 - 2015-09-25 04:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-13 19:58 - 2015-09-25 04:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-13 19:58 - 2015-09-25 04:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-13 19:58 - 2015-09-25 04:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-13 19:58 - 2015-09-25 04:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-13 19:58 - 2015-09-25 04:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-13 19:58 - 2015-09-25 04:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-13 19:58 - 2015-09-25 04:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-13 19:58 - 2015-09-25 04:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-13 19:58 - 2015-09-25 04:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-13 19:58 - 2015-09-25 04:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:58 - 2015-09-25 04:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-13 19:58 - 2015-09-25 04:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-13 19:58 - 2015-09-25 04:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-13 19:58 - 2015-09-25 04:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-13 19:58 - 2015-09-25 04:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-13 19:58 - 2015-09-25 04:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-13 19:58 - 2015-09-25 04:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-13 19:58 - 2015-09-25 04:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-13 19:58 - 2015-09-25 04:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-13 19:58 - 2015-09-25 04:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-13 11:16 - 2015-10-13 11:21 - 48121956 _____ C:\Users\Milan\Downloads\YouPorn - Paper due on Friday.mp4
2015-10-05 22:38 - 2015-10-05 22:38 - 00000204 _____ C:\Users\Milan\Desktop\kabely IEM.txt
2015-10-05 21:33 - 2015-10-02 19:36 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-05 21:33 - 2015-10-02 19:36 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-03 11:58 - 2015-10-03 14:40 - 1547433914 _____ C:\Users\Milan\Downloads\Ledové-království-CZ.avi
2015-10-03 11:54 - 2015-10-03 11:54 - 00000000 ____D C:\Users\Milan\Desktop\Frozen-Fever-Oslava-v-Ledovém-království-2015-Cz-dab.+-Cz-tit
2015-10-02 17:00 - 2015-10-02 17:27 - 480216368 _____ C:\Users\Milan\Desktop\Frozen-Fever-Oslava-v-Ledovém-království-2015-Cz-dab.+-Cz-tit..rar
2015-10-01 20:46 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 20:46 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 20:46 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 20:46 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 20:46 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 20:46 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 20:46 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 20:46 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 20:45 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 20:45 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 20:45 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 20:45 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 20:45 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 20:45 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 20:45 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 20:45 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 20:45 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 20:45 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 20:45 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 20:45 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 20:45 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 20:45 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 20:45 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 20:45 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 20:45 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 20:45 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 20:45 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 20:45 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 20:45 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 20:45 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 20:45 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 20:45 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 20:45 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 20:45 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 20:45 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 20:45 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 20:45 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 20:45 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 20:45 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 20:45 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 20:45 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 20:45 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 20:45 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 20:45 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 20:45 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 20:45 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 20:45 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 20:45 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 20:45 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 20:45 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 20:45 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 20:45 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 20:45 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 20:45 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 20:45 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 20:45 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 20:45 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 20:45 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 20:45 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 20:45 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 20:45 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 20:45 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 20:45 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 20:45 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 20:45 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 20:45 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 20:45 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 20:45 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 20:45 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 20:45 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 20:45 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 20:45 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 20:45 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 20:45 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 20:45 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 20:45 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 20:45 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 20:45 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 20:45 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 20:45 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 20:45 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 20:45 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 20:45 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 20:45 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 20:45 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 20:45 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 20:45 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 20:45 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 20:45 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 20:45 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 20:45 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 20:45 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 20:45 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 20:45 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 20:45 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 20:45 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 20:45 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 20:45 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 20:45 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 20:45 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 20:45 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 20:45 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 20:45 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 20:45 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 20:45 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 20:45 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 20:45 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 20:45 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 20:45 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 20:45 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 20:45 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 20:45 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 20:45 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 20:45 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 20:45 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 20:45 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 20:45 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 20:45 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 20:45 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 20:45 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 20:45 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 20:45 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 20:45 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 20:45 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 20:45 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 20:45 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 20:45 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 20:45 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 20:45 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 20:45 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 20:45 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 20:45 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 20:45 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 20:45 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 20:45 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 20:45 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 20:45 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 20:45 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 20:45 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 20:45 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 20:45 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 20:45 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 20:45 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 20:45 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 18:14 - 2015-10-01 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL
2015-10-01 18:13 - 2015-10-01 18:13 - 03385466 _____ (OpenSSL Win64 Installer Team ) C:\Users\Milan\Downloads\Win64OpenSSL_Light-1_0_2d.exe
2015-09-30 18:22 - 2015-09-30 18:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-30 18:22 - 2015-09-30 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-30 12:27 - 2015-09-30 12:38 - 103491853 _____ C:\Users\Milan\Downloads\YouPorn - Big tit babe takes it in the bum Telsev.mp4
2015-09-30 12:24 - 2015-09-30 12:35 - 103118142 _____ C:\Users\Milan\Downloads\YouPorn - The Sperminator Telsev.mp4
2015-09-29 11:41 - 2015-09-29 11:52 - 136457136 _____ C:\Users\Milan\Downloads\YouPorn - BLACKED Big Tit Model Marina Visconti Loves Anal with BBC.mp4
2015-09-29 11:34 - 2015-09-29 11:52 - 152045538 _____ C:\Users\Milan\Downloads\YouPorn%20-%20BLACKED%20Curvy%20Blonde%20Payton%20Simmons%20vs%20BBC.mp4
2015-09-27 10:13 - 2015-09-27 10:13 - 00001763 _____ C:\Users\Public\Desktop\Stellarium.lnk
2015-09-27 10:13 - 2015-09-27 10:13 - 00000000 ____D C:\Users\Milan\AppData\Local\stellarium
2015-09-27 10:13 - 2015-09-27 10:13 - 00000000 ____D C:\Program Files\Stellarium
2015-09-27 10:12 - 2015-09-27 10:12 - 146339983 _____ (Stellarium team ) C:\Users\Milan\Downloads\stellarium-0.13.3-win64.exe
2015-09-24 18:49 - 2015-09-24 18:49 - 22771974 _____ C:\Users\Milan\Desktop\zasilka-GDU2DSBA2ZVGLUBN.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-20 12:09 - 2013-11-04 19:04 - 00000000 ____D C:\FRST
2015-10-20 11:58 - 2015-09-07 20:18 - 01770878 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-20 11:58 - 2015-07-10 18:02 - 00748660 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-20 11:58 - 2015-07-10 18:02 - 00150534 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-20 11:54 - 2015-09-18 16:59 - 00003128 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2015-10-20 11:54 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-20 11:53 - 2013-12-01 20:46 - 00000980 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-649847758-3809949159-3738805346-1000UA.job
2015-10-20 11:51 - 2012-09-28 21:11 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-20 11:51 - 2012-09-28 21:11 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-20 11:49 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-20 11:49 - 2012-12-06 21:19 - 00000439 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-10-20 11:49 - 2009-07-14 04:30 - 00000695 _____ C:\WINDOWS\win.ini
2015-10-20 11:48 - 2015-09-07 19:50 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-20 11:48 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-20 11:47 - 2015-09-07 19:46 - 00025092 _____ C:\WINDOWS\PFRO.log
2015-10-20 11:47 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-20 11:47 - 2013-01-20 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-20 11:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-20 11:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-20 11:21 - 2015-08-10 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-20 11:13 - 2015-09-19 07:55 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-10-20 07:30 - 2012-09-28 21:25 - 00000000 ____D C:\Users\Milan\Documents\Soubory aplikace Outlook
2015-10-20 07:15 - 2013-03-24 09:46 - 00000021 _____ C:\Users\Milan\AppData\Roaming\ISOWorkshop.ini
2015-10-19 22:28 - 2012-12-02 01:03 - 00000000 ____D C:\Users\Milan\AppData\Local\Packages
2015-10-19 21:53 - 2013-12-01 20:46 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-649847758-3809949159-3738805346-1000Core.job
2015-10-19 21:50 - 2013-04-17 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1AVCapture
2015-10-19 21:50 - 2013-04-17 20:40 - 00000000 ____D C:\Program Files (x86)\1AVCapture
2015-10-19 20:29 - 2013-12-13 20:02 - 00000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2015-10-19 20:16 - 2014-12-26 22:29 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-19 19:30 - 2013-10-19 20:04 - 00004196 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4B4B6258-B3AE-4210-BFDC-46145CB0EE12}
2015-10-18 21:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-17 23:32 - 2015-03-16 18:49 - 00000132 _____ C:\Users\Milan\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-10-17 21:09 - 2013-08-25 18:28 - 00000000 ____D C:\Users\Milan\Desktop\kapela
2015-10-14 12:25 - 2012-09-29 11:24 - 00000000 ____D C:\Users\Milan\AppData\Roaming\FileZilla
2015-10-14 12:19 - 2012-09-28 21:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-14 12:15 - 2014-05-14 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-13 20:50 - 2013-07-28 22:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-13 20:41 - 2012-10-01 00:27 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-11 19:26 - 2015-09-07 20:42 - 00000000 ____D C:\Windows.old
2015-10-08 22:29 - 2013-12-18 19:47 - 00000000 ____D C:\Users\Milan\AppData\Roaming\Audacity
2015-10-07 21:40 - 2015-07-10 14:20 - 00025201 _____ C:\WINDOWS\setupact.log
2015-10-07 20:11 - 2012-12-12 22:46 - 00002286 ____H C:\Users\Milan\Documents\Default.rdp
2015-10-07 19:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-07 18:29 - 2013-12-24 20:34 - 00000000 ____D C:\temp
2015-10-06 19:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-05 21:33 - 2015-09-07 19:55 - 00000000 ____D C:\Users\Milan
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-05 21:29 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-02 17:15 - 2012-09-29 11:30 - 00001024 _____ C:\.rnd
2015-10-01 18:14 - 2012-09-28 22:07 - 00000000 ____D C:\web
2015-09-30 22:22 - 2012-10-23 19:50 - 00000000 ____D C:\Users\Milan\AppData\Roaming\Skype
2015-09-30 18:22 - 2014-04-21 20:34 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-30 18:22 - 2012-10-23 19:50 - 00000000 ____D C:\ProgramData\Skype
2015-09-30 12:13 - 2015-09-18 11:09 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 32.lnk
2015-09-30 12:13 - 2014-06-05 19:53 - 00003940 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1382555172
2015-09-30 12:13 - 2012-09-28 19:49 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-29 15:05 - 2012-09-28 21:11 - 00000000 ____D C:\Users\Milan\AppData\Local\Adobe
2015-09-27 10:13 - 2014-12-26 22:01 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-27 10:13 - 2013-04-18 21:44 - 00000000 ____D C:\Users\Milan\AppData\Roaming\Stellarium
2015-09-27 10:13 - 2013-04-18 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
2015-09-25 11:28 - 2014-05-14 21:50 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-20 20:14 - 2015-01-08 23:16 - 00000000 ____D C:\Users\Milan\Documents\Flight Simulator X Files
2015-09-20 16:35 - 2015-02-13 16:39 - 00000000 ____D C:\Users\Milan\AppData\Local\VRS_FlightConnect_FSX

==================== Files in the root of some directories =======

2015-03-16 18:49 - 2015-10-17 23:32 - 0000132 _____ () C:\Users\Milan\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2013-03-24 09:46 - 2015-10-20 07:15 - 0000021 _____ () C:\Users\Milan\AppData\Roaming\ISOWorkshop.ini
2014-12-08 21:03 - 2014-12-08 21:03 - 0000268 ___RH () C:\Users\Milan\AppData\Roaming\Jazz Kit
2014-12-08 21:03 - 2014-12-08 21:03 - 0000268 ___RH () C:\Users\Milan\AppData\Roaming\Jingles
2014-12-08 21:03 - 2014-12-08 21:03 - 0000268 ___RH () C:\Users\Milan\AppData\Roaming\Kernel Extension
2015-01-15 20:12 - 2015-01-15 20:12 - 0000268 ___RH () C:\Users\Milan\AppData\Roaming\Rule Actions
2012-10-17 19:46 - 2012-10-17 19:46 - 0007605 _____ () C:\Users\Milan\AppData\Local\Resmon.ResmonCfg
2013-03-24 14:02 - 2013-03-24 14:02 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-12-08 21:03 - 2014-12-08 21:03 - 0000268 ___RH () C:\ProgramData\Keychains
2014-12-08 21:03 - 2014-12-08 21:03 - 0000268 ___RH () C:\ProgramData\LaserPrinter
2014-12-08 21:03 - 2014-12-08 21:03 - 0000268 ___RH () C:\ProgramData\LaunchAgents
2012-10-07 19:40 - 2012-10-07 19:40 - 0000152 _____ () C:\ProgramData\LmeUSB.log
2012-10-07 19:40 - 2012-10-07 19:40 - 0000152 _____ () C:\ProgramData\LSDmbTH.log
2014-12-08 21:03 - 2014-12-08 21:03 - 0000012 ___RH () C:\ProgramData\Mail
2014-12-08 21:03 - 2014-12-08 21:03 - 0000012 ___RH () C:\ProgramData\Master
2014-12-08 21:03 - 2014-12-08 21:03 - 0000012 ___RH () C:\ProgramData\MIDI Patch Names
2015-01-15 20:09 - 2015-04-05 11:06 - 0000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2014-12-08 21:03 - 2014-12-28 00:05 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-12-08 21:03 - 2015-02-25 21:21 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-12-08 21:03 - 2015-03-29 21:09 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2015-01-15 20:12 - 2015-01-15 20:12 - 0000268 ___RH () C:\ProgramData\Sampler Instruments

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\abracadabra08092011.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-18 00:59

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Flash USB - antivir detekuje virus

#3 Příspěvek od vyosek »

Zdravim :)

:arrow: Aplikujte USBFix http://forum.viry.cz/viewtopic.php?f=24&t=140144
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
meiilax
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 27 čer 2004 09:13

Re: Flash USB - antivir detekuje virus

#4 Příspěvek od meiilax »

Zkusím, ale koukal jsem do logu, že ten virový vbs skript se spouští po spuštění Windows a nejde to manuálně odstranit - po odstranění se tam za chvíli zas objeví. Rovněž je v registru Windows. C s tímhle ?

EDIT jakmile zastrčím USB, Avast mi nepřetržitě blokuje útoky z USB flashky, mám přessto s USBFix pokračovat ?
Nahoru
meiilax
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 27 čer 2004 09:13

Re: Flash USB - antivir detekuje virus

#5 Příspěvek od meiilax »

Projel to USBFix - našlo to 15 infekcí a dal jsem pak mód clean a vyčistilo všech 15. Avast už nic v reálném čase nedetekuje. Mám se dát nějaký log ještě pro kontrolu PC, pro jistotu ?

Díky mp
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Flash USB - antivir detekuje virus

#6 Příspěvek od vyosek »

Ano, rad bych videl log z USBFixu a pak udelejte novy log z FRST
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
meiilax
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 27 čer 2004 09:13

Re: Flash USB - antivir detekuje virus

#7 Příspěvek od meiilax »

USBFix LOG:

############################## | UsbFix V 7.181 | [Clean]

User: Milan (Administrator) # MILAN-PC
Updated 31/08/2014 by El Desaparecido - SosVirus
Started at 14:25:57 | 20/10/2015

Website : http://www.en.usbfix.net/
Changelog : http://www.en.usbfix.net/changelog/
Support : http://www.sosvirus.net/
Upload Malware : http://www.sosvirus.net/upload_malware.php
Contact : http://www.en.usbfix.net/contact/

################## | System information |

MB: MSI (Z77A-G43 (MS-7758))
CPU: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
RAM -> [Total : 8140 Mo | Free : 5128 Mo]
Bios: American Megatrends Inc.
Boot: Normal boot

OS: Microsoft™ Windows 10 Pro (6.3.9600 64-Bit)
WB: Internet Explorer : 11.00.10240.16384
WB: Google Chrome : 46.0.2490.71
WB: Mozilla Firefox : 41.0.2
WB: Opera : 32.0.1948.69

################## | Security Information |

AV: Windows Defender [Enabled |Updated]
AV: avast! Antivirus [(!) Disabled |Updated]
AS: Windows Defender [Enabled |Updated]
AS: avast! Antivirus [(!) Disabled |Updated]
AS: Malwarebytes Anti-Malware : 2.1.8.1057
FW: Windows Firewall [Enabled]
SC: Security Center [Enabled]
WU: Windows Update [Enabled]

################## | Disk Information |

C:\ (%SystemDrive%) -> Fixed disk # 488 Gb (192 Gb free - 39%) [C:] # NTFS
D:\ -> Fixed disk # 146 Gb (27 Gb free - 18%) [D:] # NTFS
F:\ -> Fixed disk # 297 Gb (90 Gb free - 30%) [F:] # NTFS
G:\ -> Fixed disk # 352 Gb (2 Gb free - 1%) [bývalé G] # NTFS
H:\ -> Fixed disk # 98 Gb (23 Gb free - 23%) [bývalé C] # NTFS
I:\ -> Fixed disk # 135 Gb (117 Gb free - 87%) [bývalé D] # NTFS
J:\ -> Fixed disk # 114 Gb (71 Gb free - 62%) [bývalé F] # NTFS
L:\ -> Removable disk # 4 Gb (51 Mb free - 1%) [KINGSTON] # FAT32
N:\ -> Removable disk # 15 Gb (35 Mb free - 0%) [KINGSTON] # FAT32

################## | Generic Research |

Deleted! N:\dhcp.vbs
Deleted! N:\cubase 7 serial crack Keygen 2015 .vbs

(!) Temporary files deleted. (608.597521781921 MB)

################## | Registry |


################## | Regedit Run |

F2 - HKLM\..\Winlogon : [Shell] explorer.exe
F2 - [x64] HKLM\..\Winlogon : [Shell] explorer.exe
F2 - HKLM\..\Winlogon : [Userinit] C:\WINDOWS\system32\userinit.exe,
F2 - [x64] HKLM\..\Winlogon : [Userinit] C:\Windows\system32\userinit.exe,
04 - HKCU\..\Run : [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BP2CFD205NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1
04 - HKCU\..\Run : [Steam] "F:\Games\Steam\steam.exe" -silent
04 - HKCU\..\Run : [Google Update] "C:\Users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKCU\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKCU\..\Run : [OneDrive] "C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
04 - HKLM\..\Run : [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
04 - HKLM\..\Run : [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
04 - HKLM\..\Run : [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
04 - HKLM\..\Run : [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe
04 - HKLM\..\Run : [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
04 - HKLM\..\Run : [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
04 - HKLM\..\Run : [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
04 - HKLM\..\Run : [Navigraph FMS Data Manager] C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe -autostart
04 - HKLM\..\Run : [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
04 - HKLM\..\Run : [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
04 - HKLM\..\Run : [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
04 - HKLM\..\Run : [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
04 - HKLM\..\Run : [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
04 - [x64] HKLM\..\Run : [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
04 - [x64] HKLM\..\Run : [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
04 - [x64] HKLM\..\Run : [IntelliPoint] "c:\Program Files\Microsoft Device Center\ipoint.exe"
04 - [x64] HKLM\..\Run : [IntelliType Pro] "c:\Program Files\Microsoft Device Center\itype.exe"
04 - [x64] HKLM\..\Run : [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
04 - [x64] HKLM\..\Run : [AtwtusbIcon] AtwtusbIcon.exe
04 - [x64] HKLM\..\Run : [IgfxTray] "C:\WINDOWS\system32\igfxtray.exe"
04 - [x64] HKLM\..\Run : [HotKeysCmds] "C:\WINDOWS\system32\hkcmd.exe"
04 - [x64] HKLM\..\Run : [Persistence] "C:\WINDOWS\system32\igfxpers.exe"
04 - [x64] HKLM\..\Run : [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
04 - [x64] HKLM\..\Run : [ShadowPlay] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
04 - HKU\S-1-5-19\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-20\..\Run : [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
04 - HKU\S-1-5-21-649847758-3809949159-3738805346-1000\..\Run : [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BP2CFD205NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1
04 - HKU\S-1-5-21-649847758-3809949159-3738805346-1000\..\Run : [Steam] "F:\Games\Steam\steam.exe" -silent
04 - HKU\S-1-5-21-649847758-3809949159-3738805346-1000\..\Run : [Google Update] "C:\Users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
04 - HKU\S-1-5-21-649847758-3809949159-3738805346-1000\..\Run : [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
04 - HKU\S-1-5-21-649847758-3809949159-3738805346-1000\..\Run : [OneDrive] "C:\Users\Milan\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

################## | UsbFix - Information |

Info : How to remove shortcut virus on flash disk (Video)
Info : Shortcut virus on flash disk, What is it ?

################## | Hijack |

Restored! [D] N:\My Webs
Restored! [D] N:\new brushes
Restored! [D] N:\pokuta
Restored! [D] N:\obrázky
Restored! [D] N:\orbiter060929_DG4
Restored! [D] N:\Password Organizer
Restored! [D] N:\photoshop tvary
Restored! [D] N:\poker
Restored! [D] N:\pokus
Restored! [N] N:\IMG_0187.jpg
Restored! [D] N:\pspad453cz
Restored! [D] N:\punbb 1.3 punbb styles
Restored! [D] N:\Radiohead - In Rainbows
Restored! [D] N:\rss
Restored! [D] N:\servis
Restored! [D] N:\směrnice ÚP
Restored! [D] N:\smlouvy - auto
Restored! [D] N:\smouvy - chalupa
Restored! [D] N:\SubtitleToolCZ
Restored! [D] N:\Texture.ThomasCook_dxt3
Restored! [D] N:\upr - stížnost
Restored! [D] N:\USB WinXP boot soft
Restored! [D] N:\vypinani vyvolavaku 3
Restored! [D] N:\výuka PC
Restored! [D] N:\vyvolavak
Restored! [D] N:\web programmin apps
Restored! [D] N:\Zend Guard 4.01
Restored! [D] N:\pozvánka starosta narozky
Restored! [D] N:\zpěvník
Restored! [N] N:\_CZ__CvPen.pdf
Restored! [N] N:\7z465.exe
Restored! [N] N:\737 Checklist.JPG
Restored! [N] N:\Airbus_PilotsGuide_UK.pdf
Restored! [N] N:\all.cdr
Restored! [N] N:\archiv.sql
Restored! [N] N:\ATT4999381.zip
Restored! [N] N:\Author.txt
Restored! [N] N:\vyjádření obce.pdf
Restored! [N] N:\b737_flight_manual.pdf
Restored! [N] N:\bakalářská_práce_Půta_final3.doc
Restored! [N] N:\BOOTEX.LOG
Restored! [N] N:\cdbxp_setup_4.3.7.2423.exe
Restored! [N] N:\cez-cenikmoo-2010.pdf
Restored! [N] N:\cscart_install_on_local_pc.pdf
Restored! [N] N:\cs-CZ_joomla_lang_full.1.5.9v1.zip
Restored! [N] N:\cube.jpg
Restored! [N] N:\CV.doc
Restored! [N] N:\cz_airport_k_vary.sql
Restored! [N] N:\cz_airport_k_vary_ISO.sql
Restored! [N] N:\cz_airport_k_vary_UTF8.sql
Restored! [N] N:\cz_knesta_ISO.sql
Restored! [N] N:\cz_knesta_utf8.sql
Restored! [N] N:\dialogy.exe
Restored! [N] N:\dovolená.xls
Restored! [N] N:\dxwebsetup.exe
Restored! [N] N:\fix_you.doc
Restored! [N] N:\fix_you.txt
Restored! [N] N:\fotky final.zip
Restored! [N] N:\fronta.JPG
Restored! [N] N:\FSUIPC for Advanced Users.doc
Restored! [N] N:\FSUIPC User Guide.doc
Restored! [N] N:\Grafika - koncept.doc
Restored! [N] N:\HCCU.reg
Restored! [N] N:\HCLM.reg
Restored! [N] N:\HKCU_navicat.reg
Restored! [N] N:\HKLM_navicat.reg
Restored! [N] N:\httpd.conf
Restored! [N] N:\Checklists.pdf
Restored! [N] N:\instalace PHP and MySQL.txt
Restored! [N] N:\nar.txt
Restored! [D] N:\basa
Restored! [D] N:\Návrhy dekorů porcelánu
Restored! [N] N:\P1210541b.jpg
Restored! [N] N:\katastr1.jpg
Restored! [N] N:\katastr.jpg
Restored! [N] N:\kempy.doc
Restored! [N] N:\klcodec385f.exe
Restored! [N] N:\lalsetup250.exe
Restored! [N] N:\Learn to play the intro to paranoid android from radiohead.avi
Restored! [N] N:\Linksys.txt
Restored! [N] N:\logo1.cdr
Restored! [N] N:\logo.cdr
Restored! [N] N:\logoup kopie.jpg
Restored! [N] N:\Logoup.cdr
Restored! [N] N:\logoup.jpg
Restored! [N] N:\logoupUP.png
Restored! [N] N:\mail-kódování.txt
Restored! [N] N:\MANUAL-INT.pdf
Restored! [N] N:\mysql_manual.chm
Restored! [N] N:\NazdarSvete.java
Restored! [N] N:\nový-3 kopie.jpg
Restored! [N] N:\nový-3.tga
Restored! [N] N:\nový-3.tif
Restored! [N] N:\okruh1.t
Restored! [N] N:\okruh2.t
Restored! [N] N:\okruh35_400.t
Restored! [N] N:\okruh62_900.t
Restored! [N] N:\píseň navečer.txt
Restored! [N] N:\P1040196.JPG
Restored! [N] N:\P1120737.JPG
Restored! [N] N:\P1120741.JPG
Restored! [N] N:\P1120765.JPG
Restored! [N] N:\P1120766.JPG
Restored! [N] N:\P1120843.JPG
Restored! [N] N:\P1120844.JPG
Restored! [N] N:\poplatkyzpet_hypča.txt
Restored! [N] N:\vlc-2.0.5-win32.zip
Restored! [N] N:\php.ini
Restored! [N] N:\php_manual_cs.chm
Restored! [N] N:\php_manual_en.chm
Restored! [N] N:\pohyby.xml
Restored! [N] N:\pohyby_new.xml
Restored! [N] N:\prace-kv-kraj_ISO.sql
Restored! [N] N:\prace-kv-kraj_UTF8.sql
Restored! [N] N:\press_cz_LetKV .doc
Restored! [N] N:\prodejny na kolový blbosti.txt
Restored! [N] N:\IMG_0222.jpg
Restored! [N] N:\IMG_0131.jpg
Restored! [N] N:\Quicksand Chords from Hunky Dory by David Bowie.htm
Restored! [D] N:\Jirkovský crossmarathon 2013
Restored! [N] N:\FRST64.exe
Restored! [N] N:\FRST.txt
Restored! [N] N:\věci na dovolenou 13.txt
Restored! [N] N:\Dovolená 2013.docx
Restored! [D] N:\chata
Restored! [N] N:\IMG_1004.JPG
Restored! [N] N:\Registrace Cyklotras Chip 2009.txt
Restored! [N] N:\rose.jpg
Restored! [N] N:\různéinfos.txt
Restored! [N] N:\seo-kniha.pdf
Restored! [N] N:\Seznam prostudované relevantní literatury.doc
Restored! [N] N:\Směrnice_rozdělení.doc
Restored! [N] N:\Specifications Airbus Series.pdf
Restored! [N] N:\Svět vodních dýmek.doc
Restored! [N] N:\telefony.txt
Restored! [N] N:\TheseAreMyTwistedWords.zip
Restored! [N] N:\dovolená 13 nákup.docx
Restored! [N] N:\Vážený pane řediteli.docx
Restored! [N] N:\traffic.jpg
Restored! [N] N:\Tvorba dynamických www stránek.doc
Restored! [N] N:\underneath.txt
Restored! [N] N:\underneathCZ.txt
Restored! [N] N:\úp.ppt
Restored! [N] N:\V090310_14.23.3gp
Restored! [N] N:\Vážený pane řediteli.doc
Restored! [N] N:\vypinac.exe
Restored! [N] N:\výplaty_inzerce.xls
Restored! [N] N:\Vyvolávací systém ÚP Sokolov.ppt
Restored! [N] N:\vyvolávací_systém_ÚPSok.doc
Restored! [N] N:\webs.txt
Restored! [N] N:\Základní poučení 13.ppt
Restored! [N] N:\ZendStudioDoc.pdf
Restored! [D] N:\7-8_xp32_dd_50960
Restored! [D] N:\8-4_xp32_dd_60999
Restored! [D] N:\8-12_xp32_dd_72271
Restored! [D] N:\763TVS
Restored! [D] N:\All Charts for LKPR
Restored! [N] N:\pf2015.jpg
Restored! [D] N:\astro-fotografování
Restored! [D] N:\atis
Restored! [D] N:\Custom Shapes
Restored! [D] N:\cyklistika
Restored! [D] N:\daňová přiznání
Restored! [D] N:\DXT2BMP
Restored! [D] N:\EuroScope
Restored! [D] N:\firefox portable
Restored! [D] N:\flash manuals and tutorials
Restored! [N] N:\Addition.txt
Restored! [D] N:\Gizcore
Restored! [D] N:\škola hynek
Restored! [D] N:\klády
Restored! [D] N:\LKKV Turecký
Restored! [N] N:\Adresa Letiště Karlovy Vary s.docx
Restored! [D] N:\dům
Restored! [D] N:\meiilax
Restored! [D] N:\Triko
Restored! [D] N:\KeePass-1.16
Restored! [D] N:\domácnost
Restored! [N] N:\Odesílatel.docx
Restored! [N] N:\Martin Tuček.docx
Restored! [N] N:\žádost o souhlas k SVČ.docx
Restored! [D] N:\Akvaristika
Restored! [N] N:\tatínku.docx
Restored! [D] N:\Dovča 2015
Restored! [D] N:\Sony Xperia Play
Restored! [N] N:\Scan.pdf
Restored! [D] N:\Topaz Labs
Restored! [D] N:\dovolená Alpy prosinec 2010
Restored! [N] N:\tatínek_cv.docx
Restored! [D] N:\Frankfurt
Restored! [N] N:\tatínek.docx
Restored! [N] N:\Monroe,-Robert---Cesty-mimo-tělo.pdf
Restored! [N] N:\Robert-A.-Monroe---Daleké-cesty.pdf
Restored! [N] N:\Monroe-Robert---Návrat-k-pramenům.pdf
Restored! [D] N:\757 FS9
Restored! [N] N:\D5100RM_Cz_02.pdf
Restored! [D] N:\fotografování
Restored! [D] N:\FS manuals
Restored! [N] N:\Oznámení cpsz.rtf
Restored! [N] N:\P4 - zadost_o_souhlas_s_vydelecnou_cinnosti.docx
Restored! [N] N:\.cm0013
Restored! [D] N:\studium cheb
Restored! [D] N:\jídelníček
Restored! [N] N:\kupní smlouva pozemek Lomnice.pdf
Restored! [N] N:\oddálení ejak.docx
Restored! [N] N:\plat.rtf
Restored! [N] N:\CV_IT_AJ.doc
Restored! [N] N:\knihy.txt
Restored! [N] N:\telseznammobil.pdf
Restored! [N] N:\logo.png
Restored! [N] N:\SDC10036.jpg
Restored! [N] N:\SDC10040.JPG
Restored! [N] N:\Poukaz na.docx
Restored! [N] N:\výletPraha_8_2011.txt
Restored! [N] N:\zpráva.txt
Restored! [N] N:\10-2_legacy_xp32-64_dd_ccc.exe
Restored! [N] N:\kontakty.pdf
Restored! [N] N:\eclipse-java-indigo-SR1-win32.zip
Restored! [D] N:\JAVA-výuka
Restored! [D] N:\NetBeansProjects
Restored! [D] N:\DesktopDB
Restored! [N] N:\CV_úředník.doc
Restored! [N] N:\CV_úředník.pdf
Restored! [D] N:\ArchivApp
Restored! [N] N:\CZC - vrácení.doc
Restored! [N] N:\gf.txt
Restored! [N] N:\CV_IT.pdf
Restored! [N] N:\CV_IT.doc
Restored! [D] N:\soukr
Restored! [N] N:\lyže - vrácení.docx
Restored! [N] N:\Pracuji na úřadu práce ve vedoucí pozici již 20 let.docx
Restored! [N] N:\IMAG0076.jpg
Restored! [N] N:\IMAG0078.jpg
Restored! [N] N:\IMAG0074.jpg
Restored! [N] N:\IMAG0075.jpg
Restored! [N] N:\IMAG0076u.jpg
Restored! [N] N:\návrh na stůl (2).docx
Restored! [N] N:\UserGuide_Sygic_GPS_Navigation_Mobile_v3_EN.pdf
Restored! [D] N:\HTC Desire Z
Restored! [N] N:\Koncepce oddělení 2012.docx
Restored! [N] N:\MTB_2012_CHL.gpx
Restored! [D] N:\vk
Restored! [N] N:\reklamace_rukavice NW.docx
Restored! [N] N:\IMG_1693.JPG
Restored! [N] N:\IMG_1696.JPG
Restored! [N] N:\IMG_1697.JPG
Restored! [N] N:\IMG_1694.JPG
Restored! [N] N:\IMG_1698.JPG

################## | C:\ %SystemDrive% - Fixed drive (NTFS) |

[29/07/2014 - 14:55:41 | A | 162 Ko] - C:\MyXML.xml
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.3082.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.2052.txt
[07/11/2007 - 08:00:40 | A | 0 Ko] - C:\eula.1041.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.1040.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.1036.txt
[07/11/2007 - 08:00:40 | A | 10 Ko] - C:\eula.1033.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.1031.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.1028.txt
[07/11/2007 - 08:00:40 | A | 17 Ko] - C:\eula.1042.txt
[20/10/2015 - 11:47:51 | ASH | 6251844 Ko] - C:\hiberfil.sys
[20/10/2015 - 11:47:52 | ASH | 8388608 Ko] - C:\pagefile.sys
[20/10/2015 - 11:47:52 | ASH | 262144 Ko] - C:\swapfile.sys
[02/10/2015 - 17:15:07 | A | 1 Ko] - C:\.rnd
[11/10/2015 - 19:26:38 | D] - C:\Windows.old
[07/11/2007 - 08:12:28 | A | 228 Ko] - C:\VC_RED.MSI
[20/10/2015 - 11:47:40 | A | 1 Ko] - C:\EamClean.log
[10/03/2013 - 18:53:35 | N | 11 Ko] - C:\farstone_pe.letter
[07/11/2007 - 08:00:40 | A | 1 Ko] - [VirusTotal - (0/56)] - C:\globdata.ini
[07/11/2007 - 08:00:40 | A | 1 Ko] - [VirusTotal - (0/57)] - C:\install.ini
[07/10/2012 - 19:40:24 | A | 5 Ko] - C:\6XSourceFilter.grf
[07/11/2007 - 08:03:18 | A | 550 Ko] - [VirusTotal - (0/56)] - C:\install.exe
[01/12/2006 - 23:37:14 | A | 884 Ko] - [VirusTotal - (0/55)] - C:\msdia80.dll
[07/11/2007 - 08:03:18 | A | 74 Ko] - [VirusTotal - (0/57)] - C:\install.res.2052.dll
[07/11/2007 - 08:03:18 | A | 93 Ko] - [VirusTotal - (0/57)] - C:\install.res.1040.dll
[07/11/2007 - 08:03:18 | A | 89 Ko] - [VirusTotal - (0/57)] - C:\install.res.1033.dll
[07/11/2007 - 08:03:18 | A | 78 Ko] - [VirusTotal - (0/55)] - C:\install.res.1042.dll
[07/11/2007 - 08:03:18 | A | 94 Ko] - [VirusTotal - (0/56)] - C:\install.res.3082.dll
[07/11/2007 - 08:03:18 | A | 94 Ko] - [VirusTotal - (0/56)] - C:\install.res.1031.dll
[07/11/2007 - 08:03:18 | A | 95 Ko] - [VirusTotal - (0/56)] - C:\install.res.1036.dll
[07/11/2007 - 08:03:18 | A | 75 Ko] - [VirusTotal - (0/56)] - C:\install.res.1028.dll
[07/11/2007 - 08:03:18 | A | 80 Ko] - [VirusTotal - (0/56)] - C:\install.res.1041.dll
[30/09/2012 - 10:54:52 | A | 0 Ko] - C:\milan-pc-fd.conf
[07/11/2007 - 08:09:22 | A | 1409 Ko] - C:\VC_RED.cab
[07/11/2007 - 08:00:40 | A | 6 Ko] - C:\vcredist.bmp
[05/02/2014 - 19:27:03 | SHD] - C:\$Recycle.Bin
[31/12/2011 - 10:24:08 | A | 429 Ko] - C:\bootmgr
[28/09/2012 - 18:44:30 | D] - C:\MSI
[28/09/2012 - 18:52:02 | D] - C:\Intel
[28/09/2012 - 21:16:04 | RHD] - C:\MSOCache
[28/09/2012 - 22:29:11 | D] - C:\usr
[03/10/2012 - 23:35:41 | D] - C:\winki
[09/10/2012 - 22:13:53 | D] - C:\Flight One Software
[08/11/2012 - 21:08:27 | D] - C:\ESD
[24/11/2013 - 18:21:35 | D] - C:\HP_ePrint
[17/03/2014 - 19:53:56 | D] - C:\ControlCenterCount
[30/09/2014 - 20:34:06 | D] - C:\MSILU
[30/12/2014 - 22:20:15 | D] - C:\UpdateChromeLinksLogs
[17/01/2015 - 22:55:46 | D] - C:\FF
[25/01/2015 - 17:15:53 | D] - C:\AdwCleaner
[09/02/2015 - 21:49:57 | D] - C:\PhSp_CS2_UE_Ret
[10/07/2015 - 13:00:31 | N | 0 Ko] - C:\BOOTNXT
[10/07/2015 - 13:04:22 | D] - C:\PerfLogs
[10/07/2015 - 14:21:38 | SHD] - C:\Documents and Settings
[07/09/2015 - 19:52:25 | SHD] - C:\Recovery
[07/09/2015 - 19:58:19 | RD] - C:\Users
[19/09/2015 - 10:20:29 | HD] - C:\ProgramData
[30/09/2015 - 18:22:03 | RD] - C:\Program Files (x86)
[01/10/2015 - 18:14:56 | D] - C:\web
[07/10/2015 - 18:29:19 | D] - C:\temp
[13/10/2015 - 20:50:54 | D] - C:\8cfd8b2949f25862cadbabf4a2
[18/10/2015 - 11:28:28 | SHD] - C:\System Volume Information
[20/10/2015 - 11:23:01 | RD] - C:\Program Files
[20/10/2015 - 11:23:11 | D] - C:\rsit
[20/10/2015 - 11:38:18 | D] - C:\EEK
[20/10/2015 - 12:10:20 | AD] - C:\Windows
[20/10/2015 - 12:10:39 | D] - C:\FRST
[20/10/2015 - 14:24:21 | D] - C:\UsbFix

################## | D:\ - Fixed drive (NTFS) |

[25/04/2015 - 17:09:07 | A | 5 Ko] - D:\AS2012_Log.txt
[12/01/2015 - 20:19:17 | A | 0 Ko] - D:\Maddog2008.ini
[30/01/2015 - 17:33:14 | A | 0 Ko] - D:\fao.dat
[11/01/2015 - 14:02:10 | SHD] - D:\$RECYCLE.BIN
[10/01/2015 - 17:46:24 | D] - D:\FSGX
[16/01/2015 - 23:48:01 | D] - D:\aerosoft
[01/02/2015 - 14:15:58 | D] - D:\ORBX FTX Global
[21/04/2015 - 19:15:34 | D] - D:\Program Files (x86)
[07/09/2015 - 20:41:42 | SHD] - D:\System Volume Information
[08/09/2015 - 19:34:39 | D] - D:\REX Essential Plus Overdrive
[19/09/2015 - 10:38:22 | D] - D:\FS Sceneries

################## | F:\ - Fixed drive (NTFS) |

[11/01/2015 - 14:02:10 | SHD] - F:\$RECYCLE.BIN
[30/09/2012 - 10:19:04 | D] - F:\Staré disky
[26/12/2014 - 21:46:39 | D] - F:\Program Files (x86)
[07/04/2015 - 18:06:57 | D] - F:\Games
[07/09/2015 - 20:41:42 | SHD] - F:\System Volume Information
[19/09/2015 - 09:00:04 | D] - F:\FSX soft
[19/10/2015 - 18:49:48 | D] - F:\Fotky 2

################## | G:\ - Fixed drive (NTFS) |

[25/07/2010 - 11:22:38 | D] - G:\msdownld.tmp
[20/01/2012 - 17:17:02 | A | 3601713 Ko] - G:\Windows-7-SP1-CZ-x86,x64-+-1x-klik-Aktivator-(ISO).rar
[11/01/2015 - 14:02:11 | SHD] - G:\$RECYCLE.BIN
[09/05/2008 - 18:33:10 | D] - G:\Fonty
[09/05/2008 - 18:48:57 | D] - G:\C
[09/05/2008 - 18:53:54 | D] - G:\E
[09/05/2008 - 21:58:37 | SHD] - G:\RECYCLER
[10/05/2008 - 07:08:51 | D] - G:\merged_partition_content
[31/01/2010 - 13:28:24 | D] - G:\staré PC
[28/10/2010 - 12:40:47 | D] - G:\Zálohy
[28/10/2010 - 15:52:46 | D] - G:\DVDs
[21/11/2010 - 23:24:07 | D] - G:\Hry
[08/01/2011 - 13:55:48 | D] - G:\FS Global 2008
[16/01/2011 - 22:44:04 | D] - G:\Program Files
[25/12/2011 - 19:02:27 | D] - G:\Outlook ÚP
[25/12/2011 - 19:10:54 | D] - G:\Flash zelená 22122011
[04/02/2012 - 16:52:47 | D] - G:\Azureus Torrent Files
[13/04/2013 - 22:14:09 | D] - G:\FS nákupy
[26/10/2013 - 09:55:16 | D] - G:\AIRACS
[25/12/2014 - 23:13:28 | D] - G:\MyWorks
[09/01/2015 - 18:13:43 | D] - G:\My FS2002-2004 Work
[27/03/2015 - 23:31:32 | D] - G:\Hudba
[04/09/2015 - 21:39:27 | D] - G:\USEFUL SOFTWARE
[07/09/2015 - 20:41:42 | SHD] - G:\System Volume Information

################## | H:\ - Fixed drive (NTFS) |

[03/01/2010 - 16:02:27 | A | 0 Ko] - H:\EuroScope20100103.txt.vvl
[04/09/2008 - 22:04:24 | A | 2 Ko] - H:\rapport.txt
[11/01/2009 - 19:06:31 | A | 2 Ko] - H:\moduleName.txt
[03/01/2010 - 16:02:27 | A | 0 Ko] - H:\EuroScope20100103.txt
[04/05/2010 - 21:24:59 | A | 0 Ko] - H:\mbam-error.txt
[26/07/2011 - 22:05:49 | A | 5 Ko] - H:\LoadLogTextFormat.txt
[07/03/2007 - 23:46:08 | A | 0 Ko] - H:\CONFIG.SYS
[07/03/2007 - 23:46:08 | RASH | 0 Ko] - H:\IO.SYS
[07/03/2007 - 23:46:08 | RASH | 0 Ko] - H:\MSDOS.SYS
[01/08/2012 - 21:35:12 | A | 1 Ko] - H:\.rnd
[23/09/2012 - 22:59:31 | D] - H:\Config.Msi
[17/01/2009 - 17:45:07 | A | 1 Ko] - H:\ATP2004_0901171644.LOG
[06/12/2009 - 10:40:43 | A | 108 Ko] - H:\aaw7boot.log
[24/07/2010 - 15:51:58 | A | 10 Ko] - H:\LU4.log
[25/09/2010 - 20:35:35 | A | 25 Ko] - H:\FlockInstaller.log
[17/10/2011 - 20:38:06 | A | 0 Ko] - H:\CMLoader.log
[13/11/2011 - 22:17:07 | A | 0 Ko] - H:\BcBtRmv.log
[07/09/2008 - 20:51:39 | A | 0 Ko] - H:\ProgDVB.ini
[19/09/2012 - 19:57:23 | RASH | 0 Ko] - H:\boot.ini
[13/06/2012 - 20:20:12 | A | 5 Ko] - H:\6XSourceFilter.grf
[02/03/2006 - 14:00:00 | N | 46 Ko] - [VirusTotal - (0/56)] - H:\NTDETECT.COM
[14/10/2008 - 18:55:33 | A | 0 Ko] - H:\FileIn.Cns
[14/10/2008 - 18:55:33 | A | 0 Ko] - H:\FileOut.Cns
[02/03/2006 - 14:00:00 | N | 5 Ko] - H:\Bootfont.bin
[11/01/2015 - 14:02:11 | SHD] - H:\$RECYCLE.BIN
[05/12/2009 - 00:18:50 | A | 0 Ko] - H:\Boot.bak
[29/08/2007 - 22:15:13 | D] - H:\j2sdk1.4.2_15
[04/08/2004 - 00:00:04 | A | 255 Ko] - H:\cmldr
[08/03/2007 - 00:03:03 | D] - H:\Media
[08/03/2007 - 17:57:33 | D] - H:\PMDG
[08/03/2007 - 19:27:56 | D] - H:\ATI
[13/05/2008 - 22:16:16 | RASH | 245 Ko] - H:\ntldr
[03/07/2008 - 21:30:28 | A | 121 Ko] - H:\fmc_debug
[11/07/2009 - 14:42:52 | D] - H:\mnt
[09/09/2009 - 18:06:55 | D] - H:\ProgramData
[05/12/2009 - 01:05:31 | D] - H:\cmdcons
[06/12/2009 - 13:54:46 | D] - H:\Documents and Settings
[06/12/2009 - 23:37:15 | SHD] - H:\RECYCLER
[17/02/2010 - 22:30:49 | D] - H:\rsit
[17/09/2010 - 21:37:18 | RHD] - H:\MSOCache
[04/01/2011 - 17:13:44 | D] - H:\opt
[22/05/2011 - 19:54:25 | D] - H:\www
[02/01/2012 - 20:10:21 | D] - H:\Temp
[19/09/2012 - 20:20:25 | D] - H:\Steinberg
[23/09/2012 - 22:59:24 | D] - H:\Program Files
[26/07/2015 - 17:53:44 | D] - H:\Flight One Software
[26/07/2015 - 18:02:42 | D] - H:\WINDOWS
[07/09/2015 - 20:41:41 | SHD] - H:\System Volume Information

################## | I:\ - Fixed drive (NTFS) |

[19/12/2011 - 21:25:52 | A | 244193 Ko] - I:\Nick - Harvey.rar
[23/07/2008 - 10:12:04 | A | 168548 Ko] - I:\Jak hubne labužník.pdf
[06/04/2008 - 18:30:55 | A | 372968 Ko] - I:\030401_0616.iso
[21/10/2011 - 15:52:33 | A | 549600 Ko] - I:\Java.6.Vyukovy.kurz.CDRip.iso
[11/01/2015 - 14:02:11 | SHD] - I:\$RECYCLE.BIN
[23/04/2010 - 21:46:18 | A | 116270 Ko] - I:\The Cure - Pictures Of You cover by The Ordinary.avi
[09/03/2007 - 00:01:19 | SHD] - I:\RECYCLER
[24/05/2009 - 21:45:07 | D] - I:\FSG2008
[18/09/2012 - 21:32:22 | D] - I:\[HQ] Radiohead at Saitama Oct 5 2008 [FULL Concert]
[07/09/2015 - 20:41:42 | SHD] - I:\System Volume Information

################## | J:\ - Fixed drive (NTFS) |

[23/09/2012 - 10:19:41 | ASH | 2096492 Ko] - J:\pagefile.sys
[11/01/2015 - 14:02:11 | SHD] - J:\$RECYCLE.BIN
[10/05/2008 - 08:00:48 | SHD] - J:\RECYCLER
[10/05/2008 - 08:17:46 | D] - J:\THE_CURE_DISC1
[25/01/2009 - 23:55:12 | D] - J:\secure drives
[31/05/2009 - 17:53:24 | D] - J:\záloha práce 31052009
[01/08/2011 - 20:19:18 | D] - J:\hry
[19/09/2012 - 20:13:53 | D] - J:\Program Files
[19/09/2012 - 20:22:06 | D] - J:\HALionOne SoundBanks
[19/09/2012 - 21:33:52 | D] - J:\letecké filmy
[13/09/2013 - 22:05:27 | D] - J:\flash zelená
[07/09/2015 - 20:41:42 | SHD] - J:\System Volume Information

################## | L:\ - Removable drive (FAT32) |

[11/05/2014 - 21:08:02 | N | 12897 Ko] - L:\TL-WN722N_V1_131113.zip
[09/07/2014 - 16:00:26 | N | 39 Ko] - L:\Přehled předchozí praxe.xls
[14/05/2015 - 22:03:50 | N | 221163 Ko] - L:\Reklamy.wmv
[10/12/2014 - 13:00:26 | N | 311 Ko] - L:\Starostové - analýza.pptx
[10/12/2014 - 13:27:10 | N | 291 Ko] - L:\Starostové dne 10 12 2014 - statistika APZ (3) (2).pptx
[13/07/2012 - 22:49:06 | N | 0 Ko] - L:\_disk_id.pod
[30/03/2012 - 14:50:24 | N | 4 Ko] - L:\posadky-provozni-doba.php
[30/03/2012 - 14:50:24 | N | 4 Ko] - L:\crew-operation-time.php
[23/08/2015 - 11:57:12 | N | 235970 Ko] - L:\Untitled.mp4
[28/05/2014 - 20:04:28 | N | 3461 Ko] - L:\druhá.mp3
[28/05/2014 - 20:04:38 | N | 7474 Ko] - L:\voják.mp3
[17/08/2015 - 18:08:30 | N | 64077 Ko] - L:\Chodov_15082015.mp3
[01/10/2015 - 22:05:18 | N | 3392 Ko] - L:\sup3.mp3
[01/10/2015 - 22:23:06 | N | 3977 Ko] - L:\sup4.mp3
[05/04/2015 - 11:27:00 | N | 1540 Ko] - L:\DSC_3810.jpg
[05/04/2015 - 11:30:06 | N | 7738 Ko] - L:\DSC_3810_1.jpg
[05/04/2015 - 11:53:40 | N | 6891 Ko] - L:\DSC_3803.jpg
[09/07/2014 - 15:58:40 | N | 89 Ko] - L:\Osobní dotazník.doc
[29/01/2015 - 21:34:30 | N | 28 Ko] - L:\Naše doba_uprMilan.doc
[01/01/1980 - 00:00:00 | N | 0 Ko] - L:\.cm0013
[29/03/2012 - 11:41:08 | D] - L:\veřejná služba
[30/03/2012 - 09:09:46 | D] - L:\SSP
[13/11/2012 - 08:40:20 | D] - L:\výběrko - test PC
[15/11/2013 - 07:01:30 | SHD] - L:\System Volume Information
[27/04/2014 - 20:31:32 | D] - L:\telefon
[27/04/2014 - 21:29:04 | D] - L:\Tel
[05/04/2015 - 21:07:22 | D] - L:\Adobe Photoshop CS2
[05/04/2015 - 21:53:50 | D] - L:\f
[05/08/2015 - 18:39:56 | D] - L:\Chorvatsko 2015
[06/08/2015 - 20:27:02 | D] - L:\Jižní Morava 2015
[01/09/2015 - 14:13:00 | D] - L:\www_php56
[01/10/2015 - 11:53:00 | D] - L:\www_php53

################## | N:\ - Removable drive (FAT32) |

[15/03/2007 - 00:45:36 | N | 15 Ko] - N:\ATT4999381.zip
[09/09/2008 - 21:06:06 | N | 6909 Ko] - N:\fotky final.zip
[20/01/2009 - 20:46:28 | N | 160 Ko] - N:\cs-CZ_joomla_lang_full.1.5.9v1.zip
[23/08/2009 - 23:18:54 | N | 13923 Ko] - N:\TheseAreMyTwistedWords.zip
[21/10/2011 - 11:22:34 | N | 131153 Ko] - N:\eclipse-java-indigo-SR1-win32.zip
[20/03/2013 - 22:07:26 | N | 38986 Ko] - N:\vlc-2.0.5-win32.zip
[08/11/2007 - 13:10:32 | N | 1 Ko] - N:\pohyby.xml
[24/09/2009 - 08:23:30 | N | 1 Ko] - N:\pohyby_new.xml
[09/07/2008 - 15:25:42 | N | 16 Ko] - N:\dovolená.xls
[24/05/2010 - 19:28:12 | N | 17 Ko] - N:\výplaty_inzerce.xls
[05/07/2007 - 22:53:44 | N | 0 Ko] - N:\webs.txt
[03/09/2007 - 22:12:52 | N | 0 Ko] - N:\mail-kódování.txt
[13/05/2008 - 09:37:42 | N | 1 Ko] - N:\fix_you.txt
[02/06/2008 - 13:35:06 | N | 0 Ko] - N:\prodejny na kolový blbosti.txt
[06/11/2008 - 22:50:40 | N | 1 Ko] - N:\underneath.txt
[07/12/2008 - 00:39:28 | N | 0 Ko] - N:\různéinfos.txt
[20/05/2009 - 16:53:18 | N | 1 Ko] - N:\Registrace Cyklotras Chip 2009.txt
[01/06/2009 - 21:24:16 | N | 0 Ko] - N:\telefony.txt
[02/06/2009 - 15:25:14 | N | 0 Ko] - N:\instalace PHP and MySQL.txt
[15/09/2009 - 19:14:50 | N | 0 Ko] - N:\Linksys.txt
[15/03/2010 - 18:55:08 | N | 0 Ko] - N:\Author.txt
[28/03/2011 - 21:53:50 | N | 0 Ko] - N:\knihy.txt
[23/08/2011 - 10:30:18 | N | 0 Ko] - N:\výletPraha_8_2011.txt
[31/08/2011 - 08:12:56 | N | 0 Ko] - N:\zpráva.txt
[31/01/2012 - 20:29:40 | N | 1 Ko] - N:\underneathCZ.txt
[29/08/2012 - 21:45:36 | N | 0 Ko] - N:\gf.txt
[17/12/2012 - 21:44:48 | N | 1 Ko] - N:\píseň navečer.txt
[09/03/2013 - 18:54:34 | N | 0 Ko] - N:\poplatkyzpet_hypča.txt
[12/07/2013 - 06:36:10 | N | 0 Ko] - N:\věci na dovolenou 13.txt
[04/11/2013 - 18:09:42 | N | 35 Ko] - N:\Addition.txt
[04/11/2013 - 18:09:46 | N | 53 Ko] - N:\FRST.txt
[24/04/2015 - 12:51:28 | N | 0 Ko] - N:\nar.txt
[22/10/2008 - 21:44:50 | N | 49 Ko] - N:\nový-3.tif
[15/12/2010 - 23:33:56 | D] - N:\Texture.ThomasCook_dxt3
[22/10/2008 - 21:43:58 | N | 61 Ko] - N:\nový-3.tga
[20/05/2009 - 20:31:46 | N | 12 Ko] - N:\okruh1.t
[21/05/2009 - 14:22:54 | N | 16 Ko] - N:\okruh62_900.t
[21/05/2009 - 14:53:22 | N | 9 Ko] - N:\okruh2.t
[21/05/2009 - 15:02:54 | N | 9 Ko] - N:\okruh35_400.t
[25/11/2007 - 23:04:06 | N | 427 Ko] - N:\cz_airport_k_vary.sql
[14/02/2008 - 13:38:10 | N | 6685 Ko] - N:\archiv.sql
[14/11/2008 - 13:15:34 | N | 1 Ko] - N:\cz_knesta_utf8.sql
[14/11/2008 - 13:15:48 | N | 1 Ko] - N:\cz_knesta_ISO.sql
[14/11/2008 - 13:42:38 | N | 66 Ko] - N:\prace-kv-kraj_UTF8.sql
[14/11/2008 - 13:42:56 | N | 65 Ko] - N:\prace-kv-kraj_ISO.sql
[14/11/2008 - 13:46:52 | N | 1196 Ko] - N:\cz_airport_k_vary_UTF8.sql
[14/11/2008 - 13:47:06 | N | 1188 Ko] - N:\cz_airport_k_vary_ISO.sql
[25/03/2011 - 14:33:46 | N | 38 Ko] - N:\plat.rtf
[02/07/2015 - 08:02:14 | N | 298 Ko] - N:\Oznámení cpsz.rtf
[18/12/2008 - 14:20:22 | N | 0 Ko] - N:\HCLM.reg
[18/12/2008 - 14:20:42 | N | 344 Ko] - N:\HCCU.reg
[03/06/2009 - 12:45:02 | N | 736 Ko] - N:\HKCU_navicat.reg
[03/06/2009 - 12:45:48 | N | 0 Ko] - N:\HKLM_navicat.reg
[20/05/2007 - 21:03:10 | N | 101 Ko] - N:\úp.ppt
[28/10/2007 - 20:57:36 | N | 4994 Ko] - N:\Vyvolávací systém ÚP Sokolov.ppt
[05/02/2010 - 12:39:50 | N | 2523 Ko] - N:\Základní poučení 13.ppt
[16/09/2010 - 13:28:42 | N | 6 Ko] - N:\logoupUP.png
[03/05/2011 - 13:12:16 | N | 17 Ko] - N:\logo.png
[14/12/2004 - 22:16:44 | N | 22199 Ko] - N:\b737_flight_manual.pdf
[21/01/2007 - 16:02:24 | N | 45 Ko] - N:\Specifications Airbus Series.pdf
[25/01/2007 - 11:12:20 | N | 4482 Ko] - N:\Checklists.pdf
[09/03/2007 - 16:14:52 | N | 4059 Ko] - N:\Airbus_PilotsGuide_UK.pdf
[06/03/2008 - 14:18:40 | N | 281 Ko] - N:\_CZ__CvPen.pdf
[31/03/2008 - 22:23:46 | N | 1913 Ko] - N:\seo-kniha.pdf
[24/09/2008 - 15:36:50 | N | 355 Ko] - N:\cscart_install_on_local_pc.pdf
[23/12/2008 - 13:16:50 | N | 7854 Ko] - N:\ZendStudioDoc.pdf
[01/06/2009 - 20:34:16 | N | 9323 Ko] - N:\MANUAL-INT.pdf
[06/04/2010 - 13:34:28 | N | 211 Ko] - N:\cez-cenikmoo-2010.pdf
[11/04/2011 - 16:34:34 | N | 62 Ko] - N:\telseznammobil.pdf
[14/10/2011 - 21:00:54 | N | 62 Ko] - N:\kontakty.pdf
[30/11/2011 - 08:45:26 | N | 106 Ko] - N:\CV_úředník.pdf
[12/12/2011 - 08:10:40 | N | 160 Ko] - N:\CV_IT.pdf
[11/03/2012 - 20:43:08 | N | 2839 Ko] - N:\UserGuide_Sygic_GPS_Navigation_Mobile_v3_EN.pdf
[09/09/2014 - 20:48:58 | N | 902 Ko] - N:\Scan.pdf
[10/09/2014 - 12:28:52 | N | 1138 Ko] - N:\Monroe,-Robert---Cesty-mimo-tělo.pdf
[10/09/2014 - 12:35:12 | N | 2835 Ko] - N:\Robert-A.-Monroe---Daleké-cesty.pdf
[10/09/2014 - 12:36:26 | N | 1193 Ko] - N:\Monroe-Robert---Návrat-k-pramenům.pdf
[05/12/2014 - 23:17:44 | N | 20814 Ko] - N:\D5100RM_Cz_02.pdf
[08/10/2015 - 22:30:00 | N | 366 Ko] - N:\kupní smlouva pozemek Lomnice.pdf
[08/10/2015 - 22:30:00 | N | 65 Ko] - N:\vyjádření obce.pdf
[24/05/2008 - 08:19:38 | N | 4 Ko] - N:\BOOTEX.LOG
[23/12/2006 - 14:28:50 | N | 1446 Ko] - N:\P1040196.JPG
[03/12/2007 - 16:37:18 | N | 104 Ko] - N:\fronta.JPG
[05/02/2008 - 22:48:18 | N | 3394 Ko] - N:\737 Checklist.JPG
[31/05/2008 - 09:09:32 | N | 3974 Ko] - N:\P1120737.JPG
[31/05/2008 - 09:14:02 | N | 4010 Ko] - N:\P1120741.JPG
[31/05/2008 - 09:33:02 | N | 2717 Ko] - N:\P1120765.JPG
[31/05/2008 - 09:33:06 | N | 2856 Ko] - N:\P1120766.JPG
[31/05/2008 - 14:25:52 | N | 3943 Ko] - N:\P1120843.JPG
[31/05/2008 - 14:25:58 | N | 3955 Ko] - N:\P1120844.JPG
[22/10/2008 - 21:38:56 | N | 9 Ko] - N:\logoup.jpg
[23/10/2008 - 08:03:06 | N | 34 Ko] - N:\nový-3 kopie.jpg
[20/02/2009 - 15:16:08 | N | 352 Ko] - N:\rose.jpg
[23/08/2009 - 21:57:44 | N | 213 Ko] - N:\katastr1.jpg
[23/08/2009 - 21:58:20 | N | 210 Ko] - N:\katastr.jpg
[07/01/2010 - 22:31:12 | N | 400 Ko] - N:\traffic.jpg
[24/05/2010 - 20:15:42 | N | 1683 Ko] - N:\cube.jpg
[16/09/2010 - 13:31:54 | N | 31 Ko] - N:\logoup kopie.jpg
[28/05/2011 - 14:38:22 | N | 3735 Ko] - N:\SDC10040.JPG
[29/05/2011 - 22:22:02 | N | 620 Ko] - N:\SDC10036.jpg
[13/02/2012 - 22:20:50 | N | 1352 Ko] - N:\IMAG0074.jpg
[13/02/2012 - 22:21:54 | N | 1036 Ko] - N:\IMAG0075.jpg
[13/02/2012 - 22:22:34 | N | 1013 Ko] - N:\IMAG0076.jpg
[13/02/2012 - 22:23:14 | N | 1054 Ko] - N:\IMAG0078.jpg
[14/02/2012 - 11:09:04 | N | 637 Ko] - N:\IMAG0076u.jpg
[18/06/2012 - 18:33:28 | N | 2089 Ko] - N:\IMG_1693.JPG
[21/06/2012 - 13:59:46 | N | 1905 Ko] - N:\IMG_1696.JPG
[21/06/2012 - 14:07:58 | N | 2175 Ko] - N:\IMG_1697.JPG
[21/06/2012 - 14:08:10 | N | 2154 Ko] - N:\IMG_1694.JPG
[21/06/2012 - 14:15:06 | N | 2174 Ko] - N:\IMG_1698.JPG
[30/01/2013 - 20:32:26 | N | 158 Ko] - N:\P1210541b.jpg
[09/05/2013 - 21:20:08 | N | 830 Ko] - N:\IMG_0187.jpg
[09/05/2013 - 21:21:24 | N | 848 Ko] - N:\IMG_0131.jpg
[09/05/2013 - 21:23:02 | N | 896 Ko] - N:\IMG_0222.jpg
[04/11/2013 - 21:33:28 | N | 3565 Ko] - N:\IMG_1004.JPG
[14/12/2014 - 23:44:52 | N | 369 Ko] - N:\pf2015.jpg
[29/08/2007 - 12:14:10 | N | 0 Ko] - N:\NazdarSvete.java
[12/07/2006 - 15:51:44 | N | 46 Ko] - N:\php.ini
[26/05/2005 - 16:22:04 | N | 3325 Ko] - N:\mysql_manual.chm
[04/09/2007 - 17:54:12 | N | 6680 Ko] - N:\php_manual_cs.chm
[25/06/2010 - 11:26:44 | N | 10613 Ko] - N:\php_manual_en.chm
[19/08/2007 - 10:56:26 | N | 5 Ko] - N:\Quicksand Chords from Hunky Dory by David Bowie.htm
[02/05/2012 - 14:17:36 | N | 1717 Ko] - N:\MTB_2012_CHL.gpx
[11/12/2002 - 22:15:00 | N | 424 Ko] - N:\dialogy.exe
[02/03/2008 - 16:15:54 | N | 503 Ko] - N:\vypinac.exe
[09/04/2008 - 22:33:38 | N | 14184 Ko] - [VirusTotal - (0/56)] - N:\klcodec385f.exe
[19/05/2009 - 21:04:58 | N | 2109 Ko] - [VirusTotal - (1/57)] - N:\lalsetup250.exe
[13/07/2009 - 09:04:30 | N | 918 Ko] - [VirusTotal - (0/57)] - N:\7z465.exe
[09/12/2009 - 21:15:40 | N | 293 Ko] - [VirusTotal - (0/56)] - N:\dxwebsetup.exe
[24/10/2010 - 23:08:04 | N | 4768 Ko] - [VirusTotal - (4/57)] - N:\cdbxp_setup_4.3.7.2423.exe
[18/09/2011 - 17:33:20 | N | 77455 Ko] - [VirusTotal - (0/57)] - N:\10-2_legacy_xp32-64_dd_ccc.exe
[04/11/2013 - 14:37:38 | N | 1911 Ko] - [VirusTotal - (2/49)] - N:\FRST64.exe
[26/11/2010 - 16:01:12 | N | 14 Ko] - N:\Martin Tuček.docx
[07/12/2010 - 13:30:30 | N | 13 Ko] - N:\Odesílatel.docx
[16/03/2011 - 12:06:26 | N | 18 Ko] - N:\oddálení ejak.docx
[07/07/2011 - 13:32:00 | N | 804 Ko] - N:\Poukaz na.docx
[29/12/2011 - 09:31:34 | N | 14 Ko] - N:\lyže - vrácení.docx
[03/01/2012 - 10:14:08 | N | 14 Ko] - N:\Pracuji na úřadu práce ve vedoucí pozici již 20 let.docx
[17/02/2012 - 11:29:06 | N | 38 Ko] - N:\návrh na stůl (2).docx
[18/04/2012 - 11:10:54 | N | 25 Ko] - N:\Koncepce oddělení 2012.docx
[01/06/2012 - 08:45:12 | N | 16 Ko] - N:\reklamace_rukavice NW.docx
[03/07/2013 - 09:48:00 | N | 10920 Ko] - N:\Dovolená 2013.docx
[12/07/2013 - 08:31:38 | N | 13 Ko] - N:\dovolená 13 nákup.docx
[26/08/2013 - 17:08:12 | N | 15 Ko] - N:\Vážený pane řediteli.docx
[10/09/2014 - 11:40:58 | N | 14 Ko] - N:\tatínek.docx
[10/09/2014 - 11:41:30 | N | 16 Ko] - N:\tatínku.docx
[11/09/2014 - 08:11:26 | N | 14 Ko] - N:\tatínek_cv.docx
[10/06/2015 - 11:57:16 | N | 35 Ko] - N:\žádost o souhlas k SVČ.docx
[07/09/2015 - 10:33:58 | N | 22 Ko] - N:\P4 - zadost_o_souhlas_s_vydelecnou_cinnosti.docx
[09/10/2015 - 14:08:36 | N | 13 Ko] - N:\Adresa Letiště Karlovy Vary s.docx
[09/11/2006 - 14:47:14 | N | 127 Ko] - N:\Směrnice_rozdělení.doc
[02/04/2007 - 10:02:04 | N | 225 Ko] - N:\FSUIPC for Advanced Users.doc
[02/04/2007 - 11:08:22 | N | 1412 Ko] - N:\FSUIPC User Guide.doc
[02/05/2007 - 16:31:28 | N | 1237 Ko] - N:\bakalářská_práce_Půta_final3.doc
[11/07/2007 - 08:47:54 | N | 44 Ko] - N:\vyvolávací_systém_ÚPSok.doc
[29/08/2007 - 16:27:20 | N | 58 Ko] - N:\CV.doc
[10/03/2008 - 22:40:18 | N | 35 Ko] - N:\Tvorba dynamických www stránek.doc
[13/05/2008 - 10:02:32 | N | 84 Ko] - N:\fix_you.doc
[13/06/2008 - 15:29:58 | N | 23 Ko] - N:\Seznam prostudované relevantní literatury.doc
[14/07/2008 - 09:04:22 | N | 92 Ko] - N:\kempy.doc
[29/09/2008 - 06:57:46 | N | 36 Ko] - N:\Grafika - koncept.doc
[23/11/2009 - 20:05:12 | N | 73 Ko] - N:\Svět vodních dýmek.doc
[30/07/2010 - 11:09:20 | N | 89 Ko] - N:\press_cz_LetKV .doc
[01/11/2010 - 15:18:08 | N | 35 Ko] - N:\Vážený pane řediteli.doc
[28/03/2011 - 10:13:56 | N | 49 Ko] - N:\CV_IT_AJ.doc
[30/11/2011 - 08:45:20 | N | 48 Ko] - N:\CV_úředník.doc
[06/12/2011 - 21:24:42 | N | 23 Ko] - N:\CZC - vrácení.doc
[12/12/2011 - 08:11:26 | N | 52 Ko] - N:\CV_IT.doc
[28/08/2007 - 17:02:24 | N | 18 Ko] - N:\httpd.conf
[01/01/1980 - 00:00:00 | N | 0 Ko] - N:\.cm0013
[10/09/2003 - 11:18:34 | N | 83 Ko] - N:\all.cdr
[25/04/2007 - 14:21:34 | N | 20 Ko] - N:\logo1.cdr
[25/04/2007 - 15:00:48 | N | 13 Ko] - N:\Logoup.cdr
[17/01/2008 - 16:09:02 | N | 20 Ko] - N:\logo.cdr
[01/09/2009 - 21:02:50 | N | 14846 Ko] - N:\Learn to play the intro to paranoid android from radiohead.avi
[09/03/2010 - 20:30:48 | N | 23675 Ko] - N:\V090310_14.23.3gp
[15/12/2010 - 23:33:36 | D] - N:\punbb 1.3 punbb styles
[23/11/2010 - 22:05:22 | D] - N:\KeePass-1.16
[15/12/2010 - 23:38:16 | D] - N:\Zend Guard 4.01
[26/10/2011 - 12:51:46 | SHD] - N:\FOUND.000
[24/11/2010 - 21:30:26 | D] - N:\domácnost
[15/12/2010 - 22:23:52 | D] - N:\My Webs
[15/12/2010 - 23:07:30 | D] - N:\new brushes
[15/12/2010 - 23:08:26 | D] - N:\obrázky
[15/12/2010 - 23:28:28 | D] - N:\orbiter060929_DG4
[15/12/2010 - 23:31:12 | D] - N:\Password Organizer
[15/12/2010 - 23:31:12 | D] - N:\photoshop tvary
[15/12/2010 - 23:33:02 | D] - N:\poker
[15/12/2010 - 23:33:04 | D] - N:\pokus
[15/12/2010 - 23:33:08 | D] - N:\pokuta
[15/12/2010 - 23:33:18 | D] - N:\pspad453cz
[15/12/2010 - 23:33:36 | D] - N:\Radiohead - In Rainbows
[15/12/2010 - 23:33:44 | D] - N:\rss
[15/12/2010 - 23:33:44 | D] - N:\servis
[15/12/2010 - 23:33:48 | D] - N:\směrnice ÚP
[15/12/2010 - 23:33:54 | D] - N:\smouvy - chalupa
[15/12/2010 - 23:33:54 | D] - N:\smlouvy - auto
[15/12/2010 - 23:33:56 | D] - N:\SubtitleToolCZ
[15/12/2010 - 23:34:06 | D] - N:\upr - stížnost
[15/12/2010 - 23:34:12 | D] - N:\USB WinXP boot soft
[15/12/2010 - 23:34:14 | D] - N:\výuka PC
[15/12/2010 - 23:34:14 | D] - N:\vypinani vyvolavaku 3
[15/12/2010 - 23:34:56 | D] - N:\vyvolavak
[15/12/2010 - 23:35:14 | D] - N:\web programmin apps
[15/12/2010 - 23:39:02 | D] - N:\zpěvník
[15/12/2010 - 23:40:30 | D] - N:\7-8_xp32_dd_50960
[15/12/2010 - 23:40:36 | D] - N:\8-4_xp32_dd_60999
[15/12/2010 - 23:40:44 | D] - N:\8-12_xp32_dd_72271
[15/12/2010 - 23:40:52 | D] - N:\763TVS
[15/12/2010 - 23:41:12 | D] - N:\All Charts for LKPR
[15/12/2010 - 23:41:18 | D] - N:\astro-fotografování
[15/12/2010 - 23:41:18 | D] - N:\atis
[15/12/2010 - 23:41:18 | D] - N:\Custom Shapes
[15/12/2010 - 23:41:22 | D] - N:\cyklistika
[15/12/2010 - 23:41:38 | D] - N:\daňová přiznání
[15/12/2010 - 23:41:40 | D] - N:\DXT2BMP
[15/12/2010 - 23:41:40 | D] - N:\EuroScope
[15/12/2010 - 23:42:24 | D] - N:\firefox portable
[15/12/2010 - 23:42:54 | D] - N:\flash manuals and tutorials
[15/12/2010 - 23:43:36 | D] - N:\Gizcore
[15/12/2010 - 23:43:46 | D] - N:\klády
[15/12/2010 - 23:43:50 | D] - N:\LKKV Turecký
[15/12/2010 - 23:44:38 | D] - N:\FS manuals
[15/12/2010 - 23:45:06 | D] - N:\meiilax
[30/12/2010 - 22:48:44 | D] - N:\Topaz Labs
[09/01/2011 - 16:56:04 | D] - N:\dovolená Alpy prosinec 2010
[16/01/2011 - 23:21:04 | D] - N:\Frankfurt
[11/02/2011 - 20:43:36 | D] - N:\757 FS9
[01/03/2011 - 21:08:00 | D] - N:\studium cheb
[21/10/2011 - 11:54:36 | D] - N:\JAVA-výuka
[10/11/2011 - 22:32:48 | D] - N:\NetBeansProjects
[15/11/2011 - 22:35:30 | D] - N:\DesktopDB
[01/12/2011 - 13:50:30 | D] - N:\ArchivApp
[14/12/2011 - 15:59:54 | D] - N:\soukr
[12/04/2012 - 21:27:02 | D] - N:\HTC Desire Z
[28/05/2012 - 09:57:06 | D] - N:\vk
[24/08/2012 - 13:46:14 | D] - N:\pozvánka starosta narozky
[17/09/2012 - 22:56:22 | D] - N:\Návrhy dekorů porcelánu
[09/06/2013 - 20:39:04 | D] - N:\Jirkovský crossmarathon 2013
[31/07/2013 - 13:39:56 | D] - N:\chata
[19/10/2013 - 22:26:00 | SHD] - N:\System Volume Information
[18/11/2013 - 22:17:22 | D] - N:\škola hynek
[23/04/2014 - 13:24:54 | D] - N:\Triko
[29/04/2014 - 10:04:40 | D] - N:\Sony Xperia Play
[19/05/2014 - 11:15:58 | D] - N:\Akvaristika
[05/01/2015 - 13:20:14 | D] - N:\fotografování
[19/05/2015 - 10:13:12 | D] - N:\dům
[16/06/2015 - 12:57:46 | D] - N:\Dovča 2015
[04/08/2015 - 15:57:20 | D] - N:\basa
[05/08/2015 - 22:01:16 | D] - N:\jídelníček

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
D:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
F:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
G:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
H:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
I:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
J:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
L:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)
N:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | E.O.F | http://www.sosvirus.net/ | http://www.en.usbfix.net/ |
Nahoru
meiilax
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 27 čer 2004 09:13

Re: Flash USB - antivir detekuje virus

#8 Příspěvek od meiilax »

FRST LOG:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-10-2015
Ran by Milan (administrator) on MILAN-PC (20-10-2015 15:06:01)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
() C:\Windows\System32\AtwtusbIcon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Milan\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliType Pro] => c:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [AtwtusbIcon] => C:\WINDOWS\system32\AtwtusbIcon.exe [3593728 2012-09-10] ()
HKLM\...\Run: [IgfxTray] => "C:\WINDOWS\system32\igfxtray.exe"
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [ControlCenterCount] => C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3476432 2014-09-18] (Micro-Star International)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM-x32\...\Run: [Navigraph FMS Data Manager] => C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe [1006576 2014-06-03] (Navigraph)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-09-19] (AVAST Software)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [Steam] => F:\Games\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [Google Update] => C:\Users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Policies\system: [DisableLockWorkstation] 0
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-09-19] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-09]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - .lnk [2013-03-24]
ShortcutTarget: Sledovat výstrahy inkoustu - .lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Photosmart 5510 series (Síť).lnk [2014-02-03]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Photosmart 5510 series (Síť).lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * aswBoot.exe /M:b31c12676 /wow /dir:"C:\Program Files\AVAST Software\Avast"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{3915bc1b-4d7d-4165-93b9-73dffb579dfe}: [DhcpNameServer] 213.46.172.37 213.46.172.36

Internet Explorer:
==================
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: DebugBar BHO -> {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} -> C:\Program Files (x86)\Core Services\DebugBar\DebugInfoBar.x64.dll [2015-03-03] (Core Services)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-13] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-09-19] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-13] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO-x32: DebugBar BHO -> {69FC0024-10EB-480A-BBF2-3BF4E78E17B1} -> C:\Program Files (x86)\Core Services\DebugBar\DebugInfoBar.dll [2015-03-03] (Core Services)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-09-19] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - DebugBar (Toolbar) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files (x86)\Core Services\DebugBar\DebugToolBar.x64.dll [2015-03-03] (Core Services)
Toolbar: HKLM-x32 - DebugBar (Toolbar) - {3E1201F4-1707-409F-BB45-A5F192381DA0} - C:\Program Files (x86)\Core Services\DebugBar\DebugToolBar.dll [2015-03-03] (Core Services)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\txlqgp5i.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-24] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-24] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-17] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-649847758-3809949159-3738805346-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Milan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-649847758-3809949159-3738805346-1000: @talk.google.com/O1DPlugin -> C:\Users\Milan\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-649847758-3809949159-3738805346-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Milan\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-649847758-3809949159-3738805346-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Milan\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Milan\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Milan\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\txlqgp5i.default\searchplugins\google-avast.xml [2015-01-25]
FF Extension: Firebug - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\txlqgp5i.default\Extensions\firebug@software.joehewitt.com.xpi [2013-01-17]
FF Extension: SEOProfesional - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\txlqgp5i.default\Extensions\seo@profesional.xpi [2013-01-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-09-19] [not signed]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> op
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\pdf.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-09-24]
CHR Extension: (Avast Online Security) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-19]
CHR Extension: (NetBeans Connector) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hafdlehgocfcodbgjnpecfajgkeejnaa [2015-08-21]
CHR Extension: (PHP Docs-to-go) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlilmganaobieaclflbciblffhaagnip [2014-10-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2014-10-20]
CHR Extension: (RSS Feed Reader) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2014-10-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-09-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-09-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-09] (Adobe Systems) [File not signed]
S3 Apache22_php52; C:\web\Apache Software Foundation\Apache2.2\bin\httpd.exe [18432 2012-02-01] (Apache Software Foundation) [File not signed]
S3 Apache24VC10_php53; C:\web\Apache Software Foundation\Apache2.4_VC10\bin\httpd.exe [22528 2015-07-12] (Apache Software Foundation) [File not signed]
S3 Apache24_php56; C:\web\Apache Software Foundation\Apache2.4\bin\httpd.exe [29184 2015-07-22] (Apache Software Foundation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-09-19] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1723856 2014-09-18] (Micro-Star International)
S3 MySQL5; C:\web\MySQL\MySQL Server 5.5\my.ini [8905 2012-09-28] () [File not signed]
S2 nlsX86cc; C:\WINDOWS\SysWOW64\nlssrv32.exe [66560 2011-02-15] (Nalpeiron Ltd.) [File not signed]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
U2 OneSyncSvc_Session16; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U2 OneSyncSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 Origin Client Service; F:\Games\Origin\OriginClientService.exe [1903472 2014-12-26] (Electronic Arts)
U3 PimIndexMaintenanceSvc_Session16; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
U3 UnistoreSvc_Session16; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UnistoreSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session16; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation)
U3 UserDataSvc_Session16; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 WTService; C:\WINDOWS\system32\atwtusb.exe [581120 2012-09-20] () [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-09-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-09-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-09-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-09-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-09-19] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-09-19] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-09-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-09-19] (AVAST Software)
R1 epp64; C:\EEK\bin\epp64.sys [136456 2015-10-20] (Emsisoft GmbH)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [24664 2012-01-11] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R3 moufiltr; C:\Windows\System32\drivers\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
S3 NTIOLib_1_0_1; C:\Program Files (x86)\MSI\CLICKBIOSII\NTIOLib_X64.sys [14136 2009-10-06] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\ControlCenter\Sleep\NTIOLib_X64.sys [13368 2012-11-09] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S3 TabletFilter; C:\Windows\System32\drivers\TabletFilter.sys [7680 2012-08-15] (Windows (R) Win 7 DDK provider)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 vhidmini; C:\Windows\System32\drivers\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-20 15:03 - 2015-10-20 15:03 - 00016148 _____ C:\WINDOWS\system32\MILAN-PC_Milan_HistoryPrediction.bin
2015-10-20 15:02 - 2015-10-20 14:30 - 00045509 _____ C:\Users\Milan\Desktop\UsbFix_Report.txt
2015-10-20 14:24 - 2015-10-20 14:24 - 00001487 _____ C:\Users\Milan\Desktop\UsbFix.lnk
2015-10-20 14:12 - 2015-10-20 14:12 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Downloads\UsbFix(2).exe
2015-10-20 14:04 - 2015-10-20 14:27 - 00003642 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2015-10-20 14:02 - 2015-10-20 14:13 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Downloads\UsbFix(1).exe
2015-10-20 13:37 - 2015-10-20 13:37 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Downloads\Nepotvrzeno 781396.crdownload
2015-10-20 13:37 - 2015-10-20 13:37 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Downloads\Nepotvrzeno 640380.crdownload
2015-10-20 13:37 - 2015-10-20 13:37 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Desktop\Nepotvrzeno 288623.crdownload
2015-10-20 13:26 - 2015-10-20 15:02 - 00000000 ____D C:\UsbFix
2015-10-20 12:10 - 2015-10-20 12:10 - 00074577 _____ C:\Users\Milan\Desktop\Addition.txt
2015-10-20 12:09 - 2015-10-20 15:06 - 00027747 _____ C:\Users\Milan\Desktop\FRST.txt
2015-10-20 12:08 - 2015-10-20 12:08 - 02196992 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2015-10-20 11:47 - 2015-10-20 11:47 - 00001018 _____ C:\EamClean.log
2015-10-20 11:38 - 2015-10-20 11:38 - 00000786 _____ C:\Users\Milan\Desktop\Start Emsisoft Emergency Kit.lnk
2015-10-20 11:37 - 2015-10-20 11:38 - 00000000 ____D C:\EEK
2015-10-20 11:37 - 2015-10-20 11:37 - 168970712 _____ C:\Users\Milan\Downloads\EmsisoftEmergencyKit.exe
2015-10-20 11:23 - 2015-10-20 14:15 - 00000000 ____D C:\Program Files\trend micro
2015-10-20 11:23 - 2015-10-20 11:23 - 00000000 ____D C:\rsit
2015-10-20 11:22 - 2015-10-20 11:22 - 01222144 _____ C:\Users\Milan\Downloads\RSITx64.exe
2015-10-20 07:26 - 2015-10-20 14:04 - 00000000 ____D C:\Users\Milan\Desktop\cubase-7-serial-crack-Keygen-2015-
2015-10-20 07:16 - 2015-10-20 07:25 - 00000000 ____D C:\Users\Milan\Desktop\cubase
2015-10-19 20:16 - 2015-10-19 23:25 - 1321357312 _____ C:\Users\Milan\Downloads\Cubase_7.0.5_DVD1.iso
2015-10-19 20:15 - 2015-10-19 20:15 - 00004230 _____ C:\Users\Milan\Desktop\cubase-7-serial-crack-Keygen-2015-.rar
2015-10-18 19:09 - 2015-10-19 22:05 - 1156097807 _____ C:\Users\Milan\Downloads\Pro_Tools_11.3.0_Win.zip
2015-10-14 17:34 - 2015-10-14 17:46 - 142487875 _____ C:\Users\Milan\Downloads\YouPorn - BLACKED Business Blonde Anikka Albrite Ass Fucked By a BBC.mp4
2015-10-14 17:33 - 2015-10-14 17:37 - 49066499 _____ C:\Users\Milan\Downloads\YouPorn - TUSHY Riley Reid First Double Penetration.mp4
2015-10-14 12:32 - 2015-10-14 12:40 - 68180383 _____ C:\Users\Milan\Downloads\YouPorn - The hairiest pussy I ve ever seen.mp4
2015-10-14 12:24 - 2015-10-14 12:24 - 30881775 _____ C:\Users\Milan\Downloads\932-Uzemni_plan_Vintirov (1).zip
2015-10-13 20:41 - 2015-10-13 20:50 - 00000000 ____D C:\8cfd8b2949f25862cadbabf4a2
2015-10-13 19:58 - 2015-10-10 09:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-13 19:58 - 2015-10-10 08:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-13 19:58 - 2015-10-10 08:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-13 19:58 - 2015-10-06 05:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-13 19:58 - 2015-10-06 04:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-13 19:58 - 2015-10-01 06:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-13 19:58 - 2015-10-01 06:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-13 19:58 - 2015-10-01 06:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-13 19:58 - 2015-10-01 06:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-13 19:58 - 2015-10-01 06:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-13 19:58 - 2015-10-01 05:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-13 19:58 - 2015-09-25 06:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-13 19:58 - 2015-09-25 06:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-13 19:58 - 2015-09-25 05:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-13 19:58 - 2015-09-25 05:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-13 19:58 - 2015-09-25 05:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-13 19:58 - 2015-09-25 05:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-13 19:58 - 2015-09-25 05:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-13 19:58 - 2015-09-25 05:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-13 19:58 - 2015-09-25 05:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-13 19:58 - 2015-09-25 05:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-13 19:58 - 2015-09-25 05:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-13 19:58 - 2015-09-25 05:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-13 19:58 - 2015-09-25 05:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-13 19:58 - 2015-09-25 05:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-13 19:58 - 2015-09-25 05:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-13 19:58 - 2015-09-25 05:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-13 19:58 - 2015-09-25 05:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-13 19:58 - 2015-09-25 05:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-13 19:58 - 2015-09-25 05:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:58 - 2015-09-25 05:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-13 19:58 - 2015-09-25 05:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-13 19:58 - 2015-09-25 05:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-13 19:58 - 2015-09-25 05:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-13 19:58 - 2015-09-25 05:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-13 19:58 - 2015-09-25 05:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-13 19:58 - 2015-09-25 05:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-13 19:58 - 2015-09-25 04:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-13 19:58 - 2015-09-25 04:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-13 19:58 - 2015-09-25 04:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-13 19:58 - 2015-09-25 04:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-13 19:58 - 2015-09-25 04:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-13 19:58 - 2015-09-25 04:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-13 19:58 - 2015-09-25 04:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-13 19:58 - 2015-09-25 04:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-13 19:58 - 2015-09-25 04:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-13 19:58 - 2015-09-25 04:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-13 19:58 - 2015-09-25 04:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-13 19:58 - 2015-09-25 04:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-13 19:58 - 2015-09-25 04:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-13 19:58 - 2015-09-25 04:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-13 19:58 - 2015-09-25 04:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-13 19:58 - 2015-09-25 04:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-13 19:58 - 2015-09-25 04:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-13 19:58 - 2015-09-25 04:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-13 19:58 - 2015-09-25 04:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-13 19:58 - 2015-09-25 04:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-13 19:58 - 2015-09-25 04:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-13 19:58 - 2015-09-25 04:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-13 11:16 - 2015-10-13 11:21 - 48121956 _____ C:\Users\Milan\Downloads\YouPorn - Paper due on Friday.mp4
2015-10-05 22:38 - 2015-10-05 22:38 - 00000204 _____ C:\Users\Milan\Desktop\kabely IEM.txt
2015-10-05 21:33 - 2015-10-16 05:10 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-05 21:33 - 2015-10-16 05:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-03 11:58 - 2015-10-03 14:40 - 1547433914 _____ C:\Users\Milan\Downloads\Ledové-království-CZ.avi
2015-10-03 11:54 - 2015-10-03 11:54 - 00000000 ____D C:\Users\Milan\Desktop\Frozen-Fever-Oslava-v-Ledovém-království-2015-Cz-dab.+-Cz-tit
2015-10-02 17:00 - 2015-10-02 17:27 - 480216368 _____ C:\Users\Milan\Desktop\Frozen-Fever-Oslava-v-Ledovém-království-2015-Cz-dab.+-Cz-tit..rar
2015-10-01 20:46 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 20:46 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 20:46 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 20:46 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 20:46 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 20:46 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 20:46 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 20:46 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 20:45 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 20:45 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 20:45 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 20:45 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 20:45 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 20:45 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 20:45 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 20:45 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 20:45 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 20:45 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 20:45 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 20:45 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 20:45 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 20:45 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 20:45 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 20:45 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 20:45 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 20:45 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 20:45 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 20:45 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 20:45 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 20:45 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 20:45 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 20:45 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 20:45 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 20:45 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 20:45 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 20:45 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 20:45 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 20:45 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 20:45 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 20:45 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 20:45 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 20:45 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 20:45 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 20:45 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 20:45 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 20:45 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 20:45 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 20:45 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 20:45 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 20:45 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 20:45 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 20:45 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 20:45 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 20:45 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 20:45 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 20:45 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 20:45 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 20:45 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 20:45 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 20:45 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 20:45 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 20:45 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 20:45 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 20:45 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 20:45 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 20:45 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 20:45 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 20:45 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 20:45 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 20:45 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 20:45 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 20:45 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 20:45 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 20:45 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 20:45 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 20:45 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 20:45 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 20:45 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 20:45 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 20:45 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 20:45 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 20:45 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 20:45 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 20:45 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 20:45 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 20:45 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 20:45 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 20:45 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 20:45 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 20:45 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 20:45 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 20:45 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 20:45 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 20:45 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 20:45 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 20:45 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 20:45 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 20:45 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 20:45 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 20:45 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 20:45 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 20:45 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 20:45 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 20:45 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 20:45 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 20:45 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 20:45 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 20:45 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 20:45 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 20:45 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 20:45 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 20:45 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 20:45 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 20:45 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 20:45 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 20:45 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 20:45 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 20:45 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 20:45 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 20:45 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 20:45 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 20:45 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 20:45 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 20:45 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 20:45 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 20:45 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 20:45 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 20:45 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 20:45 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 20:45 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 20:45 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 20:45 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 20:45 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 20:45 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 20:45 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 20:45 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 20:45 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 20:45 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 20:45 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 20:45 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 20:45 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 20:45 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 20:45 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 20:45 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 20:45 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 20:45 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 20:45 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 20:45 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 20:45 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 18:14 - 2015-10-01 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL
2015-10-01 18:13 - 2015-10-01 18:13 - 03385466 _____ (OpenSSL Win64 Installer Team ) C:\Users\Milan\Downloads\Win64OpenSSL_Light-1_0_2d.exe
2015-09-30 18:22 - 2015-09-30 18:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-09-30 18:22 - 2015-09-30 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-30 12:27 - 2015-09-30 12:38 - 103491853 _____ C:\Users\Milan\Downloads\YouPorn - Big tit babe takes it in the bum Telsev.mp4
2015-09-30 12:24 - 2015-09-30 12:35 - 103118142 _____ C:\Users\Milan\Downloads\YouPorn - The Sperminator Telsev.mp4
2015-09-29 11:41 - 2015-09-29 11:52 - 136457136 _____ C:\Users\Milan\Downloads\YouPorn - BLACKED Big Tit Model Marina Visconti Loves Anal with BBC.mp4
2015-09-29 11:34 - 2015-09-29 11:52 - 152045538 _____ C:\Users\Milan\Downloads\YouPorn%20-%20BLACKED%20Curvy%20Blonde%20Payton%20Simmons%20vs%20BBC.mp4
2015-09-27 10:13 - 2015-09-27 10:13 - 00001763 _____ C:\Users\Public\Desktop\Stellarium.lnk
2015-09-27 10:13 - 2015-09-27 10:13 - 00000000 ____D C:\Users\Milan\AppData\Local\stellarium
2015-09-27 10:13 - 2015-09-27 10:13 - 00000000 ____D C:\Program Files\Stellarium
2015-09-27 10:12 - 2015-09-27 10:12 - 146339983 _____ (Stellarium team ) C:\Users\Milan\Downloads\stellarium-0.13.3-win64.exe
2015-09-24 18:49 - 2015-09-24 18:49 - 22771974 _____ C:\Users\Milan\Desktop\zasilka-GDU2DSBA2ZVGLUBN.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-20 15:06 - 2013-11-04 19:04 - 00000000 ____D C:\FRST
2015-10-20 15:04 - 2015-09-18 16:59 - 00003128 _____ C:\WINDOWS\System32\Tasks\MSIAfterburner
2015-10-20 15:04 - 2012-09-28 21:11 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-20 14:53 - 2013-12-01 20:46 - 00000980 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-649847758-3809949159-3738805346-1000UA.job
2015-10-20 14:51 - 2012-09-28 21:11 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-20 14:50 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-20 14:20 - 2015-09-07 20:18 - 01770878 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-20 14:20 - 2015-07-10 18:02 - 00748660 _____ C:\WINDOWS\system32\perfh005.dat
2015-10-20 14:20 - 2015-07-10 18:02 - 00150534 _____ C:\WINDOWS\system32\perfc005.dat
2015-10-20 14:16 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-20 14:15 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-20 14:12 - 2015-08-10 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-20 14:12 - 2013-01-20 10:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-20 12:32 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-20 11:49 - 2012-12-06 21:19 - 00000439 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-10-20 11:49 - 2009-07-14 04:30 - 00000695 _____ C:\WINDOWS\win.ini
2015-10-20 11:48 - 2015-09-07 19:50 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-20 11:48 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-20 11:47 - 2015-09-07 19:46 - 00025092 _____ C:\WINDOWS\PFRO.log
2015-10-20 11:47 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-20 11:46 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-20 11:13 - 2015-09-19 07:55 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-10-20 07:30 - 2012-09-28 21:25 - 00000000 ____D C:\Users\Milan\Documents\Soubory aplikace Outlook
2015-10-20 07:15 - 2013-03-24 09:46 - 00000021 _____ C:\Users\Milan\AppData\Roaming\ISOWorkshop.ini
2015-10-19 22:28 - 2012-12-02 01:03 - 00000000 ____D C:\Users\Milan\AppData\Local\Packages
2015-10-19 21:53 - 2013-12-01 20:46 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-649847758-3809949159-3738805346-1000Core.job
2015-10-19 21:50 - 2013-04-17 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1AVCapture
2015-10-19 21:50 - 2013-04-17 20:40 - 00000000 ____D C:\Program Files (x86)\1AVCapture
2015-10-19 20:29 - 2013-12-13 20:02 - 00000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2015-10-19 20:16 - 2014-12-26 22:29 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-19 19:30 - 2013-10-19 20:04 - 00004196 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4B4B6258-B3AE-4210-BFDC-46145CB0EE12}
2015-10-17 23:32 - 2015-03-16 18:49 - 00000132 _____ C:\Users\Milan\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2015-10-17 21:09 - 2013-08-25 18:28 - 00000000 ____D C:\Users\Milan\Desktop\kapela
2015-10-14 12:25 - 2012-09-29 11:24 - 00000000 ____D C:\Users\Milan\AppData\Roaming\FileZilla
2015-10-14 12:19 - 2012-09-28 21:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-14 12:15 - 2014-05-14 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-10-13 20:50 - 2013-07-28 22:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-13 20:41 - 2012-10-01 00:27 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-11 19:26 - 2015-09-07 20:42 - 00000000 ____D C:\Windows.old
2015-10-08 22:29 - 2013-12-18 19:47 - 00000000 ____D C:\Users\Milan\AppData\Roaming\Audacity
2015-10-07 21:40 - 2015-07-10 14:20 - 00025201 _____ C:\WINDOWS\setupact.log
2015-10-07 20:11 - 2012-12-12 22:46 - 00002286 ____H C:\Users\Milan\Documents\Default.rdp
2015-10-07 19:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-07 18:29 - 2013-12-24 20:34 - 00000000 ____D C:\temp
2015-10-06 19:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-05 21:33 - 2015-09-07 19:55 - 00000000 ____D C:\Users\Milan
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-05 21:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-05 21:29 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-02 17:15 - 2012-09-29 11:30 - 00001024 _____ C:\.rnd
2015-10-01 18:14 - 2012-09-28 22:07 - 00000000 ____D C:\web
2015-09-30 22:22 - 2012-10-23 19:50 - 00000000 ____D C:\Users\Milan\AppData\Roaming\Skype
2015-09-30 18:22 - 2014-04-21 20:34 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2015-09-30 18:22 - 2012-10-23 19:50 - 00000000 ____D C:\ProgramData\Skype
2015-09-30 12:13 - 2015-09-18 11:09 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 32.lnk
2015-09-30 12:13 - 2014-06-05 19:53 - 00003940 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1382555172
2015-09-30 12:13 - 2012-09-28 19:49 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-29 15:05 - 2012-09-28 21:11 - 00000000 ____D C:\Users\Milan\AppData\Local\Adobe
2015-09-27 10:13 - 2014-12-26 22:01 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-27 10:13 - 2013-04-18 21:44 - 00000000 ____D C:\Users\Milan\AppData\Roaming\Stellarium
2015-09-27 10:13 - 2013-04-18 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellarium
2015-09-25 11:28 - 2014-05-14 21:50 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-20 20:14 - 2015-01-08 23:16 - 00000000 ____D C:\Users\Milan\Documents\Flight Simulator X Files
2015-09-20 16:35 - 2015-02-13 16:39 - 00000000 ____D C:\Users\Milan\AppData\Local\VRS_FlightConnect_FSX

==================== Files in the root of some directories =======

2015-03-16 18:49 - 2015-10-17 23:32 - 0000132 _____ () C:\Users\Milan\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2013-03-24 09:46 - 2015-10-20 07:15 - 0000021 _____ () C:\Users\Milan\AppData\Roaming\ISOWorkshop.ini
2014-12-08 21:03 - 2014-12-08 21:03 - 0000268 ___RH () C:\Users\Milan\AppData\Roaming\Jazz Kit
2014-12-08 21:03 - 2014-12-08 21:03 - 0000268 ___RH () C:\Users\Milan\AppData\Roaming\Jingles
2014-12-08 21:03 - 2014-12-08 21:03 - 0000268 ___RH () C:\Users\Milan\AppData\Roaming\Kernel Extension
2015-01-15 20:12 - 2015-01-15 20:12 - 0000268 ___RH () C:\Users\Milan\AppData\Roaming\Rule Actions
2012-10-17 19:46 - 2012-10-17 19:46 - 0007605 _____ () C:\Users\Milan\AppData\Local\Resmon.ResmonCfg
2013-03-24 14:02 - 2013-03-24 14:02 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-12-08 21:03 - 2014-12-08 21:03 - 0000268 ___RH () C:\ProgramData\Keychains
2014-12-08 21:03 - 2014-12-08 21:03 - 0000268 ___RH () C:\ProgramData\LaserPrinter
2014-12-08 21:03 - 2014-12-08 21:03 - 0000268 ___RH () C:\ProgramData\LaunchAgents
2012-10-07 19:40 - 2012-10-07 19:40 - 0000152 _____ () C:\ProgramData\LmeUSB.log
2012-10-07 19:40 - 2012-10-07 19:40 - 0000152 _____ () C:\ProgramData\LSDmbTH.log
2014-12-08 21:03 - 2014-12-08 21:03 - 0000012 ___RH () C:\ProgramData\Mail
2014-12-08 21:03 - 2014-12-08 21:03 - 0000012 ___RH () C:\ProgramData\Master
2014-12-08 21:03 - 2014-12-08 21:03 - 0000012 ___RH () C:\ProgramData\MIDI Patch Names
2015-01-15 20:09 - 2015-04-05 11:06 - 0000020 ____H () C:\ProgramData\PKP_DLbx.DAT
2014-12-08 21:03 - 2014-12-28 00:05 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-12-08 21:03 - 2015-02-25 21:21 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-12-08 21:03 - 2015-03-29 21:09 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2015-01-15 20:12 - 2015-01-15 20:12 - 0000268 ___RH () C:\ProgramData\Sampler Instruments

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\abracadabra08092011.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-18 00:59

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Flash USB - antivir detekuje virus

#9 Příspěvek od vyosek »

:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3476432 2014-09-18] (Micro-Star International)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [Steam] => F:\Games\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [Google Update] => C:\Users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Policies\system: [DisableLockWorkstation] 0
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-09]
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - .lnk [2013-03-24]
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File

U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

2015-10-20 15:02 - 2015-10-20 14:30 - 00045509 _____ C:\Users\Milan\Desktop\UsbFix_Report.txt
2015-10-20 14:24 - 2015-10-20 14:24 - 00001487 _____ C:\Users\Milan\Desktop\UsbFix.lnk
2015-10-20 14:12 - 2015-10-20 14:12 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Downloads\UsbFix(2).exe
2015-10-20 14:04 - 2015-10-20 14:27 - 00003642 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2015-10-20 14:02 - 2015-10-20 14:13 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Downloads\UsbFix(1).exe
2015-10-20 13:37 - 2015-10-20 13:37 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Downloads\Nepotvrzeno 781396.crdownload
2015-10-20 13:37 - 2015-10-20 13:37 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Downloads\Nepotvrzeno 640380.crdownload
2015-10-20 13:37 - 2015-10-20 13:37 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Desktop\Nepotvrzeno 288623.crdownload
2015-10-20 13:26 - 2015-10-20 15:02 - 00000000 ____D C:\UsbFix
2015-10-20 12:10 - 2015-10-20 12:10 - 00074577 _____ C:\Users\Milan\Desktop\Addition.txt
2015-10-20 12:09 - 2015-10-20 15:06 - 00027747 _____ C:\Users\Milan\Desktop\FRST.txt
2015-10-20 11:47 - 2015-10-20 11:47 - 00001018 _____ C:\EamClean.log
2015-10-20 11:38 - 2015-10-20 11:38 - 00000786 _____ C:\Users\Milan\Desktop\Start Emsisoft Emergency Kit.lnk
2015-10-20 11:37 - 2015-10-20 11:38 - 00000000 ____D C:\EEK
2015-10-20 11:37 - 2015-10-20 11:37 - 168970712 _____ C:\Users\Milan\Downloads\EmsisoftEmergencyKit.exe
2015-10-20 11:23 - 2015-10-20 14:15 - 00000000 ____D C:\Program Files\trend micro
2015-10-20 11:23 - 2015-10-20 11:23 - 00000000 ____D C:\rsit
2015-10-20 11:22 - 2015-10-20 11:22 - 01222144 _____ C:\Users\Milan\Downloads\RSITx64.exe
2015-10-20 07:26 - 2015-10-20 14:04 - 00000000 ____D C:\Users\Milan\Desktop\cubase-7-serial-crack-Keygen-2015-
2015-10-20 07:16 - 2015-10-20 07:25 - 00000000 ____D C:\Users\Milan\Desktop\cubase
2015-10-19 20:16 - 2015-10-19 23:25 - 1321357312 _____ C:\Users\Milan\Downloads\Cubase_7.0.5_DVD1.iso
2015-10-19 20:15 - 2015-10-19 20:15 - 00004230 _____ C:\Users\Milan\Desktop\cubase-7-serial-crack-Keygen-2015-.rar
2015-10-18 19:09 - 2015-10-19 22:05 - 1156097807 _____ C:\Users\Milan\Downloads\Pro_Tools_11.3.0_Win.zip

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-649847758-3809949159-3738805346-1000Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-649847758-3809949159-3738805346-1000UA.job

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MacroKeyManager

Hosts:
EmptyTemp:
Reboot:
End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
meiilax
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 27 čer 2004 09:13

Re: Flash USB - antivir detekuje virus

#10 Příspěvek od meiilax »

Tady je:

Fix result of Farbar Recovery Scan Tool (x64) Version:18-10-2015
Ran by Milan (2015-10-20 15:38:28) Run:1
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3476432 2014-09-18] (Micro-Star International)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [570880 2013-12-27] (Nikon Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [Steam] => F:\Games\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [Google Update] => C:\Users\Milan\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\...\Policies\system: [DisableLockWorkstation] 0
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => No File
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-09]
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - .lnk [2013-03-24]
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll => No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => No File

U3 idsvc; no ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

2015-10-20 15:02 - 2015-10-20 14:30 - 00045509 _____ C:\Users\Milan\Desktop\UsbFix_Report.txt
2015-10-20 14:24 - 2015-10-20 14:24 - 00001487 _____ C:\Users\Milan\Desktop\UsbFix.lnk
2015-10-20 14:12 - 2015-10-20 14:12 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Downloads\UsbFix(2).exe
2015-10-20 14:04 - 2015-10-20 14:27 - 00003642 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2015-10-20 14:02 - 2015-10-20 14:13 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Downloads\UsbFix(1).exe
2015-10-20 13:37 - 2015-10-20 13:37 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Downloads\Nepotvrzeno 781396.crdownload
2015-10-20 13:37 - 2015-10-20 13:37 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Downloads\Nepotvrzeno 640380.crdownload
2015-10-20 13:37 - 2015-10-20 13:37 - 03877164 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Milan\Desktop\Nepotvrzeno 288623.crdownload
2015-10-20 13:26 - 2015-10-20 15:02 - 00000000 ____D C:\UsbFix
2015-10-20 12:10 - 2015-10-20 12:10 - 00074577 _____ C:\Users\Milan\Desktop\Addition.txt
2015-10-20 12:09 - 2015-10-20 15:06 - 00027747 _____ C:\Users\Milan\Desktop\FRST.txt
2015-10-20 11:47 - 2015-10-20 11:47 - 00001018 _____ C:\EamClean.log
2015-10-20 11:38 - 2015-10-20 11:38 - 00000786 _____ C:\Users\Milan\Desktop\Start Emsisoft Emergency Kit.lnk
2015-10-20 11:37 - 2015-10-20 11:38 - 00000000 ____D C:\EEK
2015-10-20 11:37 - 2015-10-20 11:37 - 168970712 _____ C:\Users\Milan\Downloads\EmsisoftEmergencyKit.exe
2015-10-20 11:23 - 2015-10-20 14:15 - 00000000 ____D C:\Program Files\trend micro
2015-10-20 11:23 - 2015-10-20 11:23 - 00000000 ____D C:\rsit
2015-10-20 11:22 - 2015-10-20 11:22 - 01222144 _____ C:\Users\Milan\Downloads\RSITx64.exe
2015-10-20 07:26 - 2015-10-20 14:04 - 00000000 ____D C:\Users\Milan\Desktop\cubase-7-serial-crack-Keygen-2015-
2015-10-20 07:16 - 2015-10-20 07:25 - 00000000 ____D C:\Users\Milan\Desktop\cubase
2015-10-19 20:16 - 2015-10-19 23:25 - 1321357312 _____ C:\Users\Milan\Downloads\Cubase_7.0.5_DVD1.iso
2015-10-19 20:15 - 2015-10-19 20:15 - 00004230 _____ C:\Users\Milan\Desktop\cubase-7-serial-crack-Keygen-2015-.rar
2015-10-18 19:09 - 2015-10-19 22:05 - 1156097807 _____ C:\Users\Milan\Downloads\Pro_Tools_11.3.0_Win.zip

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-649847758-3809949159-3738805346-1000Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-649847758-3809949159-3738805346-1000UA.job

DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5
DeleteKey: HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MacroKeyManager

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\NvBackend => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\HP Software Update => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Live Update => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Nikon Message Center 2 => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS5ServiceManager => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\AdobeCS6ServiceManager => value removed successfully
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value removed successfully
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
HKU\S-1-5-21-649847758-3809949159-3738805346-1000\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableLockWorkstation => value removed successfully
"C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL" => Value data removed successfully.
C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk => moved successfully
C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - .lnk => moved successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value removed successfully
HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value removed successfully
HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => key not found.
C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll => not found.
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\ppGoogleNaClPluginChrome.dll => not found.
C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.71\pdf.dll => not found.
C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => not found.
idsvc => service removed successfully
wfpcapture => service removed successfully
C:\Users\Milan\Desktop\UsbFix_Report.txt => moved successfully
C:\Users\Milan\Desktop\UsbFix.lnk => moved successfully
C:\Users\Milan\Downloads\UsbFix(2).exe => moved successfully
C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask => moved successfully
C:\Users\Milan\Downloads\UsbFix(1).exe => moved successfully
C:\Users\Milan\Downloads\Nepotvrzeno 781396.crdownload => moved successfully
C:\Users\Milan\Downloads\Nepotvrzeno 640380.crdownload => moved successfully
"C:\Users\Milan\Desktop\Nepotvrzeno 288623.crdownload" => not found.
C:\UsbFix => moved successfully
C:\Users\Milan\Desktop\Addition.txt => moved successfully
C:\Users\Milan\Desktop\FRST.txt => moved successfully
C:\EamClean.log => moved successfully
C:\Users\Milan\Desktop\Start Emsisoft Emergency Kit.lnk => moved successfully
C:\EEK => moved successfully
C:\Users\Milan\Downloads\EmsisoftEmergencyKit.exe => moved successfully
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\Milan\Downloads\RSITx64.exe => moved successfully
"C:\Users\Milan\Desktop\cubase-7-serial-crack-Keygen-2015-" => not found.
C:\Users\Milan\Desktop\cubase => moved successfully
C:\Users\Milan\Downloads\Cubase_7.0.5_DVD1.iso => moved successfully
"C:\Users\Milan\Desktop\cubase-7-serial-crack-Keygen-2015-.rar" => not found.
C:\Users\Milan\Downloads\Pro_Tools_11.3.0_Win.zip => moved successfully
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-649847758-3809949159-3738805346-1000Core.job => moved successfully
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-649847758-3809949159-3738805346-1000UA.job => moved successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5ServiceManager => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Live Update 5 => key removed successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MacroKeyManager => key removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.4 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 15:41:43 ====
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Flash USB - antivir detekuje virus

#11 Příspěvek od vyosek »

Jak se chova PC, problemy zmizely?
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
meiilax
Návštěvník
Návštěvník
Příspěvky: 49
Registrován: 27 čer 2004 09:13

Re: Flash USB - antivir detekuje virus

#12 Příspěvek od meiilax »

Nic PC nehlásí, tak asi OK, díky moc. mp
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Flash USB - antivir detekuje virus

#13 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: DelFix https://toolslib.net/downloads/finish/2/
  • Stahnete a spustte
  • Ponechte zatrzitkou pouze u volby Remove disinfection tools
  • Kliknete na Run
:arrow: Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Johny1911
Návštěvník
Návštěvník
Příspěvky: 1
Registrován: 01 bře 2016 12:30

Re: Flash USB - antivir detekuje virus

#14 Příspěvek od Johny1911 »

Dobrý den, mám stejný problém, mohl bych také poprosit o vaši pomoc?

Děkuji.


Jan Hrubý
Nahoru
altrok
Moderátor
Moderátor
Příspěvky: 7275
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Flash USB - antivir detekuje virus

#15 Příspěvek od altrok »

Dobry den, Johny1911,

v jednom vlaknu se resi vzdy prave jeden PC (vizte pravidla fora). Zalozte si prosim nove tema. Dekuji za pochopeni.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“