VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by Petr (administrator) on BIG-MIKE (06-11-2015 19:47:10)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(tsvr.com) C:\Users\Petr\AppData\Roaming\TSv\TSvr.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(TODO: <公司名>) C:\Program Files (x86)\SFK\SSFK.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(DTools LIMITED) C:\ProgramData\7WdsManPro7\WdsManPro.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15081.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8510680 2015-09-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1394392 2015-09-04] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-741035711-12348475-2984234956-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-741035711-12348475-2984234956-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{b1c91c6b-557d-418b-ab35-b5f4c528fadd}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-19] (Oracle Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> hxxp://www.delta-homes.com/?type=hp&ts=1444632 ... 2_S3PHWT33

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default
FF NewTab: chrome://quick_start/content/index.html
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @alawar.com/npapi -> C:\WINDOWS\npapi.dll [2014-01-29] (Alawar)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: sidebar - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\sidebarff@gmail.com [2015-11-06] [not signed]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\ich@maltegoetz.de.xpi [2015-08-16]
FF Extension: AdBlock for YouTube™ - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2015-09-20]
FF Extension: Google Translator for Firefox - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\translator@zoli.bod.xpi [2015-08-13]
FF Extension: Adblock Plus - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: Greasemonkey - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-09-30]
FF HKLM-x32\...\Firefox\Extensions: [defsearchp@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\extensions\defsearchp@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\extensions\deskCutv2@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [default_newtabff@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\extensions\default_newtabff@gmail.com => not found
FF HKLM-x32\...\Firefox\Extensions: [sidebarff@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\extensions\sidebarff@gmail.com

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mibfbmhijjgpkmobcfdlelpccpeafoom] - <no Path/update_url>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-11] (Intel Corporation)
R2 IhPul; C:\Users\Petr\AppData\Roaming\TSv\TSvr.exe [396944 2015-09-21] (tsvr.com)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [298200 2015-09-04] (Realtek Semiconductor)
R2 SSFK; C:\Program Files (x86)\SFK\SSFK.exe [169632 2015-10-10] (TODO: <公司名>)
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-16] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WdsManPro; C:\ProgramData\7WdsManPro7\WdsManPro.exe [435712 2015-10-10] (DTools LIMITED) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-08-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-08-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-06 19:47 - 2015-11-06 19:48 - 00013520 _____ C:\Users\Petr\Desktop\FRST.txt
2015-11-06 19:47 - 2015-11-06 19:47 - 00000000 ____D C:\FRST
2015-11-06 19:46 - 2015-11-06 19:46 - 02198528 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-11-06 19:45 - 2015-11-06 19:46 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-11-06 19:31 - 2015-11-06 19:31 - 00016148 _____ C:\WINDOWS\system32\BIG-MIKE_Petr_HistoryPrediction.bin
2015-11-06 18:31 - 2015-11-06 18:31 - 00000001 _____ C:\WINDOWS\SysWOW64\en.html
2015-11-06 16:33 - 2015-11-06 16:33 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Brave Giant
2015-11-06 16:32 - 2015-11-06 19:00 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-06 16:30 - 2015-11-06 16:30 - 00000572 _____ C:\WINDOWS\PFRO.log
2015-11-06 16:24 - 2015-11-06 16:24 - 00002307 _____ C:\Users\Petr\Desktop\Hry zdarma.lnk
2015-11-06 16:24 - 2015-11-06 16:24 - 00002297 _____ C:\Users\Petr\Desktop\Nové hry.lnk
2015-11-06 16:24 - 2015-11-06 16:24 - 00001381 _____ C:\Users\Petr\Desktop\Lovci démonů 2 - Nová kapitola.lnk
2015-11-06 16:24 - 2015-11-06 16:24 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar
2015-11-06 16:21 - 2015-11-06 16:21 - 00000000 ____D C:\Program Files (x86)\Alawar.cs
2015-11-06 00:13 - 2015-11-06 01:10 - 1023723384 _____ C:\Users\Petr\Desktop\Fantomas-se-zlobí-2-CZ-Dabing,Dobrodružný,Komedie,-Francie,Itálie,-1965.avi
2015-11-05 14:58 - 2015-11-06 16:14 - 00370416 _____ C:\Users\Petr\Desktop\DemonHunter2ANewChapterCs_6D3394.exe
2015-11-05 14:14 - 2015-11-05 15:02 - 739599833 _____ C:\Users\Petr\Desktop\camy1.mkv
2015-11-04 22:01 - 2015-11-04 22:05 - 236962716 _____ C:\Users\Petr\Desktop\Saint.mp4
2015-11-03 12:16 - 2015-11-06 16:13 - 00000000 ____D C:\Users\Petr\AppData\Local\CrossLoop
2015-11-01 23:29 - 2015-11-01 23:29 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Teyon
2015-11-01 14:50 - 2015-11-01 16:23 - 1667264512 _____ C:\Users\Petr\Desktop\Sejmi.Prezidenta.2014.BDRip.XviD.CZ-TreZzoR.avi
2015-10-30 09:57 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 09:57 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 09:57 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 09:56 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 09:56 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 09:56 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 09:56 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 09:56 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 09:56 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 09:56 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 09:56 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 09:56 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 09:56 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 09:56 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 09:56 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 09:56 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 09:56 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 09:56 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 09:56 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 09:56 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 09:56 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 09:56 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 09:56 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 09:56 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 09:56 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 09:56 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 09:56 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 09:56 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 09:56 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 09:56 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 09:56 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 09:56 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 09:56 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 09:56 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-28 12:28 - 2015-10-28 12:28 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\IcarusGames
2015-10-27 22:12 - 2015-10-27 22:12 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Games
2015-10-27 18:19 - 2015-10-27 22:00 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Five-BN Games
2015-10-27 02:07 - 2015-10-27 02:07 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\N_Tri Studio
2015-10-25 17:27 - 2015-10-25 17:27 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Alawar Stargaze
2015-10-21 10:56 - 2015-10-21 10:56 - 00000000 ____D C:\WINDOWS\system32\log
2015-10-17 13:43 - 2015-10-17 13:43 - 00000000 ____D C:\Users\Petr\hirens
2015-10-15 07:30 - 2015-10-15 09:15 - 1622366208 _____ C:\Users\Petr\Desktop\terminator 3.avi
2015-10-14 00:35 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 00:35 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 00:35 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 00:35 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 00:35 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 00:35 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 00:35 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 00:35 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 00:35 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 00:35 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 00:35 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 00:35 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 00:35 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 00:35 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 00:35 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 00:35 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 00:35 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 00:35 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 00:35 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 00:35 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 00:35 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 00:35 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 00:35 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 00:35 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 00:35 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 00:35 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 00:35 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 00:35 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 00:35 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 00:35 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 00:35 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 00:35 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 00:35 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 00:35 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 00:35 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 00:35 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 00:35 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-12 07:47 - 2015-10-21 10:55 - 00000000 ____D C:\Users\Petr\AppData\Roaming\WinZipper
2015-10-12 07:47 - 2015-10-12 07:47 - 00000000 ____D C:\Program Files (x86)\SFK
2015-10-12 07:46 - 2015-10-12 07:47 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TSv
2015-10-12 07:46 - 2015-10-12 07:46 - 00000350 _____ C:\WINDOWS\SysWOW64\data.bin
2015-10-12 07:45 - 2015-10-12 07:46 - 00000000 ____D C:\ProgramData\7WdsManPro7
2015-10-11 17:57 - 2015-10-11 17:57 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-10-11 17:57 - 2015-10-11 17:57 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-10-11 17:57 - 2015-10-11 17:57 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-10-10 00:07 - 2015-10-12 20:49 - 00000333 _____ C:\Users\Petr\Desktop\111.txt
2015-10-09 16:51 - 2015-10-09 16:51 - 00000000 ____D C:\Users\Petr\AppData\Roaming\CyberCradle
2015-10-07 22:37 - 2015-10-07 22:37 - 00000000 ____D C:\Users\Petr\AppData\Roaming\AlawarEntertainment

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-06 19:46 - 2015-08-13 01:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-06 19:33 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-06 16:36 - 2015-08-13 00:32 - 00004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5DAED6D2-6611-4277-A0F6-5D0627307908}
2015-11-06 16:35 - 2015-08-16 13:58 - 01951294 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-06 16:35 - 2015-07-10 17:02 - 00808930 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-06 16:35 - 2015-07-10 17:02 - 00181640 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-06 16:32 - 2015-09-22 13:45 - 00000000 ____D C:\ProgramData\AlawarWrapper
2015-11-06 16:32 - 2015-08-12 23:58 - 00000000 ____D C:\Users\Petr\Documents\Youcam
2015-11-06 16:30 - 2015-08-15 23:17 - 00000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2015-11-06 16:30 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-06 16:30 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-06 16:12 - 2015-09-22 23:02 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hry.cz
2015-11-06 11:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-05 15:15 - 2015-09-22 23:09 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Artifex Mundi
2015-11-03 13:45 - 2015-08-13 20:20 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2015-11-02 02:09 - 2015-08-31 09:20 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-01 20:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-31 02:52 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 19:42 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 14:49 - 2015-08-31 09:19 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-27 13:54 - 2015-09-22 13:20 - 00000000 ____D C:\Users\Petr\Desktop\špidla
2015-10-27 13:54 - 2015-08-16 10:21 - 00000000 ____D C:\Users\Petr\Desktop\L+N
2015-10-26 13:44 - 2015-08-16 14:00 - 00000000 ____D C:\Users\Petr
2015-10-22 22:08 - 2015-08-24 18:52 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2015-10-22 13:02 - 2015-09-19 09:38 - 00000230 _____ C:\Users\Petr\Desktop\kassel.txt
2015-10-18 14:07 - 2015-09-18 14:07 - 00003234 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPetr
2015-10-18 14:07 - 2015-09-18 14:07 - 00000346 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job
2015-10-17 16:14 - 2015-09-09 17:33 - 00000270 __RSH C:\ProgramData\ntuser.pol
2015-10-16 04:10 - 2015-10-02 06:27 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-10-02 06:27 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 00:44 - 2015-08-15 14:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 00:39 - 2015-08-15 14:49 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-12 07:46 - 2015-08-13 00:39 - 00001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-12 07:46 - 2015-08-13 00:39 - 00001442 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-12 07:45 - 2015-10-04 15:05 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-12 07:45 - 2015-10-04 15:05 - 00000000 ____D C:\ProgramData\nWdsManPron
2015-10-12 07:44 - 2015-08-16 18:15 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-11 17:57 - 2015-08-16 13:54 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-10-11 17:57 - 2015-08-16 13:54 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-10-11 17:57 - 2015-07-30 21:46 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-10-11 17:57 - 2015-07-30 21:45 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-10-10 22:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-07 22:35 - 2015-10-03 20:02 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Opera Software
2015-10-07 09:15 - 2015-07-10 13:20 - 00231864 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2015-09-29 22:04 - 2015-09-29 22:04 - 0004608 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-04 15:05 - 2015-10-12 07:45 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Petr\Desktop" je 10559 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner v5.018 - Logfile created 06/11/2015 at 21:25:30
# Updated 05/11/2015 by Xplode
# Database : 2015-11-03.2 [Server]
# Operating system : Windows 10 Home (x64)
# Username : Petr - BIG-MIKE
# Running from : C:\Users\Petr\Desktop\adwcleaner_5.018.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : SSFK
[-] Service Deleted : WdsManPro
[-] Service Deleted : IhPul

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\SFK
[-] Folder Deleted : C:\ProgramData\SecurityUtility
[-] Folder Deleted : C:\ProgramData\7b24ec7cc000461ebe26d116b88142c8
[-] Folder Deleted : C:\ProgramData\7WdsManPro7
[-] Folder Deleted : C:\ProgramData\nWdsManPron
[-] Folder Deleted : C:\Users\Petr\AppData\Local\Amigo
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\istartsurf
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\WinZipper
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\Browser-Security
[-] Folder Deleted : C:\Users\Petr\AppData\Roaming\TSv

***** [ Files ] *****

[-] File Deleted : C:\WINDOWS\SysNative\log\iSafeKrnlCall.log

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Mozilla\Extends
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [default_newtabff@gmail.com]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com]
[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [defsearchp@gmail.com]
[-] Key Deleted : HKCU\Software\V9
[-] Key Deleted : HKCU\Software\PRODUCTSETUP
[-] Key Deleted : HKCU\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
[-] Key Deleted : HKCU\Software\AppDataLow\Software\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
[-] Key Deleted : HKLM\SOFTWARE\delta-homesSoftware
[-] Key Deleted : HKLM\SOFTWARE\hdcode
[-] Key Deleted : HKLM\SOFTWARE\istartsurfSoftware
[-] Key Deleted : HKLM\SOFTWARE\FFPluginHp
[-] Key Deleted : HKLM\SOFTWARE\WdsManPro
[-] Key Deleted : HKLM\SOFTWARE\TSv

***** [ Web browsers ] *****

[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\prefs.js] [Preference] Deleted : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\prefs.js] [Preference] Deleted : user_pref("browser.search.selectedEngine", "delta-homes");
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\prefs.js] [Preference] Deleted : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3018 bytes] ##########

Dejte nový log FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-11-2015
Ran by Petr (administrator) on BIG-MIKE (06-11-2015 22:25:03)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8510680 2015-09-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1394392 2015-09-04] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-741035711-12348475-2984234956-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.)
HKU\S-1-5-21-741035711-12348475-2984234956-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-20] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{b1c91c6b-557d-418b-ab35-b5f4c528fadd}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-19] (Oracle Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> hxxp://www.delta-homes.com/?type=hp&ts=1444632 ... 2_S3PHWT33

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default
FF Homepage: hxxps://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @alawar.com/npapi -> C:\WINDOWS\npapi.dll [2014-01-29] (Alawar)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: sidebar - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\sidebarff@gmail.com [2015-11-06] [not signed]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\ich@maltegoetz.de.xpi [2015-08-16]
FF Extension: AdBlock for YouTube™ - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2015-09-20]
FF Extension: Google Translator for Firefox - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\translator@zoli.bod.xpi [2015-08-13]
FF Extension: Adblock Plus - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-09-24]
FF Extension: Greasemonkey - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-09-30]
FF HKLM-x32\...\Firefox\Extensions: [sidebarff@gmail.com] - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\w07xvuq1.default\extensions\sidebarff@gmail.com

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mibfbmhijjgpkmobcfdlelpccpeafoom] - <no Path/update_url>

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-11] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [298200 2015-09-04] (Realtek Semiconductor)
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-16] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-08-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-08-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-06 21:27 - 2015-11-06 21:27 - 00016148 _____ C:\WINDOWS\system32\BIG-MIKE_Petr_HistoryPrediction.bin
2015-11-06 21:19 - 2015-11-06 21:25 - 00000000 ____D C:\AdwCleaner
2015-11-06 21:19 - 2015-11-06 21:19 - 01713664 _____ C:\Users\Petr\Desktop\adwcleaner_5.018.exe
2015-11-06 19:49 - 2015-11-06 19:49 - 00010708 _____ C:\Users\Petr\Desktop\Addition.txt
2015-11-06 19:47 - 2015-11-06 22:25 - 00012035 _____ C:\Users\Petr\Desktop\FRST.txt
2015-11-06 19:47 - 2015-11-06 22:25 - 00000000 ____D C:\FRST
2015-11-06 19:46 - 2015-11-06 22:25 - 02198528 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2015-11-06 19:45 - 2015-11-06 19:46 - 00112640 _____ (forum.viry.cz) C:\Users\Petr\Desktop\FRSTLauncher.exe
2015-11-06 16:33 - 2015-11-06 16:33 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Brave Giant
2015-11-06 16:32 - 2015-11-06 21:56 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-06 16:30 - 2015-11-06 16:30 - 00000572 _____ C:\WINDOWS\PFRO.log
2015-11-06 16:24 - 2015-11-06 16:24 - 00001381 _____ C:\Users\Petr\Desktop\Lovci démonů 2 - Nová kapitola.lnk
2015-11-06 16:24 - 2015-11-06 16:24 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar
2015-11-06 16:21 - 2015-11-06 16:21 - 00000000 ____D C:\Program Files (x86)\Alawar.cs
2015-11-06 00:13 - 2015-11-06 01:10 - 1023723384 _____ C:\Users\Petr\Desktop\Fantomas-se-zlobí-2-CZ-Dabing,Dobrodružný,Komedie,-Francie,Itálie,-1965.avi
2015-11-05 14:58 - 2015-11-06 16:14 - 00370416 _____ C:\Users\Petr\Desktop\DemonHunter2ANewChapterCs_6D3394.exe
2015-11-05 14:14 - 2015-11-05 15:02 - 739599833 _____ C:\Users\Petr\Desktop\camy1.mkv
2015-11-04 22:01 - 2015-11-04 22:05 - 236962716 _____ C:\Users\Petr\Desktop\Saint.mp4
2015-11-03 12:16 - 2015-11-06 16:13 - 00000000 ____D C:\Users\Petr\AppData\Local\CrossLoop
2015-11-01 23:29 - 2015-11-01 23:29 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Teyon
2015-11-01 14:50 - 2015-11-01 16:23 - 1667264512 _____ C:\Users\Petr\Desktop\Sejmi.Prezidenta.2014.BDRip.XviD.CZ-TreZzoR.avi
2015-10-30 09:57 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 09:57 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 09:57 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 09:56 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 09:56 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 09:56 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 09:56 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 09:56 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 09:56 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 09:56 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 09:56 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 09:56 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 09:56 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 09:56 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 09:56 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 09:56 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 09:56 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 09:56 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 09:56 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 09:56 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 09:56 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 09:56 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 09:56 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 09:56 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 09:56 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 09:56 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 09:56 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 09:56 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 09:56 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 09:56 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 09:56 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 09:56 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 09:56 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 09:56 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-28 12:28 - 2015-10-28 12:28 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\IcarusGames
2015-10-27 22:12 - 2015-10-27 22:12 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Games
2015-10-27 18:19 - 2015-10-27 22:00 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Five-BN Games
2015-10-27 02:07 - 2015-10-27 02:07 - 00000000 ____D C:\Users\Petr\AppData\LocalLow\N_Tri Studio
2015-10-25 17:27 - 2015-10-25 17:27 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Alawar Stargaze
2015-10-21 10:56 - 2015-11-06 21:25 - 00000000 ____D C:\WINDOWS\system32\log
2015-10-17 13:43 - 2015-10-17 13:43 - 00000000 ____D C:\Users\Petr\hirens
2015-10-15 07:30 - 2015-10-15 09:15 - 1622366208 _____ C:\Users\Petr\Desktop\terminator 3.avi
2015-10-14 00:35 - 2015-10-10 08:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 00:35 - 2015-10-06 04:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 00:35 - 2015-10-06 03:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 00:35 - 2015-10-01 05:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 00:35 - 2015-10-01 05:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 00:35 - 2015-10-01 05:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 00:35 - 2015-10-01 05:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 00:35 - 2015-10-01 05:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 00:35 - 2015-10-01 04:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 00:35 - 2015-09-25 05:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 00:35 - 2015-09-25 05:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 00:35 - 2015-09-25 04:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 00:35 - 2015-09-25 04:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 00:35 - 2015-09-25 04:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 00:35 - 2015-09-25 04:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 00:35 - 2015-09-25 04:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 00:35 - 2015-09-25 04:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 00:35 - 2015-09-25 04:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 00:35 - 2015-09-25 04:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 00:35 - 2015-09-25 04:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 00:35 - 2015-09-25 04:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 00:35 - 2015-09-25 04:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 00:35 - 2015-09-25 04:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 00:35 - 2015-09-25 04:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 00:35 - 2015-09-25 04:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 00:35 - 2015-09-25 04:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 00:35 - 2015-09-25 04:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 00:35 - 2015-09-25 04:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 00:35 - 2015-09-25 04:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 00:35 - 2015-09-25 04:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 00:35 - 2015-09-25 03:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 00:35 - 2015-09-25 03:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 00:35 - 2015-09-25 03:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 00:35 - 2015-09-25 03:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 00:35 - 2015-09-25 03:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 00:35 - 2015-09-25 03:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 00:35 - 2015-09-25 03:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 00:35 - 2015-09-25 03:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 00:35 - 2015-09-25 03:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 00:35 - 2015-09-25 03:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 00:35 - 2015-09-25 03:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 00:35 - 2015-09-25 03:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-12 07:46 - 2015-10-12 07:46 - 00000350 _____ C:\WINDOWS\SysWOW64\data.bin
2015-10-11 17:57 - 2015-10-11 17:57 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-10-11 17:57 - 2015-10-11 17:57 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-10-11 17:57 - 2015-10-11 17:57 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00181524 _____ C:\WINDOWS\system32\resELL.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-10-11 17:57 - 2015-10-11 17:57 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00163044 _____ C:\WINDOWS\system32\resARA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155988 _____ C:\WINDOWS\system32\resITA.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155828 _____ C:\WINDOWS\system32\resROM.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155716 _____ C:\WINDOWS\system32\resESN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00149812 _____ C:\WINDOWS\system32\resENU.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui
2015-10-11 17:57 - 2015-10-11 17:57 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-10-11 17:57 - 2015-10-11 17:57 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-10-10 00:07 - 2015-10-12 20:49 - 00000333 _____ C:\Users\Petr\Desktop\111.txt
2015-10-09 16:51 - 2015-10-09 16:51 - 00000000 ____D C:\Users\Petr\AppData\Roaming\CyberCradle
2015-10-07 22:37 - 2015-10-07 22:37 - 00000000 ____D C:\Users\Petr\AppData\Roaming\AlawarEntertainment

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-06 21:46 - 2015-08-13 01:19 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-06 21:31 - 2015-08-16 13:58 - 01951294 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-06 21:31 - 2015-07-10 17:02 - 00808930 _____ C:\WINDOWS\system32\perfh005.dat
2015-11-06 21:31 - 2015-07-10 17:02 - 00181640 _____ C:\WINDOWS\system32\perfc005.dat
2015-11-06 21:28 - 2015-08-12 23:58 - 00000000 ____D C:\Users\Petr\Documents\Youcam
2015-11-06 21:27 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-06 21:26 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-06 21:25 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-06 16:36 - 2015-08-13 00:32 - 00004190 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5DAED6D2-6611-4277-A0F6-5D0627307908}
2015-11-06 16:32 - 2015-09-22 13:45 - 00000000 ____D C:\ProgramData\AlawarWrapper
2015-11-06 16:30 - 2015-08-15 23:17 - 00000000 ____D C:\Users\Petr\AppData\Roaming\vlc
2015-11-06 16:12 - 2015-09-22 23:02 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hry.cz
2015-11-06 11:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-05 15:15 - 2015-09-22 23:09 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Artifex Mundi
2015-11-03 13:45 - 2015-08-13 20:20 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2015-11-02 02:09 - 2015-08-31 09:20 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-01 20:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-31 02:52 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 19:42 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-29 14:49 - 2015-08-31 09:19 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-27 13:54 - 2015-09-22 13:20 - 00000000 ____D C:\Users\Petr\Desktop\špidla
2015-10-27 13:54 - 2015-08-16 10:21 - 00000000 ____D C:\Users\Petr\Desktop\L+N
2015-10-26 13:44 - 2015-08-16 14:00 - 00000000 ____D C:\Users\Petr
2015-10-22 22:08 - 2015-08-24 18:52 - 00000000 ____D C:\Users\Petr\AppData\Roaming\TeamViewer
2015-10-22 13:02 - 2015-09-19 09:38 - 00000230 _____ C:\Users\Petr\Desktop\kassel.txt
2015-10-18 14:07 - 2015-09-18 14:07 - 00003234 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPetr
2015-10-18 14:07 - 2015-09-18 14:07 - 00000346 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPetr.job
2015-10-17 16:14 - 2015-09-09 17:33 - 00000270 __RSH C:\ProgramData\ntuser.pol
2015-10-16 04:10 - 2015-10-02 06:27 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-10-02 06:27 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-14 00:44 - 2015-08-15 14:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-14 00:39 - 2015-08-15 14:49 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-12 07:46 - 2015-08-13 00:39 - 00001454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-12 07:46 - 2015-08-13 00:39 - 00001442 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-12 07:45 - 2015-10-04 15:05 - 00000102 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-10-12 07:44 - 2015-08-16 18:15 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-10-11 17:57 - 2015-08-16 13:54 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-10-11 17:57 - 2015-08-16 13:54 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-10-11 17:57 - 2015-07-30 21:46 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-10-11 17:57 - 2015-07-30 21:46 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-10-11 17:57 - 2015-07-30 21:45 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-10-11 17:57 - 2015-07-30 21:45 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-10-11 17:57 - 2015-07-30 21:45 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-10-10 22:43 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-10-07 22:35 - 2015-10-03 20:02 - 00000000 ____D C:\Users\Petr\AppData\Roaming\Opera Software
2015-10-07 09:15 - 2015-07-10 13:20 - 00231864 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== Files in the root of some directories =======

2015-09-29 22:04 - 2015-09-29 22:04 - 0004608 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-04 15:05 - 2015-10-12 07:45 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
C:\Users\Petr\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-11-04 20:12

==================== End of FRST.txt ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
Edge HomeButtonPage: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> hxxp://www.delta-homes.com/?type=hp&ts= ... 2_S3PHWT33
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version:05-11-2015
Ran by Petr (2015-11-06 22:56:41) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM\Software Microsoft Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft Internet Explorer\Main,Start Page = hxxp://start.atarata.cz/
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMNTDFJS
SearchScopes: HKLM -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> {ACE2902B-53E2-437C-B231-1A68E530FF27} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_i ... -keywords={searchTerms}
Edge HomeButtonPage: HKU\S-1-5-21-741035711-12348475-2984234956-1001 -> hxxp://www.delta-homes.com/?type=hp&ts= ... 2_S3PHWT33
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
End
*****************

HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ACE2902B-53E2-437C-B231-1A68E530FF27}" => key removed successfully
HKCR\CLSID\{ACE2902B-53E2-437C-B231-1A68E530FF27} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ACE2902B-53E2-437C-B231-1A68E530FF27}" => key removed successfully
HKCR\Wow6432Node\CLSID\{ACE2902B-53E2-437C-B231-1A68E530FF27} => key not found.
HKU\S-1-5-21-741035711-12348475-2984234956-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-741035711-12348475-2984234956-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKU\S-1-5-21-741035711-12348475-2984234956-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ACE2902B-53E2-437C-B231-1A68E530FF27}" => key removed successfully
HKCR\CLSID\{ACE2902B-53E2-437C-B231-1A68E530FF27} => key not found.
HKU\S-1-5-21-741035711-12348475-2984234956-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\Main\\HomeButtonPage => value removed successfully
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat => moved successfully

==== End of Fixlog 22:56:41 ====

Smazáno a opraveno. Log je již OK.