VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu - nechtěné instalace

https://forum.viry.cz:443/viewtopic.php?t=148527

Stránka 1 z 1

Prosím o kontrolu logu - nechtěné instalace

Napsal: 29 bře 2016 18:23
od Mion
Počítač jsem už předtím projel ComboFixem, následně LOG z HijackThis

Logfile of random's system information tool 1.10 (written by random/random)
Run by Miroslav at 2016-03-29 19:15:44
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 48 GB (24%) free of 200 GB
Total RAM: 8092 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:15:53, on 29.3.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\BOINC\boinctray.exe
C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Miroslav.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.2345.com/?34838
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [ QQPCTray] "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe" /regrun
O4 - HKLM\..\Run: [boinctray] "C:\Program Files (x86)\BOINC\boinctray.exe"
O4 - HKLM\..\Run: [boincmgr] "C:\Program Files (x86)\BOINC\charityengine.exe" /a /s
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\ProgramData\Ronzap\Xxx-find.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ronzap - Unknown owner - C:\ProgramData\\Ronzap\\Ronzap.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7476 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe"
"C:\Windows\system32\Dwm.exe"
"taskhost.exe"
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
WLIDSvcM.exe 2852
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\system32\GWX\GWX.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\BOINC\boinctray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "-1353323518-7850156013357768111567288301307385741-14434575036946895621163449627
C:\Windows\explorer.exe

"C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.87 --handshake-handle=0xcc
"C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3352.0.1339688373\1660794341" --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,25,54,64 --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=10.18.13.6143 --ignored=" --type=renderer " /prefetch:2
"C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Default/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3352.2.1417968837\641344354" /prefetch:1
"C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Default/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3352.3.991606464\1217240444" /prefetch:1
"C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Default/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3352.9.490652673\335903959" /prefetch:1
taskhost.exe $(Arg0)
"C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Default/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3352.17.1644743541\1642589081" /prefetch:1
"C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Default/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3352.20.1291379357\1690916475" /prefetch:1
"C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Default/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3352.23.2123577529\244924407" /prefetch:1
"C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding --disable-features=UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_5/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/7DaySingleProfile/*DataReductionProxyConfigService/Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_06/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/default/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Default/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3352.25.1258883917\782338752" /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 532 536 544 65536 540
"C:\Users\Miroslav\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1610609173-1946185470-3874883686-1000Core.job - C:\Users\Miroslav\AppData\Local\Google\Update\GoogleUpdate.exe /c

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-01-29 1340192]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2013-10-04 7200984]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-12-16 2771576]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-12-16 1846016]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-18 1085656]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
" QQPCTray"=C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe /regrun []
"boinctray"=C:\Program Files (x86)\BOINC\boinctray.exe [2014-03-07 71312]
"boincmgr"=C:\Program Files (x86)\BOINC\charityengine.exe [2014-03-07 3757712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\ProgramData\Ronzap\Rankex.dll"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"vidc.XVID"=xvidvfw.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"vidc.x264"=x264vfw64.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-03-29 19:15:44 ----D---- C:\rsit
2016-03-29 19:15:44 ----D---- C:\Program Files\trend micro
2016-03-29 19:11:41 ----SHD---- C:\$RECYCLE.BIN
2016-03-29 19:11:25 ----D---- C:\Windows\temp
2016-03-29 19:11:06 ----A---- C:\ComboFix.txt
2016-03-29 18:49:52 ----A---- C:\Windows\zip.exe
2016-03-29 18:49:52 ----A---- C:\Windows\SWSC.exe
2016-03-29 18:49:52 ----A---- C:\Windows\SWREG.exe
2016-03-29 18:49:52 ----A---- C:\Windows\sed.exe
2016-03-29 18:49:52 ----A---- C:\Windows\PEV.exe
2016-03-29 18:49:52 ----A---- C:\Windows\NIRCMD.exe
2016-03-29 18:49:52 ----A---- C:\Windows\MBR.exe
2016-03-29 18:49:52 ----A---- C:\Windows\grep.exe
2016-03-29 18:49:21 ----D---- C:\Qoobox
2016-03-29 18:49:11 ----D---- C:\Windows\erdnt
2016-03-29 18:45:43 ----D---- C:\zoek_backup
2016-03-29 18:38:20 ----D---- C:\ProgramData\BOINC
2016-03-29 18:38:20 ----D---- C:\Program Files (x86)\BOINC
2016-03-29 18:37:33 ----D---- C:\ProgramData\Ronzaps
2016-03-29 18:37:23 ----D---- C:\ProgramData\Ronzap
2016-03-29 18:37:22 ----A---- C:\Users\Miroslav\AppData\Roaming\noah.dat
2016-03-29 18:37:22 ----A---- C:\Users\Miroslav\AppData\Roaming\Main.dat
2016-03-29 18:37:22 ----A---- C:\Users\Miroslav\AppData\Roaming\agent.dat
2016-03-29 18:37:09 ----A---- C:\Users\Miroslav\AppData\Roaming\lobby.dat
2016-03-29 18:37:09 ----A---- C:\Users\Miroslav\AppData\Roaming\ApplicationHosting.dat
2016-03-29 18:36:30 ----A---- C:\Users\Miroslav\AppData\Roaming\Installer.dat
2016-03-29 18:25:53 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-29 18:25:07 ----D---- C:\Windows\SYSWOW64\tab
2016-03-29 18:25:07 ----D---- C:\Windows\SYSWOW64\hover
2016-03-29 18:21:36 ----A---- C:\Users\Miroslav\AppData\Roaming\GiftBag.db
2016-03-29 18:18:48 ----D---- C:\ProgramData\Thunder Network
2016-03-29 18:17:18 ----A---- C:\Windows\chromebrowser.exe
2016-03-28 23:32:12 ----D---- C:\Users\Miroslav\AppData\Roaming\Google
2016-03-28 23:24:04 ----D---- C:\ProgramData\Google
2016-03-28 23:24:01 ----D---- C:\Program Files\Google
2016-03-24 14:08:12 ----D---- C:\Program Files (x86)\Windows Phone
2016-03-24 14:07:46 ----D---- C:\ProgramData\Applications
2016-03-24 09:44:38 ----D---- C:\Users\Miroslav\AppData\Roaming\Apple Computer
2016-03-23 19:52:43 ----D---- C:\ProgramData\Apple Computer
2016-03-23 19:52:43 ----D---- C:\Program Files (x86)\QuickTime
2016-03-23 19:52:07 ----D---- C:\Program Files (x86)\Apple Software Update
2016-03-23 19:52:00 ----D---- C:\ProgramData\Apple
2016-03-22 19:46:37 ----A---- C:\Windows\unvise32.exe
2016-03-22 19:46:33 ----D---- C:\Program Files (x86)\LooksBuilder
2016-03-22 19:46:32 ----D---- C:\Program Files (x86)\MBL
2016-03-16 00:39:18 ----AD---- C:\ProgramData\MTA San Andreas All
2016-03-13 10:57:01 ----D---- C:\Program Files (x86)\x264vfw
2016-03-09 16:27:19 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-03-09 16:27:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 16:27:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 16:27:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 16:27:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 16:27:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 16:27:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 16:27:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 16:27:19 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-09 16:27:19 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 16:27:19 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 16:27:19 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 16:27:19 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 16:27:19 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 16:27:19 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 16:27:18 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 16:27:17 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 16:27:16 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-03-09 16:27:16 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-03-09 16:27:16 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-03-09 16:27:16 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-03-09 16:27:16 ----A---- C:\Windows\system32\wuwebv.dll
2016-03-09 16:27:16 ----A---- C:\Windows\system32\wups2.dll
2016-03-09 16:27:16 ----A---- C:\Windows\system32\wups.dll
2016-03-09 16:27:16 ----A---- C:\Windows\system32\wudriver.dll
2016-03-09 16:27:16 ----A---- C:\Windows\system32\wucltux.dll
2016-03-09 16:27:16 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-09 16:27:16 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-09 16:27:16 ----A---- C:\Windows\system32\wuapp.exe
2016-03-09 16:27:16 ----A---- C:\Windows\system32\wuapi.dll
2016-03-09 16:27:16 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-03-09 16:27:15 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-03-09 16:27:15 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 16:27:13 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-09 16:27:13 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-09 16:27:13 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-03-09 16:27:12 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-03-09 16:27:12 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-03-09 16:27:12 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-09 16:27:08 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-03-09 16:27:08 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-03-09 16:27:08 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-09 16:27:08 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-03-09 16:27:08 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 16:27:08 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 16:27:08 ----A---- C:\Windows\system32\iernonce.dll
2016-03-09 16:27:08 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-09 16:27:08 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-09 16:27:07 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-09 16:27:07 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-09 16:27:07 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-03-09 16:27:07 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-09 16:27:07 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-09 16:27:07 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 16:27:07 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-09 16:27:07 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-03-09 16:27:07 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 16:27:07 ----A---- C:\Windows\system32\inseng.dll
2016-03-09 16:27:07 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-09 16:27:06 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-03-09 16:27:06 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-09 16:27:05 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-09 16:27:05 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-03-09 16:27:05 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-09 16:27:05 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-03-09 16:27:05 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-03-09 16:27:05 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 16:27:05 ----A---- C:\Windows\system32\occache.dll
2016-03-09 16:27:05 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 16:27:05 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 16:27:05 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 16:27:05 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-09 16:27:05 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 16:27:04 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-09 16:27:04 ----A---- C:\Windows\system32\iesetup.dll
2016-03-09 16:27:04 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-09 16:27:03 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-09 16:27:03 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 16:27:03 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-09 16:27:03 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-03-09 16:27:03 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 16:27:02 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-09 16:27:02 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-03-09 16:27:02 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-03-09 16:27:02 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 16:27:02 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 16:27:02 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 16:27:01 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-09 16:27:01 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 16:27:01 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 16:27:01 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 16:27:00 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 16:27:00 ----A---- C:\Windows\system32\webcheck.dll
2016-03-09 16:27:00 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-09 16:27:00 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 16:27:00 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 16:26:59 ----A---- C:\Windows\system32\msrating.dll
2016-03-09 16:26:59 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-09 16:26:59 ----A---- C:\Windows\system32\mshtml.dll
2016-03-09 16:24:02 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-09 16:24:02 ----A---- C:\Windows\system32\ntdll.dll
2016-03-09 16:24:01 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-03-09 16:24:01 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 16:24:01 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-03-09 16:24:01 ----A---- C:\Windows\system32\KernelBase.dll
2016-03-09 16:24:01 ----A---- C:\Windows\system32\kerberos.dll
2016-03-09 16:24:00 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-03-09 16:24:00 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-03-09 16:24:00 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-03-09 16:24:00 ----A---- C:\Windows\system32\kernel32.dll
2016-03-09 16:24:00 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-03-09 16:24:00 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-03-09 16:24:00 ----A---- C:\Windows\system32\advapi32.dll
2016-03-09 16:23:59 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-03-09 16:23:59 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\wow64win.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\wow64.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\winsrv.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\wdigest.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\TSpkg.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\sspicli.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\srcore.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\smss.exe
2016-03-09 16:23:59 ----A---- C:\Windows\system32\schannel.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\ncrypt.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\msv1_0.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\lsasrv.dll
2016-03-09 16:23:59 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-03-09 16:23:59 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-03-09 16:23:59 ----A---- C:\Windows\system32\conhost.exe
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-03-09 16:23:58 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-03-09 16:23:58 ----A---- C:\Windows\system32\wow64cpu.dll
2016-03-09 16:23:58 ----A---- C:\Windows\system32\sspisrv.dll
2016-03-09 16:23:58 ----A---- C:\Windows\system32\srclient.dll
2016-03-09 16:23:58 ----A---- C:\Windows\system32\secur32.dll
2016-03-09 16:23:58 ----A---- C:\Windows\system32\rstrui.exe
2016-03-09 16:23:58 ----A---- C:\Windows\system32\ntvdm64.dll
2016-03-09 16:23:58 ----A---- C:\Windows\system32\lsass.exe
2016-03-09 16:23:58 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-03-09 16:23:58 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-09 16:23:58 ----A---- C:\Windows\system32\cryptbase.dll
2016-03-09 16:23:58 ----A---- C:\Windows\system32\credssp.dll
2016-03-09 16:23:58 ----A---- C:\Windows\system32\auditpol.exe
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 16:23:57 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 16:23:56 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 16:23:56 ----A---- C:\Windows\SYSWOW64\user.exe
2016-03-09 16:23:56 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-03-09 16:23:56 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-03-09 16:23:56 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-03-09 16:23:56 ----A---- C:\Windows\system32\apisetschema.dll
2016-03-09 16:23:55 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-03-09 16:23:55 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-03-09 16:23:55 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-03-09 16:23:55 ----A---- C:\Windows\system32\msobjs.dll
2016-03-09 16:23:55 ----A---- C:\Windows\system32\msaudite.dll
2016-03-09 16:23:55 ----A---- C:\Windows\system32\adtschema.dll
2016-03-09 16:23:47 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-03-09 16:23:47 ----A---- C:\Windows\system32\mfds.dll
2016-03-09 16:23:47 ----A---- C:\Windows\system32\atmfd.dll
2016-03-09 16:23:46 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-03-09 16:23:46 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-03-09 16:23:46 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-03-09 16:23:46 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-03-09 16:23:46 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-03-09 16:23:46 ----A---- C:\Windows\system32\seclogon.dll
2016-03-09 16:23:46 ----A---- C:\Windows\system32\lpk.dll
2016-03-09 16:23:46 ----A---- C:\Windows\system32\fontsub.dll
2016-03-09 16:23:46 ----A---- C:\Windows\system32\dciman32.dll
2016-03-09 16:23:46 ----A---- C:\Windows\system32\atmlib.dll
2016-03-09 16:23:45 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-03-09 16:23:45 ----A---- C:\Windows\system32\wmp.dll
2016-03-09 16:23:44 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-03-09 16:23:44 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-03-09 16:23:44 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-03-09 16:23:44 ----A---- C:\Windows\system32\wmploc.DLL
2016-03-09 16:23:44 ----A---- C:\Windows\system32\spwmp.dll
2016-03-09 16:23:44 ----A---- C:\Windows\system32\dxmasf.dll
2016-03-09 16:23:43 ----A---- C:\Windows\system32\generaltel.dll
2016-03-09 16:23:43 ----A---- C:\Windows\system32\appraiser.dll
2016-03-09 16:23:43 ----A---- C:\Windows\system32\aeinv.dll
2016-03-09 16:23:42 ----A---- C:\Windows\system32\invagent.dll
2016-03-09 16:23:42 ----A---- C:\Windows\system32\devinv.dll
2016-03-09 16:23:42 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-03-09 16:23:42 ----A---- C:\Windows\system32\acmigration.dll

======List of files/folders modified in the last 1 month======

2016-03-29 19:15:44 ----RD---- C:\Program Files
2016-03-29 19:12:14 ----D---- C:\Windows\SysWOW64
2016-03-29 19:11:25 ----D---- C:\Windows
2016-03-29 19:01:06 ----A---- C:\Windows\system.ini
2016-03-29 19:00:47 ----D---- C:\Windows\system32\drivers\etc
2016-03-29 18:57:57 ----AD---- C:\ProgramData
2016-03-29 18:54:32 ----D---- C:\Windows\SYSWOW64\drivers
2016-03-29 18:54:32 ----D---- C:\Windows\AppPatch
2016-03-29 18:54:31 ----D---- C:\Program Files (x86)\Common Files
2016-03-29 18:49:22 ----D---- C:\Windows\system32\drivers
2016-03-29 18:48:13 ----D---- C:\Windows\System32
2016-03-29 18:48:13 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-29 18:44:35 ----D---- C:\Windows\system32\config
2016-03-29 18:42:36 ----D---- C:\Windows\Prefetch
2016-03-29 18:42:11 ----D---- C:\Windows\system32\Tasks
2016-03-29 18:41:20 ----D---- C:\ProgramData\NVIDIA
2016-03-29 18:40:21 ----D---- C:\Program Files (x86)\VideoLAN
2016-03-29 18:39:57 ----D---- C:\Program Files (x86)
2016-03-29 18:38:21 ----SHD---- C:\Windows\Installer
2016-03-29 18:38:20 ----D---- C:\Config.Msi
2016-03-29 18:38:17 ----D---- C:\Windows\Downloaded Installations
2016-03-29 18:28:52 ----D---- C:\Program Files\Common Files
2016-03-29 18:24:28 ----D---- C:\Windows\Tasks
2016-03-29 18:20:30 ----RSD---- C:\Windows\Fonts
2016-03-29 18:16:03 ----D---- C:\Users\Miroslav\AppData\Roaming\uTorrent
2016-03-29 13:34:05 ----SHD---- C:\System Volume Information
2016-03-29 11:30:00 ----D---- C:\Program Files (x86)\SpeedFan
2016-03-28 23:25:08 ----D---- C:\Users\Miroslav\AppData\Roaming\Adobe
2016-03-28 23:24:00 ----D---- C:\Program Files (x86)\Google
2016-03-28 23:23:33 ----D---- C:\ProgramData\Package Cache
2016-03-24 18:02:36 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-03-24 02:34:40 ----D---- C:\Windows\winsxs
2016-03-24 02:34:39 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-24 02:34:39 ----SD---- C:\Windows\system32\GWX
2016-03-23 22:34:10 ----D---- C:\ProgramData\NVIDIA Corporation
2016-03-21 14:21:03 ----D---- C:\Program Files (x86)\MSI Afterburner
2016-03-16 00:31:45 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2016-03-13 18:56:27 ----D---- C:\Windows\rescache
2016-03-12 12:15:51 ----SD---- C:\Users\Miroslav\AppData\Roaming\Microsoft
2016-03-11 12:00:53 ----D---- C:\Program Files (x86)\Steam
2016-03-09 21:12:10 ----D---- C:\Windows\Microsoft.NET
2016-03-09 21:09:27 ----RSD---- C:\Windows\assembly
2016-03-09 20:31:39 ----D---- C:\Windows\SYSWOW64\sk-SK
2016-03-09 20:31:39 ----D---- C:\Windows\SYSWOW64\pl-PL
2016-03-09 20:31:39 ----D---- C:\Windows\SYSWOW64\en-US
2016-03-09 20:31:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-03-09 20:31:39 ----D---- C:\Windows\system32\sk-SK
2016-03-09 20:31:39 ----D---- C:\Windows\system32\pl-PL
2016-03-09 20:31:39 ----D---- C:\Windows\system32\en-US
2016-03-09 20:31:39 ----D---- C:\Windows\system32\cs-CZ
2016-03-09 20:31:36 ----D---- C:\Program Files\Internet Explorer
2016-03-09 20:31:35 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-09 20:31:30 ----D---- C:\Program Files\Windows Media Player
2016-03-09 20:31:30 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-09 20:31:26 ----D---- C:\Windows\system32\DriverStore
2016-03-09 16:38:56 ----D---- C:\Windows\system32\catroot2
2016-03-09 16:38:28 ----D---- C:\Windows\system32\MRT
2016-03-09 16:35:39 ----A---- C:\Windows\system32\MRT.exe
2016-03-09 16:35:33 ----D---- C:\Windows\system32\appraiser
2016-03-06 14:14:49 ----D---- C:\ProgramData\tmp

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2013-06-27 82240]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2013-06-27 42304]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-11-13 289120]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-09-29 283064]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2014-04-10 138456]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2014-04-10 425176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-10-07 3680728]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-11-13 133816]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2015-12-16 205456]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-12-16 19576]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-12-16 50472]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2014-07-16 941784]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2011-12-14 56448]
S2 tsnethlpx64;TsNetHlpX64.sys; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 FairplayKD;FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-18 82128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_01;EPSON V3 Service4(01); C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [2007-01-11 126464]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-12-16 1156216]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-01-29 23808]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-12-16 1872504]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-12-16 6477432]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-12-16 1256240]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-12-16 417400]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2016-01-29 374344]
R3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-12-16 8185464]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 Ronzap;Ronzap; C:\ProgramData\\Ronzap\\Ronzap.exe [2016-03-29 1069568]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24 269504]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2015-01-01 654848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2016-02-07 2104840]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-10 836176]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-05 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------

Re: Prosím o kontrolu logu - nechtěné instalace

Napsal: 29 bře 2016 19:17
od Rudy
Mion píše:Počítač jsem už předtím projel ComboFixem, následně LOG z HijackThis
To jste nám pomohl. Spuštěním této utility, která je určena jen profesionálům jste riskoval pád systému, případně poškození některých aplikací. A za druhé je po skenu CF log RSIT zcela k ničemu, neboť CF všechny stopy smaže. CF, pokud ho ještě máte v PC, přejmenujte na uninstall a spusťte. CF se regulérně odinstaluje. Dejte log FRST: http://forum.viry.cz/viewtopic.php?f=13&t=133100 . Snad nám něco ukáže.

Re: Prosím o kontrolu logu - nechtěné instalace

Napsal: 29 bře 2016 19:33
od Mion
Taky je log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Miroslav (administrator) on MIROSLAV-PC (29-03-2016 20:30:42)
Running from C:\Users\Miroslav\Desktop
Loaded Profiles: Miroslav (Available Profiles: Miroslav)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\ProgramData\Ronzap\Ronzap.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Windows\DAODx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Miroslav\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7200984 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe" /regrun
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-1610609173-1946185470-3874883686-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1610609173-1946185470-3874883686-1000\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: C:\ProgramData\Ronzap\Rankex.dll => C:\ProgramData\Ronzap\Rankex.dll [363520 2016-03-29] ()
AppInit_DLLs-x32: C:\ProgramData\Ronzap\Xxx-find.dll => C:\ProgramData\Ronzap\Xxx-find.dll [257536 2016-03-29] ()
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{22A83F5D-89A7-4424-8E9D-7C4188E282D9}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{34F7103D-2C11-4FAA-BD34-9E150A07D54D}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1610609173-1946185470-3874883686-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130900044436600023&GUID=F7389CC1-0968-4DEC-9BC8-B7E1DC0240E0
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.2345.com/?34838
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1610609173-1946185470-3874883686-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {2FD913F6-1D65-4972-AC6C-69F7D2BBFA13} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {4C162509-EABC-463D-B383-678452377450} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {67D28C64-38CA-4B26-A464-21DEE6D6A304} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {9236224F-9CED-490E-AB70-62FFFF49846B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {C4C881B9-7E38-4D78-8353-054AACA4A03E} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {DC2FC6EA-40FD-4A15-AEC2-7D86FA971D3F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {DC45EB59-5AFF-428A-B188-C3B764401882} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {DE252F16-4D9A-4008-B001-3895ACDCC888} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {FD73DCA4-747F-4F78-9352-CE13E883B0AB} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194

FireFox:
========
FF ProfilePath: C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Homepage: C:\ProgramData\Ronzaps\ff.HP
FF NewTab: C:\ProgramData\Ronzaps\ff.NT
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1610609173-1946185470-3874883686-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Miroslav\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1610609173-1946185470-3874883686-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Miroslav\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF SearchPlugin: C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\DD1B66D4.xml [2016-03-29]
FF Extension: No Name - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [not found]
FF Extension: No Name - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\sepherdwilbur@aol.com [not found]
FF Extension: No Name - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\jid1-CxAfu9DDH0Q8gQ@jetpack [not found]
FF Extension: GsearchFinder - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-03-24]

Chrome:
=======
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2VjJdT4c5SDM8LfNPF766h8uygA21Rem5_H-K4iV28jUAPxKkL-xkuEKmefVZKrVWRkqhqJHajANi0B_XuyZ3_pwFz2OOITqPlkx50uriDqJrPXHGbr74xRo4SY32JdYnpQLrkqPG21S0J2R4Z6QSUakfrS
CHR StartupUrls: Default -> "hxxp://www.google.cz/","hxxp://www.mystartsear ... CH8qC38qBE.."
CHR Profile: C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-09]
CHR Extension: (Dokumenty Google) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-09]
CHR Extension: (Disk Google) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Tabulky Google) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-18]
CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2016-01-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-05]
CHR Extension: (Gmail) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-09]
StartMenuInternet: Google Chrome.5X2A3Y3GEIUSIKNCBIPNMMJBGQ - C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-01-01] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-16] (NVIDIA Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-07] (Electronic Arts)
R2 Ronzap; C:\ProgramData\\Ronzap\\Ronzap.exe [1069568 2016-03-29] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-29] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-12-16] (NVIDIA Corporation)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-29 20:30 - 2016-03-29 20:31 - 00017401 _____ C:\Users\Miroslav\Desktop\FRST.txt
2016-03-29 20:29 - 2016-03-29 20:29 - 02374144 _____ (Farbar) C:\Users\Miroslav\Desktop\FRST64.exe
2016-03-29 20:23 - 2016-03-29 20:20 - 00112640 _____ (forum.viry.cz) C:\Users\Miroslav\Desktop\FRSTLauncher.exe
2016-03-29 20:22 - 2016-03-29 20:22 - 00000000 ___SD C:\Uinstall
2016-03-29 20:13 - 2016-03-29 20:13 - 00001389 _____ C:\Users\Miroslav\Desktop\Photoshop – zástupce (2).lnk
2016-03-29 20:10 - 2016-03-29 20:10 - 00003596 _____ C:\Windows\System32\Tasks\{76F719DE-E0AF-4275-B4D0-CE4F197A4567}
2016-03-29 19:43 - 2016-03-29 19:43 - 00003514 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Miroslav-PC-Miroslav
2016-03-29 19:40 - 2016-03-29 20:28 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-29 19:40 - 2016-03-29 20:08 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-29 19:40 - 2016-03-29 19:46 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-29 19:40 - 2016-03-29 19:46 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-29 19:36 - 2016-03-29 19:36 - 00000898 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2016-03-29 19:36 - 2016-03-29 19:36 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-03-29 19:35 - 2016-03-29 19:35 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2016-03-29 19:34 - 2016-03-29 19:34 - 00000827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2016-03-29 19:33 - 2016-03-29 19:33 - 00000947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-03-29 19:15 - 2016-03-29 19:15 - 01222144 _____ C:\Users\Miroslav\Downloads\RSITx64.exe
2016-03-29 19:15 - 2016-03-29 19:15 - 00000000 ____D C:\rsit
2016-03-29 19:15 - 2016-03-29 19:15 - 00000000 ____D C:\Program Files\trend micro
2016-03-29 18:49 - 2016-03-29 20:22 - 00000000 ____D C:\Qoobox
2016-03-29 18:49 - 2016-03-29 19:08 - 00000000 ____D C:\Windows\erdnt
2016-03-29 18:49 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-03-29 18:49 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-03-29 18:49 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-03-29 18:49 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-03-29 18:49 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-03-29 18:49 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-03-29 18:49 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-03-29 18:49 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-03-29 18:48 - 2016-03-29 18:48 - 05658151 ____R (Swearware) C:\Users\Miroslav\Downloads\Uinstall.exe
2016-03-29 18:45 - 2016-03-29 18:45 - 01309184 _____ C:\Users\Miroslav\Downloads\zoek.exe
2016-03-29 18:45 - 2016-03-29 18:45 - 00000000 ____D C:\zoek_backup
2016-03-29 18:38 - 2016-03-29 19:26 - 00000000 ____D C:\ProgramData\BOINC
2016-03-29 18:37 - 2016-03-29 20:28 - 00000000 ____D C:\ProgramData\Ronzap
2016-03-29 18:37 - 2016-03-29 18:38 - 00000000 ____D C:\ProgramData\Ronzaps
2016-03-29 18:37 - 2016-03-29 18:37 - 06504960 _____ C:\Users\Miroslav\AppData\Roaming\agent.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 01626416 _____ C:\Users\Miroslav\AppData\Roaming\Flextom.tst
2016-03-29 18:37 - 2016-03-29 18:37 - 00126464 _____ C:\Users\Miroslav\AppData\Roaming\noah.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 00126464 _____ C:\Users\Miroslav\AppData\Roaming\lobby.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 00072699 _____ C:\Users\Miroslav\AppData\Roaming\Lamtom.tst
2016-03-29 18:37 - 2016-03-29 18:37 - 00065424 _____ C:\Users\Miroslav\AppData\Roaming\Config.xml
2016-03-29 18:37 - 2016-03-29 18:37 - 00054272 _____ C:\Users\Miroslav\AppData\Roaming\ApplicationHosting.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 00018432 _____ C:\Users\Miroslav\AppData\Roaming\Main.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 00005568 _____ C:\Users\Miroslav\AppData\Roaming\md.xml
2016-03-29 18:36 - 2016-03-29 18:36 - 00166534 _____ C:\Users\Miroslav\AppData\Roaming\inst.lat
2016-03-29 18:36 - 2016-03-29 18:36 - 00127488 _____ C:\Users\Miroslav\AppData\Roaming\Installer.dat
2016-03-29 18:36 - 2016-03-29 18:36 - 00016992 _____ C:\Users\Miroslav\AppData\Roaming\InstallationConfiguration.xml
2016-03-29 18:25 - 2016-03-29 18:39 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-29 18:25 - 2016-03-29 18:25 - 00000000 ____D C:\Windows\SysWOW64\tab
2016-03-29 18:25 - 2016-03-29 18:25 - 00000000 ____D C:\Windows\SysWOW64\hover
2016-03-29 18:21 - 2016-03-29 18:21 - 00005120 _____ C:\Users\Miroslav\AppData\Roaming\GiftBag.db
2016-03-29 18:18 - 2016-03-29 18:18 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-29 18:18 - 2016-03-29 18:18 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-29 18:17 - 2016-03-29 18:26 - 00000000 ____D C:\Users\Miroslav\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-03-29 18:17 - 2016-03-29 18:17 - 02803251 _____ C:\Windows\chromebrowser.exe
2016-03-29 18:17 - 2016-03-29 18:17 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-29 17:31 - 2016-03-29 18:16 - 00000000 ____D C:\Users\Miroslav\Downloads\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll)
2016-03-28 23:32 - 2016-03-29 09:57 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\Google
2016-03-28 23:24 - 2016-03-29 19:41 - 00000000 ____D C:\ProgramData\Google
2016-03-28 23:24 - 2016-03-28 23:24 - 00000000 ____D C:\Program Files\Google
2016-03-28 23:15 - 2016-03-28 23:22 - 450071920 _____ C:\Users\Miroslav\Downloads\nikcollection-full-1.2.11.exe
2016-03-28 23:12 - 2016-03-28 23:46 - 00000000 ____D C:\Users\Miroslav\Downloads\[ www.torrenting.com ] - Marvels.Daredevil.S02E05.WEBRip.x264-NF69
2016-03-28 12:37 - 2016-03-28 12:38 - 00360896 _____ C:\Users\Miroslav\Downloads\Major_Lazer_-_Be_Together_(feat._Wild_Belle)_(Vanic_Remix).mp3.sfk
2016-03-28 10:04 - 2016-03-28 10:25 - 388792825 _____ C:\Users\Miroslav\Downloads\ENTPACKEN!!!UNZIP!!!!.zip
2016-03-28 06:28 - 2016-03-28 06:29 - 55705599 _____ C:\Users\Miroslav\Downloads\JohnDeere7930_Final_BITTE_ENTPACKEN.zip
2016-03-27 23:21 - 2016-03-27 23:21 - 00021450 _____ C:\Users\Miroslav\Downloads\limitless-S01E19-hdtv-By-jeriska03-efvendy-lukascoolarik (1).zip
2016-03-27 22:58 - 2016-03-27 23:11 - 332715399 _____ C:\Users\Miroslav\Downloads\Asshole Fever - Veronica Morre - Veronicas Anal in Lacy Fishnets_540p.mp4
2016-03-27 22:57 - 2016-03-28 23:54 - 413627686 _____ C:\Users\Miroslav\Downloads\AssHole Fever - Amirah Adara - Scoring a Deuce.mp4
2016-03-27 22:57 - 2016-03-27 23:18 - 204761420 _____ C:\Users\Miroslav\Downloads\ahf_minnie_manga.mp4
2016-03-27 11:14 - 2016-03-27 11:15 - 00000000 ____D C:\Users\Miroslav\Downloads\Limitless.S01E19.HDTV.x264-LOL[ettv]
2016-03-27 11:13 - 2016-03-27 11:13 - 00021450 _____ C:\Users\Miroslav\Downloads\limitless-S01E19-hdtv-By-jeriska03-efvendy-lukascoolarik.zip
2016-03-26 21:48 - 2016-03-26 22:39 - 901975014 _____ C:\Users\Miroslav\Downloads\Fuck-you-pane-učiteli-2-CZ.avi
2016-03-25 20:37 - 2016-03-25 20:37 - 01409455 _____ C:\Users\Miroslav\Downloads\Grass-Textur.zip
2016-03-24 21:32 - 2016-03-24 21:32 - 00000000 ____D C:\Users\Miroslav\Documents\Adobe
2016-03-24 19:46 - 2016-03-24 19:58 - 00202240 _____ C:\Users\Miroslav\Downloads\Pendulum do videa.mp3.sfk
2016-03-24 14:08 - 2016-03-24 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2016-03-24 14:08 - 2016-03-24 14:08 - 00000000 ____D C:\Program Files (x86)\Windows Phone
2016-03-24 14:07 - 2016-03-24 14:07 - 00000000 ____D C:\ProgramData\Applications
2016-03-24 13:21 - 2016-03-28 12:33 - 00000000 ____D C:\Users\Miroslav\Desktop\Hudba
2016-03-24 09:44 - 2016-03-24 09:44 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\Apple Computer
2016-03-24 01:22 - 2016-03-24 01:22 - 00045695 _____ C:\Users\Miroslav\Downloads\Marvels.Daredevil.S02E04.WEBRip.x264-NF69.srt
2016-03-23 19:53 - 2016-03-23 20:08 - 00223344 _____ C:\Users\Miroslav\Downloads\Dustsucker (Royalty Free Music) [CC - BY].mp3.sfk
2016-03-23 19:52 - 2016-03-23 19:52 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-03-23 19:52 - 2016-03-23 19:52 - 00000000 ____D C:\Users\Miroslav\AppData\Local\Apple
2016-03-23 19:52 - 2016-03-23 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-03-23 19:52 - 2016-03-23 19:52 - 00000000 ____D C:\ProgramData\Apple Computer
2016-03-23 19:52 - 2016-03-23 19:52 - 00000000 ____D C:\ProgramData\Apple
2016-03-23 19:52 - 2016-03-23 19:52 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-03-23 19:52 - 2016-03-23 19:52 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-03-23 19:51 - 2016-03-23 19:51 - 00000000 ____D C:\Users\Miroslav\AppData\LocalLow\Apple Computer
2016-03-22 20:09 - 2016-03-22 20:10 - 16503296 _____ C:\Users\Miroslav\Desktop\Test Fabka.avi
2016-03-22 20:02 - 2016-03-22 20:06 - 2799419806 _____ C:\Users\Miroslav\Desktop\loseless.avi
2016-03-22 19:46 - 2016-03-22 19:49 - 00000000 ____D C:\Program Files (x86)\MBL
2016-03-22 19:46 - 2016-03-22 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
2016-03-22 19:46 - 2016-03-22 19:46 - 00000000 ____D C:\Program Files (x86)\LooksBuilder
2016-03-22 19:46 - 2004-03-29 16:23 - 00090112 _____ (MindVision Software) C:\Windows\unvise32.exe
2016-03-22 16:33 - 2016-03-22 16:33 - 00110616 _____ C:\Users\Miroslav\Downloads\daredevil-subtitles-cz-2.zip
2016-03-22 08:03 - 2016-03-22 08:03 - 00038781 _____ C:\Users\Miroslav\Downloads\Marvels.Daredevil.S02E03.WEBRip.x264-SKGTV.srt
2016-03-21 14:08 - 2016-03-21 14:08 - 29261108 _____ C:\Users\Miroslav\Downloads\Entpacken_Fliegl_Trailer_Set_2.rar
2016-03-20 13:09 - 2014-06-03 05:16 - 00000285 _____ C:\Users\Miroslav\Desktop\shadows_pixel.fx
2016-03-20 00:29 - 2016-03-20 00:29 - 00043437 _____ C:\Users\Miroslav\Downloads\Marvels.Daredevil.S02E01.WEBRip.x264-FLEET (1).srt
2016-03-19 23:39 - 2016-03-19 23:39 - 00043437 _____ C:\Users\Miroslav\Downloads\Marvels.Daredevil.S02E01.WEBRip.x264-FLEET.srt
2016-03-19 11:59 - 2016-03-19 11:59 - 00052075 _____ C:\Users\Miroslav\Downloads\Limitless-S01E17(0000268389).srt
2016-03-16 21:09 - 2016-03-16 21:09 - 00148453 _____ C:\Users\Miroslav\Downloads\Citizenfour(0000257743) (1).srt
2016-03-16 00:40 - 2016-03-21 15:10 - 00000000 ____D C:\Users\Miroslav\Documents\GTA San Andreas User Files
2016-03-16 00:40 - 2016-03-16 00:40 - 00000786 _____ C:\Users\Public\Desktop\MTA San Andreas 1.5.lnk
2016-03-16 00:40 - 2016-03-16 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.5
2016-03-16 00:39 - 2016-03-16 00:41 - 00000000 ____D C:\ProgramData\MTA San Andreas All
2016-03-16 00:31 - 2016-03-16 00:31 - 00000637 _____ C:\Users\Public\Desktop\GTA San Andreas.lnk
2016-03-16 00:31 - 2016-03-16 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-03-13 21:13 - 2016-03-24 19:58 - 00785872 _____ C:\Users\Miroslav\Downloads\Pendulum_-_The_Island.mp3.sfk
2016-03-13 21:13 - 2016-03-13 21:21 - 00401800 _____ C:\Users\Miroslav\Downloads\American Authors - Best Day Of My Life (Just A Gent Remix).mp3.sfk
2016-03-13 21:13 - 2016-03-13 21:21 - 00291560 _____ C:\Users\Miroslav\Downloads\Milky_Chance_-_Stolen_Dance_(Embody_Remix).mp3.sfk
2016-03-13 21:13 - 2016-03-13 21:21 - 00257392 _____ C:\Users\Miroslav\Downloads\Avenir_-_Louane_(Best_Remix_right_now)_-Djadler_Musics.mp3.sfk
2016-03-13 10:57 - 2016-03-13 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw
2016-03-13 10:57 - 2016-03-13 10:57 - 00000000 ____D C:\Program Files (x86)\x264vfw
2016-03-09 16:27 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 16:27 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 16:27 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 16:27 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 16:27 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 16:27 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 16:27 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 16:27 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 16:27 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 16:27 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 16:27 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 16:27 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 16:27 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 16:27 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 16:27 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 16:27 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 16:27 - 2016-02-09 08:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 16:27 - 2016-02-09 08:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 16:27 - 2016-02-08 23:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 16:27 - 2016-02-08 22:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 16:27 - 2016-02-08 22:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 16:27 - 2016-02-08 22:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 16:27 - 2016-02-08 22:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 16:27 - 2016-02-08 22:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 16:27 - 2016-02-08 22:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 16:27 - 2016-02-08 22:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 16:27 - 2016-02-08 22:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 16:27 - 2016-02-08 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 16:27 - 2016-02-08 22:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 16:27 - 2016-02-08 22:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 16:27 - 2016-02-08 22:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 16:27 - 2016-02-08 22:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 16:27 - 2016-02-08 22:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 16:27 - 2016-02-08 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 16:27 - 2016-02-08 22:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 16:27 - 2016-02-08 22:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 16:27 - 2016-02-08 22:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 16:27 - 2016-02-08 22:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 16:27 - 2016-02-08 22:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 16:27 - 2016-02-08 22:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 16:27 - 2016-02-08 22:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 16:27 - 2016-02-08 22:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 16:27 - 2016-02-08 22:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 16:27 - 2016-02-08 22:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 16:27 - 2016-02-08 22:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 16:27 - 2016-02-08 21:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 16:27 - 2016-02-08 21:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 16:27 - 2016-02-08 21:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 16:27 - 2016-02-08 20:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 16:27 - 2016-02-08 20:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 16:27 - 2016-02-08 20:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 16:27 - 2016-02-08 20:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 16:27 - 2016-02-08 20:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 16:27 - 2016-02-08 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 16:27 - 2016-02-08 20:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 16:27 - 2016-02-08 20:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 16:27 - 2016-02-08 20:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 16:27 - 2016-02-08 20:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 16:27 - 2016-02-08 20:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 16:27 - 2016-02-08 20:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 16:27 - 2016-02-08 20:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 16:27 - 2016-02-08 20:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 16:27 - 2016-02-08 20:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 16:27 - 2016-02-08 20:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 16:27 - 2016-02-08 19:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 16:27 - 2016-02-08 19:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 16:27 - 2016-02-08 19:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 16:27 - 2016-02-08 19:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 16:27 - 2016-02-08 19:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 16:27 - 2016-02-08 19:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 16:27 - 2016-02-08 19:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 16:27 - 2016-02-08 19:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 16:27 - 2016-02-08 19:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 16:27 - 2016-02-08 19:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 16:27 - 2016-02-08 19:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 16:27 - 2016-02-08 19:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 16:27 - 2016-02-08 19:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 16:27 - 2016-02-08 18:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 16:27 - 2016-02-04 19:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 16:27 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 16:27 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 16:27 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 16:27 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 16:27 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 16:27 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 16:27 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 16:26 - 2016-02-08 22:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 16:26 - 2016-02-08 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 16:26 - 2016-02-08 20:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 16:26 - 2016-02-08 19:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 16:24 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 16:24 - 2016-02-11 20:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 16:24 - 2016-02-11 20:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 16:24 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 16:24 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 16:24 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 16:24 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 16:24 - 2016-02-11 20:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 16:24 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 16:24 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 16:24 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 16:24 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 16:24 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 16:24 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 16:23 - 2016-02-19 21:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 16:23 - 2016-02-19 20:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 16:23 - 2016-02-19 16:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 16:23 - 2016-02-11 20:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 16:23 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 16:23 - 2016-02-11 20:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 16:23 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 16:23 - 2016-02-11 20:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 16:23 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 16:23 - 2016-02-11 20:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 16:23 - 2016-02-11 20:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 16:23 - 2016-02-11 20:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 16:23 - 2016-02-11 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 16:23 - 2016-02-11 20:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 16:23 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 16:23 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 16:23 - 2016-02-11 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 16:23 - 2016-02-11 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 16:23 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 16:23 - 2016-02-11 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 16:23 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 16:23 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 16:23 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 16:23 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 16:23 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 16:23 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 16:23 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 16:23 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 16:23 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 16:23 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 19:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 16:23 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 16:23 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 16:23 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 16:23 - 2016-02-11 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 16:23 - 2016-02-11 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 16:23 - 2016-02-11 19:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 16:23 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 16:23 - 2016-02-11 19:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 16:23 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 16:23 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 16:23 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 16:23 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 16:23 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 16:23 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 16:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 16:23 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 16:23 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 16:23 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 16:23 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 16:23 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 16:23 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 16:23 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 16:23 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 16:23 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 16:23 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 16:23 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 16:23 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 16:23 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 16:23 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 16:23 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 16:23 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 16:23 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 16:23 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 16:23 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 16:23 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 16:23 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 16:23 - 2016-02-05 16:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 16:23 - 2016-02-05 16:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 16:23 - 2016-02-05 16:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 16:23 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 16:23 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-03-08 18:17 - 2016-03-24 19:04 - 00000000 ____D C:\Users\Miroslav\Desktop\TechAgro vstupenky
2016-03-08 00:39 - 2008-04-07 18:38 - 64142841 _____ C:\Users\Miroslav\Desktop\Stop and Stare.wmv
2016-03-06 12:30 - 2016-03-06 12:30 - 00001030 _____ C:\Users\Public\Desktop\Fotolab Fotosvet.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-29 20:30 - 2015-07-08 09:33 - 00000000 ____D C:\FRST
2016-03-29 20:28 - 2016-01-08 00:05 - 00003034 _____ C:\Windows\System32\Tasks\MSIAfterburner
2016-03-29 20:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-29 20:27 - 2014-09-29 09:28 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-29 20:27 - 2009-07-14 06:45 - 05174288 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-29 20:24 - 2015-05-15 14:00 - 00000000 ____D C:\Users\Miroslav\AppData\Local\ElevatedDiagnostics
2016-03-29 20:13 - 2016-01-01 23:47 - 00000000 ____D C:\Users\Miroslav\AppData\Local\CrashDumps
2016-03-29 20:13 - 2009-07-14 06:45 - 00036560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-29 20:13 - 2009-07-14 06:45 - 00036560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-29 20:08 - 2015-07-15 09:02 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-29 20:08 - 2014-11-05 15:21 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-03-29 19:42 - 2014-09-29 11:55 - 00000000 ____D C:\Users\Miroslav\AppData\Local\Adobe
2016-03-29 19:41 - 2014-09-29 09:36 - 00064800 _____ C:\Users\Miroslav\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-29 19:40 - 2014-09-29 09:37 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-29 19:36 - 2015-01-29 11:11 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-03-29 19:35 - 2015-01-29 11:13 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-03-29 19:35 - 2014-09-29 11:57 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\Adobe
2016-03-29 19:33 - 2015-01-29 11:13 - 00001483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-03-29 19:33 - 2014-11-20 19:36 - 00000000 ____D C:\ProgramData\Adobe
2016-03-29 19:32 - 2011-03-04 11:41 - 02300940 _____ C:\Windows\system32\perfh015.dat
2016-03-29 19:32 - 2011-03-04 11:41 - 01653670 _____ C:\Windows\system32\perfc015.dat
2016-03-29 19:32 - 2011-03-04 11:18 - 05229382 _____ C:\Windows\system32\perfh005.dat
2016-03-29 19:32 - 2011-03-04 11:18 - 01682884 _____ C:\Windows\system32\perfc005.dat
2016-03-29 19:32 - 2009-07-14 07:13 - 00006266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-29 19:28 - 2014-12-03 10:54 - 00000000 ____D C:\Windows\system32\appmgmt
2016-03-29 19:01 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-03-29 18:40 - 2014-11-12 18:08 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-03-29 18:39 - 2015-07-09 18:26 - 00001199 _____ C:\Users\Miroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-29 18:39 - 2015-07-09 18:26 - 00001191 _____ C:\Users\Miroslav\Desktop\Google Chrome.lnk
2016-03-29 18:39 - 2014-09-26 16:42 - 00000975 _____ C:\Users\Miroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-29 18:38 - 2014-09-29 09:14 - 00000000 ____D C:\Windows\Downloaded Installations
2016-03-29 18:20 - 2014-09-26 16:42 - 00000000 ____D C:\Users\Miroslav\AppData\Local\VirtualStore
2016-03-29 18:16 - 2014-11-09 12:23 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\uTorrent
2016-03-29 07:42 - 2015-09-17 23:24 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1610609173-1946185470-3874883686-1000Core.job
2016-03-28 23:25 - 2014-09-29 09:37 - 00000000 ____D C:\Users\Miroslav\AppData\Local\Google
2016-03-28 23:23 - 2015-12-25 20:04 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-24 21:32 - 2015-07-09 17:49 - 349534735 _____ C:\Users\Miroslav\Desktop\Dovolená 2015.wmv
2016-03-24 20:35 - 2016-02-09 08:28 - 00000000 ____D C:\Users\Miroslav\Desktop\FARMWEB
2016-03-24 19:09 - 2016-01-28 19:33 - 00000000 ____D C:\Users\Miroslav\Desktop\Test video
2016-03-24 18:02 - 2014-09-29 11:56 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-24 18:02 - 2014-09-29 11:56 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-24 18:02 - 2014-09-29 11:56 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-24 13:23 - 2014-12-03 10:50 - 00000000 ____D C:\Users\Miroslav\Desktop\Playlist
2016-03-24 02:34 - 2015-04-05 20:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 02:34 - 2015-04-05 20:42 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-23 22:34 - 2014-09-29 09:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-21 14:21 - 2015-04-07 19:22 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-03-16 00:40 - 2015-02-12 22:41 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-03-16 00:31 - 2014-09-29 09:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-15 07:41 - 2009-07-14 07:08 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-13 21:13 - 2015-01-28 12:47 - 00010256 _____ C:\Users\Miroslav\Documents\unajz.veg
2016-03-13 18:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-03-13 10:57 - 2015-01-28 12:47 - 00015208 _____ C:\Users\Miroslav\Documents\unajz.veg.bak
2016-03-12 12:09 - 2016-02-21 18:12 - 00013712 _____ C:\Users\Miroslav\Documents\Techagro 2016.veg
2016-03-11 12:00 - 2014-11-06 20:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-09 16:38 - 2014-11-05 16:44 - 00000000 ____D C:\Windows\system32\MRT
2016-03-09 16:35 - 2014-12-11 10:15 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-09 16:35 - 2014-11-05 16:44 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-06 14:14 - 2015-01-16 20:50 - 00000000 ____D C:\ProgramData\tmp

==================== Files in the root of some directories =======

2016-03-29 18:37 - 2016-03-29 18:37 - 6504960 _____ () C:\Users\Miroslav\AppData\Roaming\agent.dat
2015-06-18 13:36 - 2015-07-07 23:06 - 0000024 _____ () C:\Users\Miroslav\AppData\Roaming\appdataFr25.bin
2016-03-29 18:37 - 2016-03-29 18:37 - 0054272 _____ () C:\Users\Miroslav\AppData\Roaming\ApplicationHosting.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 0065424 _____ () C:\Users\Miroslav\AppData\Roaming\Config.xml
2016-03-29 18:37 - 2016-03-29 18:37 - 1626416 _____ () C:\Users\Miroslav\AppData\Roaming\Flextom.tst
2016-03-29 18:21 - 2016-03-29 18:21 - 0005120 _____ () C:\Users\Miroslav\AppData\Roaming\GiftBag.db
2016-03-29 18:36 - 2016-03-29 18:36 - 0166534 _____ () C:\Users\Miroslav\AppData\Roaming\inst.lat
2016-03-29 18:36 - 2016-03-29 18:36 - 0016992 _____ () C:\Users\Miroslav\AppData\Roaming\InstallationConfiguration.xml
2016-03-29 18:36 - 2016-03-29 18:36 - 0127488 _____ () C:\Users\Miroslav\AppData\Roaming\Installer.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 0072699 _____ () C:\Users\Miroslav\AppData\Roaming\Lamtom.tst
2016-03-29 18:37 - 2016-03-29 18:37 - 0126464 _____ () C:\Users\Miroslav\AppData\Roaming\lobby.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 0018432 _____ () C:\Users\Miroslav\AppData\Roaming\Main.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 0005568 _____ () C:\Users\Miroslav\AppData\Roaming\md.xml
2016-03-29 18:37 - 2016-03-29 18:37 - 0126464 _____ () C:\Users\Miroslav\AppData\Roaming\noah.dat
2015-02-12 22:49 - 2015-02-12 22:49 - 0000044 _____ () C:\Users\Miroslav\AppData\Roaming\twow_sysprepdt.dat
2015-11-22 21:25 - 2015-11-22 21:25 - 0032038 _____ () C:\Users\Miroslav\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2014-09-29 09:18 - 2014-09-29 09:18 - 0000003 _____ () C:\Users\Miroslav\AppData\Local\user_data.ini
2014-11-04 16:22 - 2014-11-04 16:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Miroslav\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Miroslav\AppData\Local\Temp\sfareca00001.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1610609173-1946185470-3874883686-1000Core.job => C:\Users\Miroslav\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Miroslav\Desktop" je 21416 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Prosím o kontrolu logu - nechtěné instalace

Napsal: 29 bře 2016 20:22
od Rudy
1. Spusťte tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
2. Z logu:
Velikost slozky "C:\Users\Miroslav\Desktop" je 21416 MB.
To je příliš mnoho a může to zpomalovat start systému. Vytvořte v C:\Users\Miroslav novou složku a přesuňte do ní všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

Re: Prosím o kontrolu logu - nechtěné instalace

Napsal: 30 bře 2016 05:53
od Mion
ADW cleaner log:

# AdwCleaner v5.107 - Log soubor vytvořen 30/03/2016 o 06:50:12
# Aktualizováno 28/03/2016 by Xplode
# Databáze : 2016-03-30.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (x64)
# Jméno uživatele : Miroslav - MIROSLAV-PC
# Spuštěno z : C:\Users\Miroslav\Downloads\adwcleaner_5.107.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****

[-] Soubor Smazáno : C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\searchplugins\dd1b66d4.xml

***** [ DLLs ] *****


***** [ Zástupci ] *****


***** [ Naplánované úkoly ] *****


***** [ Registr ] *****

[-] Klávesa Smazáno : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klávesa Smazáno : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Klávesa Smazáno : HKLM\SOFTWARE\Classes\dream.capture
[-] Klávesa Smazáno : HKLM\SOFTWARE\Classes\dream.capture.1
[-] Klávesa Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1a995f25-7eb8-42c0-b6a9-02f653698ce2}
[-] Klávesa Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c861bb60-dfcc-4b08-aecd-f8622442368c}
[-] Klávesa Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Klávesa Smazáno : HKU\S-1-5-21-1610609173-1946185470-3874883686-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Internet Speed Checker
[-] Data Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

***** [ Webové prohlížeče ] *****

[-] [C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : feed.sonic-search.com
[-] [C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : yessearches
[-] [C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : yessearches.com
[-] [C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : mystartsearch.com
[-] [C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : speedbit.com
[-] [C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : mystartsearch
[-] [C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : mysearch.avg.com
[-] [C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : dscaler.en.softonic.com
[-] [C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Smazáno : feed.sonic-search.com_
[-] [C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Smazáno : hxxp://www.mystartsearch.com/?type=hp&ts=14158 ... XXZ1DD4FSL
[-] [C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Smazáno : hxxp://www.yessearches.com/?mode=nnnb&ptid=wak ... CH8qC38qBE..
[-] [C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Smazáno : hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2VjJdT4c5SDM8LfNPF766h8uygA21Rem5_H-K4iV28jUAPxKkL-xkuEKmefVZKrVWRkqhqJHajANi0B_XuyZ3_pwFz2OOITqPlkx50uriDqJrPXHGbr74xRo4SY32JdYnpQLrkqPG21S0J2R4Z6QSUakfrS

*************************

:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [3843 bytes] - [30/03/2016 06:50:12]
C:\AdwCleaner\AdwCleaner[R0].txt - [17286 bytes] - [12/11/2014 19:33:16]
C:\AdwCleaner\AdwCleaner[R10].txt - [5995 bytes] - [09/07/2015 13:59:34]
C:\AdwCleaner\AdwCleaner[R1].txt - [2069 bytes] - [12/11/2014 19:45:29]
C:\AdwCleaner\AdwCleaner[R2].txt - [1757 bytes] - [16/11/2014 15:46:31]
C:\AdwCleaner\AdwCleaner[R3].txt - [3589 bytes] - [17/12/2014 14:30:34]
C:\AdwCleaner\AdwCleaner[R4].txt - [3586 bytes] - [20/04/2015 11:48:48]
C:\AdwCleaner\AdwCleaner[R5].txt - [3644 bytes] - [20/04/2015 11:50:22]
C:\AdwCleaner\AdwCleaner[R6].txt - [3138 bytes] - [15/05/2015 13:37:37]
C:\AdwCleaner\AdwCleaner[R7].txt - [9985 bytes] - [18/06/2015 13:55:05]
C:\AdwCleaner\AdwCleaner[R8].txt - [3400 bytes] - [26/06/2015 19:11:41]
C:\AdwCleaner\AdwCleaner[R9].txt - [5935 bytes] - [09/07/2015 08:28:07]
C:\AdwCleaner\AdwCleaner[S0].txt - [15553 bytes] - [12/11/2014 19:36:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [7363 bytes] - [12/11/2014 19:46:26]
C:\AdwCleaner\AdwCleaner[S2].txt - [1689 bytes] - [16/11/2014 15:49:34]
C:\AdwCleaner\AdwCleaner[S3].txt - [3686 bytes] - [17/12/2014 14:31:32]
C:\AdwCleaner\AdwCleaner[S4].txt - [3688 bytes] - [20/04/2015 11:50:58]
C:\AdwCleaner\AdwCleaner[S5].txt - [3190 bytes] - [15/05/2015 13:39:16]
C:\AdwCleaner\AdwCleaner[S6].txt - [5576 bytes] - [18/06/2015 13:55:40]
C:\AdwCleaner\AdwCleaner[S7].txt - [3447 bytes] - [26/06/2015 19:12:29]
C:\AdwCleaner\AdwCleaner[S8].txt - [6021 bytes] - [09/07/2015 14:02:02]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5379 bytes] ##########


Za tip s plochou děkuji, určitě to uklidím :)

Re: Prosím o kontrolu logu - nechtěné instalace

Napsal: 30 bře 2016 17:02
od Rudy
Dejte nový log FRST.

Re: Prosím o kontrolu logu - nechtěné instalace

Napsal: 31 bře 2016 16:32
od Mion
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Miroslav (administrator) on MIROSLAV-PC (31-03-2016 17:29:57)
Running from C:\Users\Miroslav\Desktop
Loaded Profiles: Miroslav (Available Profiles: Miroslav)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Windows\DAODx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\ProgramData\Ronzap\Ronzap.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Miroslav\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7200984 2013-10-04] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1085656 2015-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [ QQPCTray] => "C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\QQPCTray.exe" /regrun
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-1610609173-1946185470-3874883686-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1610609173-1946185470-3874883686-1000\...\Run: [AdobeBridge] => [X]
AppInit_DLLs: C:\ProgramData\Ronzap\Rankex.dll => C:\ProgramData\Ronzap\Rankex.dll [363520 2016-03-29] ()
AppInit_DLLs-x32: C:\ProgramData\Ronzap\Xxx-find.dll => C:\ProgramData\Ronzap\Xxx-find.dll [257536 2016-03-29] ()
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{22A83F5D-89A7-4424-8E9D-7C4188E282D9}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{34F7103D-2C11-4FAA-BD34-9E150A07D54D}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1610609173-1946185470-3874883686-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130900044436600023&GUID=F7389CC1-0968-4DEC-9BC8-B7E1DC0240E0
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1610609173-1946185470-3874883686-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {2FD913F6-1D65-4972-AC6C-69F7D2BBFA13} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {4C162509-EABC-463D-B383-678452377450} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {67D28C64-38CA-4B26-A464-21DEE6D6A304} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {9236224F-9CED-490E-AB70-62FFFF49846B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {C4C881B9-7E38-4D78-8353-054AACA4A03E} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {DC2FC6EA-40FD-4A15-AEC2-7D86FA971D3F} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {DC45EB59-5AFF-428A-B188-C3B764401882} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {DE252F16-4D9A-4008-B001-3895ACDCC888} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_16194
SearchScopes: HKU\S-1-5-21-1610609173-1946185470-3874883686-1000 -> {FD73DCA4-747F-4F78-9352-CE13E883B0AB} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_16194

FireFox:
========
FF ProfilePath: C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Homepage: C:\ProgramData\Ronzaps\ff.HP
FF NewTab: C:\ProgramData\Ronzaps\ff.NT
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-02] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-12-16] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-02-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1610609173-1946185470-3874883686-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Miroslav\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-1610609173-1946185470-3874883686-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Miroslav\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Extension: No Name - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [not found]
FF Extension: No Name - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\sepherdwilbur@aol.com [not found]
FF Extension: No Name - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\jid1-CxAfu9DDH0Q8gQ@jetpack [not found]
FF Extension: GsearchFinder - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi [2016-03-24]

Chrome:
=======
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2VjJdT4c5SDM8LfNPF766h8uygA21Rem5_H-K4iV28jUAPxKkL-xkuEKmefVZKrVWRkqhqJHajANi0B_XuyZ3_pwFz2OOITqPlkx50uriDqJrPXHGbr74xRo4SY32JdYnpQLrkqPG21S0J2R4Z6QSUakfrS
CHR StartupUrls: Default -> "hxxp://www.google.cz/","hxxp://www.mystartsear ... CH8qC38qBE.."
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2VjJdT4c5SDM8LfNPF766h8uygA21Rem5_H-K4iV28jUAPxKkL-xkuEKmefVZKrVWRoRrfI9RhWNPDR_YrIH50CpKp0dfCNXSzuciyWqBzxgmjqjetAMYhzU03637MvjiwUMs3-Oycr4sMgOtRnLPGNOIcI&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command={searchTerms}
CHR Profile: C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-09]
CHR Extension: (Dokumenty Google) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-09]
CHR Extension: (Disk Google) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-08]
CHR Extension: (Vyhledávání Google) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Tabulky Google) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-03-18]
CHR Extension: (Chromium Wheel Smooth Scroller) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb [2016-01-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-05]
CHR Extension: (Gmail) - C:\Users\Miroslav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-09]
StartMenuInternet: Google Chrome.5X2A3Y3GEIUSIKNCBIPNMMJBGQ - C:\Users\Miroslav\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-01-01] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156216 2015-12-16] (NVIDIA Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-12-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8185464 2015-12-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [6477432 2015-12-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-07] (Electronic Arts)
R2 Ronzap; C:\ProgramData\\Ronzap\\Ronzap.exe [1069568 2016-03-29] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-29] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-12-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-12-16] (NVIDIA Corporation)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S2 tsnethlpx64; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.4.17347.218\TsNetHlpX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-31 17:29 - 2016-03-31 17:30 - 00018164 _____ C:\Users\Miroslav\Desktop\FRST.txt
2016-03-31 17:27 - 2016-03-29 20:29 - 02374144 _____ (Farbar) C:\Users\Miroslav\Desktop\FRST64.exe
2016-03-31 17:27 - 2016-03-29 20:20 - 00112640 _____ (forum.viry.cz) C:\Users\Miroslav\Desktop\FRSTLauncher.exe
2016-03-31 14:33 - 2016-03-31 14:33 - 00000038 _____ C:\Users\Miroslav\Desktop\Techagro 2016.avi.sfl
2016-03-31 13:15 - 2016-03-31 13:15 - 00000000 ____D C:\Users\Miroslav\Downloads\FuckOrFired.E06.Jenny.XXX.1080p.MP4-KTR
2016-03-31 07:09 - 2016-03-31 07:09 - 00000000 ____D C:\Users\Miroslav\Downloads\FuckOrFired.E22.Julia.XXX.1080p.MP4-KTR
2016-03-31 07:09 - 2016-03-31 07:09 - 00000000 ____D C:\Users\Miroslav\Downloads\FuckOrFired.E03.Victoria.XXX.1080p.MP4-KTR
2016-03-30 19:09 - 2016-03-31 14:33 - 10480640 _____ C:\Users\Miroslav\Desktop\Techagro 2016.avi
2016-03-30 19:04 - 2016-03-31 14:31 - 827377816 _____ C:\Users\Miroslav\Documents\Mion LOGO.avi
2016-03-30 18:56 - 2016-03-30 18:56 - 00000000 ____D C:\Users\Miroslav\Documents\Particles
2016-03-30 18:50 - 2016-03-30 18:55 - 160081834 _____ C:\Users\Miroslav\Downloads\Particles_HD.zip
2016-03-30 18:23 - 2016-03-30 18:23 - 00032911 _____ C:\Users\Miroslav\Downloads\bignoodle_titling.zip
2016-03-30 18:20 - 2016-03-31 14:20 - 00000132 _____ C:\Users\Miroslav\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2016-03-30 18:17 - 2016-03-30 18:17 - 00053034 _____ C:\Users\Miroslav\Downloads\batman_forever.zip
2016-03-30 17:59 - 2016-03-30 18:40 - 722535882 _____ C:\Users\Miroslav\Downloads\Batman-Bad-Blood.2016.720p.BRRip.x264.AAC+CZ-tit.v-obraze-Super-Doga-Animovaný.avi
2016-03-30 07:17 - 2016-03-30 07:17 - 00000643 _____ C:\Users\Miroslav\Desktop\Plocha – zástupce.lnk
2016-03-30 06:56 - 2016-03-30 06:56 - 00036903 _____ C:\Users\Miroslav\Downloads\Gotham.S02E16.720p.HDTV.X264-DIMENSION (+LOL+FUM).srt
2016-03-30 06:48 - 2016-03-30 06:48 - 03102208 _____ C:\Users\Miroslav\Downloads\adwcleaner_5.107.exe
2016-03-29 20:22 - 2016-03-29 20:22 - 00000000 ___SD C:\Uinstall
2016-03-29 20:13 - 2016-03-29 20:13 - 00001389 _____ C:\Users\Miroslav\Desktop\Photoshop – zástupce (2).lnk
2016-03-29 20:10 - 2016-03-29 20:10 - 00003596 _____ C:\Windows\System32\Tasks\{76F719DE-E0AF-4275-B4D0-CE4F197A4567}
2016-03-29 19:43 - 2016-03-29 19:43 - 00003514 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Miroslav-PC-Miroslav
2016-03-29 19:40 - 2016-03-31 17:24 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-29 19:40 - 2016-03-31 14:51 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-29 19:40 - 2016-03-29 19:46 - 00003948 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-29 19:40 - 2016-03-29 19:46 - 00003696 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-29 19:36 - 2016-03-29 19:36 - 00000898 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2016-03-29 19:36 - 2016-03-29 19:36 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-03-29 19:35 - 2016-03-29 19:35 - 00000853 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2016-03-29 19:34 - 2016-03-29 19:34 - 00000827 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2016-03-29 19:33 - 2016-03-29 19:33 - 00000947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-03-29 19:15 - 2016-03-29 19:15 - 01222144 _____ C:\Users\Miroslav\Downloads\RSITx64.exe
2016-03-29 19:15 - 2016-03-29 19:15 - 00000000 ____D C:\rsit
2016-03-29 19:15 - 2016-03-29 19:15 - 00000000 ____D C:\Program Files\trend micro
2016-03-29 18:49 - 2016-03-29 20:22 - 00000000 ____D C:\Qoobox
2016-03-29 18:49 - 2016-03-29 19:08 - 00000000 ____D C:\Windows\erdnt
2016-03-29 18:49 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2016-03-29 18:49 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2016-03-29 18:49 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-03-29 18:49 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-03-29 18:49 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-03-29 18:49 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2016-03-29 18:49 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2016-03-29 18:49 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2016-03-29 18:48 - 2016-03-29 18:48 - 05658151 ____R (Swearware) C:\Users\Miroslav\Downloads\Uinstall.exe
2016-03-29 18:45 - 2016-03-29 18:45 - 01309184 _____ C:\Users\Miroslav\Downloads\zoek.exe
2016-03-29 18:45 - 2016-03-29 18:45 - 00000000 ____D C:\zoek_backup
2016-03-29 18:38 - 2016-03-29 19:26 - 00000000 ____D C:\ProgramData\BOINC
2016-03-29 18:37 - 2016-03-31 17:25 - 00000000 ____D C:\ProgramData\Ronzap
2016-03-29 18:37 - 2016-03-29 18:38 - 00000000 ____D C:\ProgramData\Ronzaps
2016-03-29 18:37 - 2016-03-29 18:37 - 06504960 _____ C:\Users\Miroslav\AppData\Roaming\agent.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 01626416 _____ C:\Users\Miroslav\AppData\Roaming\Flextom.tst
2016-03-29 18:37 - 2016-03-29 18:37 - 00126464 _____ C:\Users\Miroslav\AppData\Roaming\noah.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 00126464 _____ C:\Users\Miroslav\AppData\Roaming\lobby.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 00072699 _____ C:\Users\Miroslav\AppData\Roaming\Lamtom.tst
2016-03-29 18:37 - 2016-03-29 18:37 - 00065424 _____ C:\Users\Miroslav\AppData\Roaming\Config.xml
2016-03-29 18:37 - 2016-03-29 18:37 - 00054272 _____ C:\Users\Miroslav\AppData\Roaming\ApplicationHosting.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 00018432 _____ C:\Users\Miroslav\AppData\Roaming\Main.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 00005568 _____ C:\Users\Miroslav\AppData\Roaming\md.xml
2016-03-29 18:36 - 2016-03-29 18:36 - 00166534 _____ C:\Users\Miroslav\AppData\Roaming\inst.lat
2016-03-29 18:36 - 2016-03-29 18:36 - 00127488 _____ C:\Users\Miroslav\AppData\Roaming\Installer.dat
2016-03-29 18:36 - 2016-03-29 18:36 - 00016992 _____ C:\Users\Miroslav\AppData\Roaming\InstallationConfiguration.xml
2016-03-29 18:25 - 2016-03-29 18:39 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-29 18:25 - 2016-03-29 18:25 - 00000000 ____D C:\Windows\SysWOW64\tab
2016-03-29 18:25 - 2016-03-29 18:25 - 00000000 ____D C:\Windows\SysWOW64\hover
2016-03-29 18:21 - 2016-03-29 18:21 - 00005120 _____ C:\Users\Miroslav\AppData\Roaming\GiftBag.db
2016-03-29 18:18 - 2016-03-29 18:18 - 00000000 ____D C:\Users\Public\Thunder Network
2016-03-29 18:18 - 2016-03-29 18:18 - 00000000 ____D C:\ProgramData\Thunder Network
2016-03-29 18:17 - 2016-03-29 18:26 - 00000000 ____D C:\Users\Miroslav\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-03-29 18:17 - 2016-03-29 18:17 - 02803251 _____ C:\Windows\chromebrowser.exe
2016-03-29 18:17 - 2016-03-29 18:17 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-29 17:31 - 2016-03-29 18:16 - 00000000 ____D C:\Users\Miroslav\Downloads\Adobe Photoshop CS6 13.0.1 Final Multilanguage (cracked dll)
2016-03-28 23:32 - 2016-03-29 09:57 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\Google
2016-03-28 23:24 - 2016-03-29 19:41 - 00000000 ____D C:\ProgramData\Google
2016-03-28 23:24 - 2016-03-28 23:24 - 00000000 ____D C:\Program Files\Google
2016-03-28 23:15 - 2016-03-28 23:22 - 450071920 _____ C:\Users\Miroslav\Downloads\nikcollection-full-1.2.11.exe
2016-03-28 23:12 - 2016-03-28 23:46 - 00000000 ____D C:\Users\Miroslav\Downloads\[ www.torrenting.com ] - Marvels.Daredevil.S02E05.WEBRip.x264-NF69
2016-03-28 12:37 - 2016-03-28 12:38 - 00360896 _____ C:\Users\Miroslav\Downloads\Major_Lazer_-_Be_Together_(feat._Wild_Belle)_(Vanic_Remix).mp3.sfk
2016-03-28 10:04 - 2016-03-28 10:25 - 388792825 _____ C:\Users\Miroslav\Downloads\ENTPACKEN!!!UNZIP!!!!.zip
2016-03-28 06:28 - 2016-03-28 06:29 - 55705599 _____ C:\Users\Miroslav\Downloads\JohnDeere7930_Final_BITTE_ENTPACKEN.zip
2016-03-27 23:21 - 2016-03-27 23:21 - 00021450 _____ C:\Users\Miroslav\Downloads\limitless-S01E19-hdtv-By-jeriska03-efvendy-lukascoolarik (1).zip
2016-03-27 22:58 - 2016-03-27 23:11 - 332715399 _____ C:\Users\Miroslav\Downloads\Asshole Fever - Veronica Morre - Veronicas Anal in Lacy Fishnets_540p.mp4
2016-03-27 22:57 - 2016-03-28 23:54 - 413627686 _____ C:\Users\Miroslav\Downloads\AssHole Fever - Amirah Adara - Scoring a Deuce.mp4
2016-03-27 22:57 - 2016-03-27 23:18 - 204761420 _____ C:\Users\Miroslav\Downloads\ahf_minnie_manga.mp4
2016-03-27 11:14 - 2016-03-27 11:15 - 00000000 ____D C:\Users\Miroslav\Downloads\Limitless.S01E19.HDTV.x264-LOL[ettv]
2016-03-27 11:13 - 2016-03-27 11:13 - 00021450 _____ C:\Users\Miroslav\Downloads\limitless-S01E19-hdtv-By-jeriska03-efvendy-lukascoolarik.zip
2016-03-26 21:48 - 2016-03-26 22:39 - 901975014 _____ C:\Users\Miroslav\Downloads\Fuck-you-pane-učiteli-2-CZ.avi
2016-03-25 20:37 - 2016-03-25 20:37 - 01409455 _____ C:\Users\Miroslav\Downloads\Grass-Textur.zip
2016-03-24 21:32 - 2016-03-24 21:32 - 00000000 ____D C:\Users\Miroslav\Documents\Adobe
2016-03-24 19:46 - 2016-03-24 19:58 - 00202240 _____ C:\Users\Miroslav\Downloads\Pendulum do videa.mp3.sfk
2016-03-24 14:08 - 2016-03-24 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone
2016-03-24 14:08 - 2016-03-24 14:08 - 00000000 ____D C:\Program Files (x86)\Windows Phone
2016-03-24 14:07 - 2016-03-24 14:07 - 00000000 ____D C:\ProgramData\Applications
2016-03-24 09:44 - 2016-03-24 09:44 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\Apple Computer
2016-03-24 01:22 - 2016-03-24 01:22 - 00045695 _____ C:\Users\Miroslav\Downloads\Marvels.Daredevil.S02E04.WEBRip.x264-NF69.srt
2016-03-23 19:53 - 2016-03-23 20:08 - 00223344 _____ C:\Users\Miroslav\Downloads\Dustsucker (Royalty Free Music) [CC - BY].mp3.sfk
2016-03-23 19:52 - 2016-03-23 19:52 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-03-23 19:52 - 2016-03-23 19:52 - 00000000 ____D C:\Users\Miroslav\AppData\Local\Apple
2016-03-23 19:52 - 2016-03-23 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-03-23 19:52 - 2016-03-23 19:52 - 00000000 ____D C:\ProgramData\Apple Computer
2016-03-23 19:52 - 2016-03-23 19:52 - 00000000 ____D C:\ProgramData\Apple
2016-03-23 19:52 - 2016-03-23 19:52 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-03-23 19:52 - 2016-03-23 19:52 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-03-23 19:51 - 2016-03-23 19:51 - 00000000 ____D C:\Users\Miroslav\AppData\LocalLow\Apple Computer
2016-03-22 19:46 - 2016-03-22 19:49 - 00000000 ____D C:\Program Files (x86)\MBL
2016-03-22 19:46 - 2016-03-22 19:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Magic Bullet Looks
2016-03-22 19:46 - 2016-03-22 19:46 - 00000000 ____D C:\Program Files (x86)\LooksBuilder
2016-03-22 19:46 - 2004-03-29 16:23 - 00090112 _____ (MindVision Software) C:\Windows\unvise32.exe
2016-03-22 16:33 - 2016-03-22 16:33 - 00110616 _____ C:\Users\Miroslav\Downloads\daredevil-subtitles-cz-2.zip
2016-03-22 08:03 - 2016-03-22 08:03 - 00038781 _____ C:\Users\Miroslav\Downloads\Marvels.Daredevil.S02E03.WEBRip.x264-SKGTV.srt
2016-03-21 14:08 - 2016-03-21 14:08 - 29261108 _____ C:\Users\Miroslav\Downloads\Entpacken_Fliegl_Trailer_Set_2.rar
2016-03-20 00:29 - 2016-03-20 00:29 - 00043437 _____ C:\Users\Miroslav\Downloads\Marvels.Daredevil.S02E01.WEBRip.x264-FLEET (1).srt
2016-03-19 23:39 - 2016-03-19 23:39 - 00043437 _____ C:\Users\Miroslav\Downloads\Marvels.Daredevil.S02E01.WEBRip.x264-FLEET.srt
2016-03-19 11:59 - 2016-03-19 11:59 - 00052075 _____ C:\Users\Miroslav\Downloads\Limitless-S01E17(0000268389).srt
2016-03-16 21:09 - 2016-03-16 21:09 - 00148453 _____ C:\Users\Miroslav\Downloads\Citizenfour(0000257743) (1).srt
2016-03-16 00:40 - 2016-03-21 15:10 - 00000000 ____D C:\Users\Miroslav\Documents\GTA San Andreas User Files
2016-03-16 00:40 - 2016-03-16 00:40 - 00000786 _____ C:\Users\Public\Desktop\MTA San Andreas 1.5.lnk
2016-03-16 00:40 - 2016-03-16 00:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.5
2016-03-16 00:39 - 2016-03-16 00:41 - 00000000 ____D C:\ProgramData\MTA San Andreas All
2016-03-16 00:31 - 2016-03-16 00:31 - 00000637 _____ C:\Users\Public\Desktop\GTA San Andreas.lnk
2016-03-16 00:31 - 2016-03-16 00:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-03-13 21:13 - 2016-03-24 19:58 - 00785872 _____ C:\Users\Miroslav\Downloads\Pendulum_-_The_Island.mp3.sfk
2016-03-13 21:13 - 2016-03-13 21:21 - 00401800 _____ C:\Users\Miroslav\Downloads\American Authors - Best Day Of My Life (Just A Gent Remix).mp3.sfk
2016-03-13 21:13 - 2016-03-13 21:21 - 00291560 _____ C:\Users\Miroslav\Downloads\Milky_Chance_-_Stolen_Dance_(Embody_Remix).mp3.sfk
2016-03-13 21:13 - 2016-03-13 21:21 - 00257392 _____ C:\Users\Miroslav\Downloads\Avenir_-_Louane_(Best_Remix_right_now)_-Djadler_Musics.mp3.sfk
2016-03-13 10:57 - 2016-03-13 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\x264vfw
2016-03-13 10:57 - 2016-03-13 10:57 - 00000000 ____D C:\Program Files (x86)\x264vfw
2016-03-09 16:27 - 2016-02-12 20:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 16:27 - 2016-02-12 20:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 16:27 - 2016-02-12 20:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 16:27 - 2016-02-12 20:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 16:27 - 2016-02-12 20:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 16:27 - 2016-02-12 20:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 16:27 - 2016-02-12 20:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 16:27 - 2016-02-12 20:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 16:27 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 16:27 - 2016-02-12 20:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 16:27 - 2016-02-12 20:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 16:27 - 2016-02-12 20:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 16:27 - 2016-02-12 20:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 16:27 - 2016-02-12 20:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 16:27 - 2016-02-12 20:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 16:27 - 2016-02-12 20:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 16:27 - 2016-02-09 08:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 16:27 - 2016-02-09 08:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 16:27 - 2016-02-08 23:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 16:27 - 2016-02-08 22:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 16:27 - 2016-02-08 22:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 16:27 - 2016-02-08 22:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 16:27 - 2016-02-08 22:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 16:27 - 2016-02-08 22:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 16:27 - 2016-02-08 22:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 16:27 - 2016-02-08 22:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 16:27 - 2016-02-08 22:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 16:27 - 2016-02-08 22:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 16:27 - 2016-02-08 22:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 16:27 - 2016-02-08 22:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 16:27 - 2016-02-08 22:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 16:27 - 2016-02-08 22:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 16:27 - 2016-02-08 22:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 16:27 - 2016-02-08 22:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 16:27 - 2016-02-08 22:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 16:27 - 2016-02-08 22:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 16:27 - 2016-02-08 22:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 16:27 - 2016-02-08 22:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 16:27 - 2016-02-08 22:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 16:27 - 2016-02-08 22:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 16:27 - 2016-02-08 22:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 16:27 - 2016-02-08 22:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 16:27 - 2016-02-08 22:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 16:27 - 2016-02-08 22:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 16:27 - 2016-02-08 22:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 16:27 - 2016-02-08 21:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 16:27 - 2016-02-08 21:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 16:27 - 2016-02-08 21:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 16:27 - 2016-02-08 20:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 16:27 - 2016-02-08 20:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 16:27 - 2016-02-08 20:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 16:27 - 2016-02-08 20:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 16:27 - 2016-02-08 20:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 16:27 - 2016-02-08 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 16:27 - 2016-02-08 20:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 16:27 - 2016-02-08 20:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 16:27 - 2016-02-08 20:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 16:27 - 2016-02-08 20:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 16:27 - 2016-02-08 20:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 16:27 - 2016-02-08 20:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 16:27 - 2016-02-08 20:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 16:27 - 2016-02-08 20:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 16:27 - 2016-02-08 20:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 16:27 - 2016-02-08 20:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 16:27 - 2016-02-08 19:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 16:27 - 2016-02-08 19:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 16:27 - 2016-02-08 19:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 16:27 - 2016-02-08 19:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 16:27 - 2016-02-08 19:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 16:27 - 2016-02-08 19:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 16:27 - 2016-02-08 19:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 16:27 - 2016-02-08 19:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 16:27 - 2016-02-08 19:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 16:27 - 2016-02-08 19:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 16:27 - 2016-02-08 19:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 16:27 - 2016-02-08 19:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 16:27 - 2016-02-08 19:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 16:27 - 2016-02-08 18:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 16:27 - 2016-02-04 19:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 16:27 - 2016-02-03 20:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 16:27 - 2016-02-03 20:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 16:27 - 2016-02-03 20:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 16:27 - 2016-02-03 20:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 16:27 - 2016-02-03 20:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 16:27 - 2016-01-11 21:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 16:27 - 2015-11-19 16:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 16:27 - 2015-11-19 16:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 16:26 - 2016-02-08 22:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 16:26 - 2016-02-08 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 16:26 - 2016-02-08 20:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 16:26 - 2016-02-08 19:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 16:24 - 2016-02-11 20:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 16:24 - 2016-02-11 20:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 16:24 - 2016-02-11 20:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 16:24 - 2016-02-11 20:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 16:24 - 2016-02-11 20:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 16:24 - 2016-02-11 20:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 16:24 - 2016-02-11 20:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 16:24 - 2016-02-11 20:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 16:24 - 2016-02-11 20:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 16:24 - 2016-02-11 20:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 16:24 - 2016-02-11 20:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 16:24 - 2016-02-11 20:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 16:24 - 2016-02-11 20:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 16:24 - 2016-02-11 20:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 16:23 - 2016-02-19 21:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 16:23 - 2016-02-19 20:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 16:23 - 2016-02-19 16:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 16:23 - 2016-02-11 20:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 16:23 - 2016-02-11 20:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 16:23 - 2016-02-11 20:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 16:23 - 2016-02-11 20:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 16:23 - 2016-02-11 20:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 16:23 - 2016-02-11 20:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 16:23 - 2016-02-11 20:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 16:23 - 2016-02-11 20:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 16:23 - 2016-02-11 20:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 16:23 - 2016-02-11 20:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 16:23 - 2016-02-11 20:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 16:23 - 2016-02-11 20:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 16:23 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 16:23 - 2016-02-11 20:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 16:23 - 2016-02-11 20:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 16:23 - 2016-02-11 20:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 16:23 - 2016-02-11 20:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 16:23 - 2016-02-11 20:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 16:23 - 2016-02-11 20:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 16:23 - 2016-02-11 20:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 16:23 - 2016-02-11 20:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 16:23 - 2016-02-11 20:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 16:23 - 2016-02-11 20:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 16:23 - 2016-02-11 20:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 16:23 - 2016-02-11 20:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 16:23 - 2016-02-11 20:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 16:23 - 2016-02-11 20:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 16:23 - 2016-02-11 20:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 20:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 19:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 16:23 - 2016-02-11 19:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 16:23 - 2016-02-11 19:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 16:23 - 2016-02-11 19:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 16:23 - 2016-02-11 19:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 16:23 - 2016-02-11 19:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 16:23 - 2016-02-11 19:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 16:23 - 2016-02-11 19:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 16:23 - 2016-02-11 19:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 16:23 - 2016-02-11 19:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 16:23 - 2016-02-11 19:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 16:23 - 2016-02-11 19:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 16:23 - 2016-02-11 19:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 16:23 - 2016-02-11 19:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 16:23 - 2016-02-11 19:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 19:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 19:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 19:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 16:23 - 2016-02-11 16:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 16:23 - 2016-02-09 11:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 16:23 - 2016-02-09 11:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 16:23 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 16:23 - 2016-02-09 11:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 16:23 - 2016-02-09 11:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 16:23 - 2016-02-09 11:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 16:23 - 2016-02-09 11:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 16:23 - 2016-02-09 11:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 16:23 - 2016-02-09 11:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 16:23 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 16:23 - 2016-02-09 11:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 16:23 - 2016-02-05 20:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 16:23 - 2016-02-05 20:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 16:23 - 2016-02-05 20:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 16:23 - 2016-02-05 20:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 16:23 - 2016-02-05 20:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 16:23 - 2016-02-05 20:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 16:23 - 2016-02-05 20:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 16:23 - 2016-02-05 19:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 16:23 - 2016-02-05 19:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 16:23 - 2016-02-05 19:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 16:23 - 2016-02-05 16:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 16:23 - 2016-02-05 16:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 16:23 - 2016-02-05 16:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 16:23 - 2016-02-05 03:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 16:23 - 2016-02-04 20:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-31 17:29 - 2015-07-08 09:33 - 00000000 ____D C:\FRST
2016-03-31 17:25 - 2014-11-05 15:21 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-03-31 17:24 - 2016-01-08 00:05 - 00003034 _____ C:\Windows\System32\Tasks\MSIAfterburner
2016-03-31 17:24 - 2014-09-29 09:28 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-31 17:24 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-31 14:59 - 2014-11-09 12:23 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\uTorrent
2016-03-31 14:34 - 2016-02-21 18:12 - 00015840 _____ C:\Users\Miroslav\Documents\Techagro 2016.veg
2016-03-31 14:02 - 2015-07-15 09:02 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-31 13:08 - 2009-07-14 06:45 - 00036560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-31 13:08 - 2009-07-14 06:45 - 00036560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-31 12:59 - 2011-03-04 11:41 - 02330704 _____ C:\Windows\system32\perfh015.dat
2016-03-31 12:59 - 2011-03-04 11:41 - 01682090 _____ C:\Windows\system32\perfc015.dat
2016-03-31 12:59 - 2011-03-04 11:18 - 05315902 _____ C:\Windows\system32\perfh005.dat
2016-03-31 12:59 - 2011-03-04 11:18 - 01712130 _____ C:\Windows\system32\perfc005.dat
2016-03-31 12:59 - 2009-07-14 07:13 - 00006266 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-31 07:00 - 2014-09-29 11:55 - 00000000 ____D C:\Users\Miroslav\AppData\Local\Adobe
2016-03-31 06:50 - 2009-07-14 06:45 - 05174400 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-30 19:10 - 2016-02-21 18:12 - 00015960 _____ C:\Users\Miroslav\Documents\Techagro 2016.veg.bak
2016-03-30 19:06 - 2014-09-29 09:36 - 00066088 _____ C:\Users\Miroslav\AppData\Local\GDIPFONTCACHEV1.DAT
2016-03-30 07:05 - 2014-11-20 19:36 - 00000000 ____D C:\ProgramData\Adobe
2016-03-30 06:50 - 2014-11-12 19:33 - 00000000 ____D C:\AdwCleaner
2016-03-29 20:24 - 2015-05-15 14:00 - 00000000 ____D C:\Users\Miroslav\AppData\Local\ElevatedDiagnostics
2016-03-29 20:13 - 2016-01-01 23:47 - 00000000 ____D C:\Users\Miroslav\AppData\Local\CrashDumps
2016-03-29 19:40 - 2014-09-29 09:37 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-29 19:36 - 2015-01-29 11:11 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-03-29 19:35 - 2015-01-29 11:13 - 00001037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-03-29 19:35 - 2014-09-29 11:57 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\Adobe
2016-03-29 19:33 - 2015-01-29 11:13 - 00001483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-03-29 19:28 - 2014-12-03 10:54 - 00000000 ____D C:\Windows\system32\appmgmt
2016-03-29 19:01 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2016-03-29 18:40 - 2014-11-12 18:08 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-03-29 18:39 - 2015-07-09 18:26 - 00001199 _____ C:\Users\Miroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-29 18:39 - 2015-07-09 18:26 - 00001191 _____ C:\Users\Miroslav\Desktop\Google Chrome.lnk
2016-03-29 18:39 - 2014-09-26 16:42 - 00000975 _____ C:\Users\Miroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-29 18:38 - 2014-09-29 09:14 - 00000000 ____D C:\Windows\Downloaded Installations
2016-03-29 18:20 - 2014-09-26 16:42 - 00000000 ____D C:\Users\Miroslav\AppData\Local\VirtualStore
2016-03-29 07:42 - 2015-09-17 23:24 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1610609173-1946185470-3874883686-1000Core.job
2016-03-28 23:25 - 2014-09-29 09:37 - 00000000 ____D C:\Users\Miroslav\AppData\Local\Google
2016-03-28 23:23 - 2015-12-25 20:04 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-24 18:02 - 2014-09-29 11:56 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-24 18:02 - 2014-09-29 11:56 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-24 18:02 - 2014-09-29 11:56 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-24 02:34 - 2015-04-05 20:42 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 02:34 - 2015-04-05 20:42 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-23 22:34 - 2014-09-29 09:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-21 14:21 - 2015-04-07 19:22 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-03-16 00:40 - 2015-02-12 22:41 - 00000000 ____D C:\Users\Miroslav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-03-16 00:31 - 2014-09-29 09:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-15 07:41 - 2009-07-14 07:08 - 00032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-13 21:13 - 2015-01-28 12:47 - 00010256 _____ C:\Users\Miroslav\Documents\unajz.veg
2016-03-13 18:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-03-13 10:57 - 2015-01-28 12:47 - 00015208 _____ C:\Users\Miroslav\Documents\unajz.veg.bak
2016-03-11 12:00 - 2014-11-06 20:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-09 16:38 - 2014-11-05 16:44 - 00000000 ____D C:\Windows\system32\MRT
2016-03-09 16:35 - 2014-12-11 10:15 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-09 16:35 - 2014-11-05 16:44 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-06 14:14 - 2015-01-16 20:50 - 00000000 ____D C:\ProgramData\tmp

==================== Files in the root of some directories =======

2016-03-30 18:20 - 2016-03-31 14:20 - 0000132 _____ () C:\Users\Miroslav\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2016-03-29 18:37 - 2016-03-29 18:37 - 6504960 _____ () C:\Users\Miroslav\AppData\Roaming\agent.dat
2015-06-18 13:36 - 2015-07-07 23:06 - 0000024 _____ () C:\Users\Miroslav\AppData\Roaming\appdataFr25.bin
2016-03-29 18:37 - 2016-03-29 18:37 - 0054272 _____ () C:\Users\Miroslav\AppData\Roaming\ApplicationHosting.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 0065424 _____ () C:\Users\Miroslav\AppData\Roaming\Config.xml
2016-03-29 18:37 - 2016-03-29 18:37 - 1626416 _____ () C:\Users\Miroslav\AppData\Roaming\Flextom.tst
2016-03-29 18:21 - 2016-03-29 18:21 - 0005120 _____ () C:\Users\Miroslav\AppData\Roaming\GiftBag.db
2016-03-29 18:36 - 2016-03-29 18:36 - 0166534 _____ () C:\Users\Miroslav\AppData\Roaming\inst.lat
2016-03-29 18:36 - 2016-03-29 18:36 - 0016992 _____ () C:\Users\Miroslav\AppData\Roaming\InstallationConfiguration.xml
2016-03-29 18:36 - 2016-03-29 18:36 - 0127488 _____ () C:\Users\Miroslav\AppData\Roaming\Installer.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 0072699 _____ () C:\Users\Miroslav\AppData\Roaming\Lamtom.tst
2016-03-29 18:37 - 2016-03-29 18:37 - 0126464 _____ () C:\Users\Miroslav\AppData\Roaming\lobby.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 0018432 _____ () C:\Users\Miroslav\AppData\Roaming\Main.dat
2016-03-29 18:37 - 2016-03-29 18:37 - 0005568 _____ () C:\Users\Miroslav\AppData\Roaming\md.xml
2016-03-29 18:37 - 2016-03-29 18:37 - 0126464 _____ () C:\Users\Miroslav\AppData\Roaming\noah.dat
2015-02-12 22:49 - 2015-02-12 22:49 - 0000044 _____ () C:\Users\Miroslav\AppData\Roaming\twow_sysprepdt.dat
2015-11-22 21:25 - 2015-11-22 21:25 - 0032038 _____ () C:\Users\Miroslav\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
2014-09-29 09:18 - 2014-09-29 09:18 - 0000003 _____ () C:\Users\Miroslav\AppData\Local\user_data.ini
2014-11-04 16:22 - 2014-11-04 16:22 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Miroslav\AppData\Local\Temp\libeay32.dll
C:\Users\Miroslav\AppData\Local\Temp\msvcr120.dll
C:\Users\Miroslav\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Miroslav\AppData\Local\Temp\sfareca00001.dll
C:\Users\Miroslav\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1610609173-1946185470-3874883686-1000Core.job => C:\Users\Miroslav\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Miroslav\Desktop" je 12 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: Prosím o kontrolu logu - nechtěné instalace

Napsal: 31 bře 2016 17:59
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start
AppInit_DLLs: C:\ProgramData\Ronzap\Rankex.dll => C:\ProgramData\Ronzap\Rankex.dll [363520 2016-03-29] ()
AppInit_DLLs-x32: C:\ProgramData\Ronzap\Xxx-find.dll => C:\ProgramData\Ronzap\Xxx-find.dll [257536 2016-03-29] ()
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
C:\ProgramData\Ronzap
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1610609173-1946185470-3874883686-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing
FF Extension: No Name - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [not found]
FF Extension: No Name - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\sepherdwilbur@aol.com [not found]
FF Extension: No Name - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\jid1-CxAfu9DDH0Q8gQ@jetpack [not found]
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... Z6QSUakfrS
CHR StartupUrls: Default -> "hxxp://www.google.cz/","hxxp://www.mystartsear ... CH8qC38qBE.."
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... PGNOIcI&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1610609173-1946185470-3874883686-1000Core.job
C:\ProgramData\DP45977C.lfl
C:\Users\Miroslav\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Prosím o kontrolu logu - nechtěné instalace

Napsal: 31 bře 2016 18:06
od Mion
Zde log:
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Miroslav (2016-03-31 19:02:31) Run:2
Running from C:\Users\Miroslav\Desktop
Loaded Profiles: Miroslav (Available Profiles: Miroslav)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
AppInit_DLLs: C:\ProgramData\Ronzap\Rankex.dll => C:\ProgramData\Ronzap\Rankex.dll [363520 2016-03-29] ()
AppInit_DLLs-x32: C:\ProgramData\Ronzap\Xxx-find.dll => C:\ProgramData\Ronzap\Xxx-find.dll [257536 2016-03-29] ()
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => No File
C:\ProgramData\Ronzap
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1610609173-1946185470-3874883686-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing
FF Extension: No Name - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [not found]
FF Extension: No Name - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\sepherdwilbur@aol.com [not found]
FF Extension: No Name - C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\jid1-CxAfu9DDH0Q8gQ@jetpack [not found]
CHR HomePage: Default -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F. ... Z6QSUakfrS
CHR StartupUrls: Default -> "hxxp://www.google.cz/","hxxp://www.mystartsear ... CH8qC38qBE.."
CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73 ... PGNOIcI&q={searchTerms}
CHR DefaultSearchKeyword: Default -> feed.sonic-search.com
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1610609173-1946185470-3874883686-1000Core.job
C:\ProgramData\DP45977C.lfl
C:\Users\Miroslav\AppData\Local\Temp
End
*****************

"C:\ProgramData\Ronzap\Rankex.dll" => Value data removed successfully.
"C:\ProgramData\Ronzap\Xxx-find.dll" => Value data removed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\.QMDeskTopGCIcon" => key removed successfully
HKCR\CLSID\{B7667919-3765-4815-A66D-98A09BE662D6} => key not found.

"C:\ProgramData\Ronzap" folder move:

Could not move "C:\ProgramData\Ronzap" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-1610609173-1946185470-3874883686-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com => path removed successfully
C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\sepherdwilbur@aol.com => path removed successfully
C:\Users\Miroslav\AppData\Roaming\Mozilla\Firefox\Profiles\1kb7q2hc.default\extensions\jid1-CxAfu9DDH0Q8gQ@jetpack => path removed successfully
Chrome HomePage => removed successfully
Chrome StartupUrls => removed successfully
Chrome DefaultSearchURL => removed successfully
Chrome DefaultSearchKeyword => removed successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1610609173-1946185470-3874883686-1000Core.job => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully

"C:\Users\Miroslav\AppData\Local\Temp" folder move:

Could not move "C:\Users\Miroslav\AppData\Local\Temp" => Scheduled to move on reboot.


Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-03-31 19:05:12)

C:\ProgramData\Ronzap => Is moved successfully
C:\Users\Miroslav\AppData\Local\Temp => moved successfully

==== End of Fixlog 19:05:12 ====

Re: Prosím o kontrolu logu - nechtěné instalace

Napsal: 31 bře 2016 18:32
od Rudy
Smazáno. Nastala nějaká změna?

Re: Prosím o kontrolu logu - nechtěné instalace

Napsal: 31 bře 2016 20:07
od Mion
Ano, vše se zdá být v pořádku, už i z Chromu zmizel vyhledávač SnapDo. Děkuji za pomoc.

Re: Prosím o kontrolu logu - nechtěné instalace

Napsal: 31 bře 2016 20:16
od Rudy
OK, rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz